Hallo an alle!
Ich bitte euch um Hilfe und erwähne sofort, dass ich absolut keine Ahnung vom Innenleben eines PC's habe, daher ersuche ich euch, falls mir jemand hilft, um absolut idiotensichere Erklärungen.
Mein Problem: Ich fand gestern mit Avira den Virus EXP/JAVA.Vedenbi.Gen und habe ihn in Quarantäne geschickt. Beim darauffolgenden Suchlauf wurde weder von Avira noch von Ad Aware mehr etwas gefunden. Seither habe ich aber 14 Warnungen. Kann das was mit dem Virus zu tun haben? Ich hatte noch nie mehr als 2 Warnungen. Weiters ist mir seit geraumer Zeit aufgefallen, dass der Bootvorgang immer länger dauert. Kann das auch mit dem Virus zu tun haben oder versteckt sich da noch irgendwo etwas?

Zitat:

Seither habe ich aber 14 Warnungen. Kann das was mit dem Virus zu tun haben? Ich hatte noch nie mehr als 2 Warnungen.

Du hast das AntIVir-Log nicht gepostet, keiner weiß dadurch was für Warnungen sein sollen und dementsprechend ist KEINE Aussage dazu möglich

Hallo Arne,
danke dass du dir mein Probelm anschauen willst.
Hier das Antivir-Log:

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 24. Mai 2012 09:32

Es wird nach 3743776 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Microsoft Windows XP
Windowsversion : (Service Pack 3) [5.1.2600]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : ACER
Versionsinformationen:
BUILD.DAT : 12.0.0.1125 41829 Bytes 02.05.2012 16:34:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 08.05.2012 17:03:25
AVSCAN.DLL : 12.3.0.15 66256 Bytes 08.05.2012 17:03:25
LUKE.DLL : 12.3.0.15 68304 Bytes 08.05.2012 17:03:26
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 08.05.2012 17:03:26
AVREG.DLL : 12.3.0.17 232200 Bytes 10.05.2012 17:02:54
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 09:49:21
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 06:56:15
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 06:56:21
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 06:59:15
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 06:59:40
VBASE005.VDF : 7.11.29.136 2166272 Bytes 10.05.2012 17:02:52
VBASE006.VDF : 7.11.29.137 2048 Bytes 10.05.2012 17:02:52
VBASE007.VDF : 7.11.29.138 2048 Bytes 10.05.2012 17:02:52
VBASE008.VDF : 7.11.29.139 2048 Bytes 10.05.2012 17:02:52
VBASE009.VDF : 7.11.29.140 2048 Bytes 10.05.2012 17:02:52
VBASE010.VDF : 7.11.29.141 2048 Bytes 10.05.2012 17:02:52
VBASE011.VDF : 7.11.29.142 2048 Bytes 10.05.2012 17:02:52
VBASE012.VDF : 7.11.29.143 2048 Bytes 10.05.2012 17:02:52
VBASE013.VDF : 7.11.29.144 2048 Bytes 10.05.2012 17:02:52
VBASE014.VDF : 7.11.30.3 198144 Bytes 14.05.2012 17:03:50
VBASE015.VDF : 7.11.30.69 186368 Bytes 17.05.2012 06:49:36
VBASE016.VDF : 7.11.30.143 223744 Bytes 21.05.2012 05:32:03
VBASE017.VDF : 7.11.30.207 287744 Bytes 23.05.2012 05:32:56
VBASE018.VDF : 7.11.30.208 2048 Bytes 23.05.2012 05:32:57
VBASE019.VDF : 7.11.30.209 2048 Bytes 23.05.2012 05:32:57
VBASE020.VDF : 7.11.30.210 2048 Bytes 23.05.2012 05:32:57
VBASE021.VDF : 7.11.30.211 2048 Bytes 23.05.2012 05:32:57
VBASE022.VDF : 7.11.30.212 2048 Bytes 23.05.2012 05:32:57
VBASE023.VDF : 7.11.30.213 2048 Bytes 23.05.2012 05:32:57
VBASE024.VDF : 7.11.30.214 2048 Bytes 23.05.2012 05:32:58
VBASE025.VDF : 7.11.30.215 2048 Bytes 23.05.2012 05:32:58
VBASE026.VDF : 7.11.30.216 2048 Bytes 23.05.2012 05:32:58
VBASE027.VDF : 7.11.30.217 2048 Bytes 23.05.2012 05:32:59
VBASE028.VDF : 7.11.30.218 2048 Bytes 23.05.2012 05:32:59
VBASE029.VDF : 7.11.30.219 2048 Bytes 23.05.2012 05:32:59
VBASE030.VDF : 7.11.30.220 2048 Bytes 23.05.2012 05:32:59
VBASE031.VDF : 7.11.30.222 2048 Bytes 23.05.2012 05:32:59
Engineversion : 8.2.10.68
AEVDF.DLL : 8.1.2.2 106868 Bytes 31.01.2012 06:55:38
AESCRIPT.DLL : 8.1.4.19 455034 Bytes 11.05.2012 17:03:55
AESCN.DLL : 8.1.8.2 131444 Bytes 20.04.2012 07:00:09
AESBX.DLL : 8.2.5.5 606579 Bytes 20.04.2012 07:00:11
AERDL.DLL : 8.1.9.15 639348 Bytes 31.01.2012 06:55:37
AEPACK.DLL : 8.2.16.13 807287 Bytes 11.05.2012 17:03:54
AEOFFICE.DLL : 8.1.2.28 201082 Bytes 27.04.2012 06:59:09
AEHEUR.DLL : 8.1.4.28 4800886 Bytes 18.05.2012 06:49:46
AEHELP.DLL : 8.1.21.0 254326 Bytes 11.05.2012 17:03:45
AEGEN.DLL : 8.1.5.28 422260 Bytes 27.04.2012 06:58:59
AEEXP.DLL : 8.1.0.40 82292 Bytes 18.05.2012 06:49:47
AEEMU.DLL : 8.1.3.0 393589 Bytes 31.01.2012 06:55:34
AECORE.DLL : 8.1.25.6 201078 Bytes 20.04.2012 06:59:54
AEBB.DLL : 8.1.1.0 53618 Bytes 31.01.2012 06:55:33
AVWINLL.DLL : 12.3.0.15 27344 Bytes 08.05.2012 17:03:25
AVPREF.DLL : 12.3.0.15 51920 Bytes 08.05.2012 17:03:25
AVREP.DLL : 12.3.0.15 179208 Bytes 08.05.2012 17:03:26
AVARKT.DLL : 12.3.0.15 211408 Bytes 08.05.2012 17:03:25
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 08.05.2012 17:03:25
SQLITE3.DLL : 3.7.0.1 398288 Bytes 08.05.2012 17:03:26
AVSMTP.DLL : 12.3.0.15 63440 Bytes 08.05.2012 17:03:25
NETNT.DLL : 12.3.0.15 17104 Bytes 08.05.2012 17:03:26
RCIMAGE.DLL : 12.3.0.15 4447952 Bytes 08.05.2012 17:03:25
RCTEXT.DLL : 12.3.0.15 98512 Bytes 08.05.2012 17:03:25

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: c:\programme\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Donnerstag, 24. Mai 2012 09:32

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD2
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD3
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD4
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'rsmsink.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'logon.scr' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'msdtc.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'AAWTray.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'alg.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiapsrv.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'Acer.Empowering.Framework.Launcher.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleToolbarNotifier.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'msmsgs.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'WN311B.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'qttask.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'AspireService.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'eRAgent.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOUNDMAN.EXE' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLSched.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPortal.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'mdm.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'jqs.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMLServer.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLCapSvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'MemCheck.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'MediaServerService.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'AAWService.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '171' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2100' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <ACER>
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\0\3d049340-79d8d3ec-4.0.29.0--temp
[WARNUNG] Unerwartetes Dateiende erreicht
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\40\34f5f568-25189608-temp
[WARNUNG] Unerwartetes Dateiende erreicht
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\40\34f5f568-3f917f9e-temp
[WARNUNG] Unerwartetes Dateiende erreicht
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\40\34f5f568-5d6a80c0-temp
[WARNUNG] Unerwartetes Dateiende erreicht
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\60\5d2564fc-77fe6e5e-temp
[WARNUNG] Unerwartetes Dateiende erreicht
C:\Dokumente und Einstellungen\Harald\Eigene Dateien\Neuer Ordner (2)\avira_free_antivirus_de.exe
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Anwendungsdaten\Solid State Networks\Host.330347e7b32fd5e52eaeae4e81faa2ea8726f8c4\downloader.bundle
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Anwendungsdaten\Solid State Networks\Host.330347e7b32fd5e52eaeae4e81faa2ea8726f8c4\launcher.bundle
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\bH2Cwa0J.exe.part
[WARNUNG] Unerwartetes Dateiende erreicht
C:\RECYCLER\S-1-5-21-4176108125-2712142671-340414201-1006\Dc921.7z
[WARNUNG] Die Komprimierungsmethode wird nicht unterstützt
C:\RECYCLER\S-1-5-21-4176108125-2712142671-340414201-1006\Dc922.7z
[WARNUNG] Die Komprimierungsmethode wird nicht unterstützt
C:\RECYCLER\S-1-5-21-4176108125-2712142671-340414201-1006\Dc926.exe
[WARNUNG] Unerwartetes Dateiende erreicht
C:\System Volume Information\_restore{1107CD76-A604-490C-8000-52E48BD8A404}\RP1349\A0565345.exe
[WARNUNG] Die Datei ist kennwortgeschützt
C:\System Volume Information\_restore{1107CD76-A604-490C-8000-52E48BD8A404}\RP1349\A0565348.exe
[WARNUNG] Die Datei ist kennwortgeschützt
Beginne mit der Suche in 'D:\' <ACERDATA>


Ende des Suchlaufs: Donnerstag, 24. Mai 2012 10:31
Benötigte Zeit: 58:50 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

9445 Verzeichnisse wurden überprüft
401815 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
401815 Dateien ohne Befall
17190 Archive wurden durchsucht
14 Warnungen
0 Hinweise
455531 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden

Danke im Voraus für deine Hilfe

Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code: Alles auswählenAufklappen

ATTFilter

 hier steht das Log
         

Alles klar, danke für die Anleitung


Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.05.27.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Harald :: ACER[Administrator]

27.05.2012 10:58:14
mbam-log-2012-05-27 (10-58-14).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 291222
Laufzeit: 51 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Programme\Registry Doktor 2009 (Rogue.RegistryDoctor) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 2
C:\RECYCLER\S-1-5-21-4176108125-2712142671-340414201-1006\Dc931.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Programme\Registry Doktor 2009\R_DSchedule.txt (Rogue.RegistryDoctor) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=dd7052002b5ec849a84c3965d37d667a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-27 03:38:49
# local_time=2012-05-27 05:38:49 (+0100, Westeuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1792 16777191 100 0 3224971 3224971 0 0
# compatibility_mode=8192 67108863 100 0 328 328 0 0
# scanned=74336
# found=0
# cleaned=0
# scan_time=3107

Gruß
Barbara

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Hallo,
funktioniert alles normal und mir fehlt auch nichts
Gruß
Barbara

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code: Alles auswählenAufklappen

ATTFilter

 hier steht das Log
         

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Starte bitte die OTL.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Setze oben mittig den Haken bei Scanne alle Benutzer
• Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code: Alles auswählenAufklappen

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         

• Schliesse bitte nun alle Programme. (Wichtig)
• Klicke nun bitte auf den Quick Scan Button.
• Klick auf .
• Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 29.05.2012 14:36:24 - Run 1
OTL by OldTimer - Version 3.2.44.0     Folder = C:\Dokumente und Einstellungen\Harald\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
1,50 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 71,38% Memory free
2,85 Gb Paging File | 2,25 Gb Available in Paging File | 78,72% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 146,36 Gb Total Space | 120,70 Gb Free Space | 82,47% Space Free | Partition Type: NTFS
Drive D: | 146,81 Gb Total Space | 145,39 Gb Free Space | 99,03% Space Free | Partition Type: FAT32
Drive E: | 3,59 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive Z: | 931,19 Gb Total Space | 449,52 Gb Free Space | 48,27% Space Free | Partition Type: NTFS
 
Computer Name: ACER-75EEBC93E0 | User Name: Harald | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.29 14:32:50 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Harald\Desktop\OTL.exe
PRC - [2012.05.08 19:03:26 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 19:03:25 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 19:03:25 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 19:03:25 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.08 00:31:08 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe
PRC - [2012.04.05 12:34:26 | 001,529,152 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.04.05 12:34:26 | 001,220,928 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.01.31 15:43:34 | 000,048,128 | ---- | M] (FS) -- C:\Programme\FS\Spyro Portal\FlashPortal.exe
PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.10.27 19:54:27 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011.10.27 19:54:25 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.02.13 17:02:18 | 001,138,688 | ---- | M] ( ) -- C:\Programme\NETGEAR\WN311B\Utility\WN311B.exe
PRC - [2006.06.09 12:24:18 | 000,110,592 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Acer eMode Management\AspireService.exe
PRC - [2006.06.01 14:40:54 | 000,413,696 | ---- | M] (Acer Inc.) -- C:\acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2006.05.11 13:00:24 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
PRC - [2006.05.04 14:53:36 | 000,438,272 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Acer eConsole\MediaServerService.exe
PRC - [2006.03.29 21:50:52 | 000,114,784 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
PRC - [2006.03.29 21:50:50 | 000,266,338 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
PRC - [2006.03.29 21:50:20 | 001,073,152 | ---- | M] (Cyberlink) -- C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
PRC - [2006.03.29 20:53:34 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2005.09.22 17:42:00 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.12 13:07:13 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\7861cd979ea5db3fb7d30ed94fb0edd2\System.Web.ni.dll
MOD - [2012.05.12 13:07:03 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8dc4a28c456f81ee7399da21bd9d55aa\System.ServiceProcess.ni.dll
MOD - [2012.05.12 13:05:43 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.12 13:05:35 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012.05.12 12:31:54 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.12 12:31:48 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\995fcf39ead2c2a53e084505c2c67d49\System.Windows.Forms.ni.dll
MOD - [2012.05.12 12:31:34 | 001,591,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8ca00132a08c69697adf1cda32ebd835\System.Drawing.ni.dll
MOD - [2012.05.12 12:29:54 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.12 12:29:42 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.05.12 12:28:58 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.05.08 19:03:26 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.04.12 20:35:03 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_449375a1\system.drawing.dll
MOD - [2012.04.12 20:34:58 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ce86bb86\system.windows.forms.dll
MOD - [2012.04.12 20:34:44 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012.03.28 08:24:28 | 003,417,376 | ---- | M] () -- c:\Programme\Gemeinsame Dateien\Akamai\netsession_win_6c825ce.dll
MOD - [2012.02.05 13:41:50 | 000,181,616 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MOD - [2012.02.05 13:41:48 | 000,210,288 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MOD - [2012.01.09 08:04:55 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1efe84e3\mscorlib.dll
MOD - [2012.01.09 08:04:36 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_186b92ef\system.xml.dll
MOD - [2012.01.08 21:17:26 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_49adc62f\system.dll
MOD - [2012.01.08 21:17:19 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012.01.08 21:17:16 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011.11.03 16:02:24 | 000,142,336 | ---- | M] () -- C:\Programme\FS\Spyro Portal\SpyroLibrary.dll
MOD - [2011.09.08 19:58:43 | 000,430,568 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\VipreBridge.dll
MOD - [2011.09.08 19:58:39 | 000,589,184 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\RPAPI.dll
MOD - [2011.09.08 19:57:59 | 000,508,776 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft\Ad-Aware\Defs\thorax.aaw
MOD - [2011.08.18 15:25:12 | 000,308,560 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\Vipre.dll
MOD - [2009.11.23 14:14:48 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3321.40301__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:48 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3321.40319__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.11.23 14:14:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.11.23 14:14:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3321.40308__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:48 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.11.23 14:14:48 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.11.23 14:14:48 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3321.40422__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.11.23 14:14:48 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.11.23 14:14:47 | 001,691,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3321.40317__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.11.23 14:14:47 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3321.40369__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2009.11.23 14:14:47 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3321.40399__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.11.23 14:14:47 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3321.40384__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2009.11.23 14:14:47 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3321.40378__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:47 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3321.40308__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:47 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3321.40357__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:47 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:46 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:46 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3321.40400__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:46 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3321.40318__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.11.23 14:14:46 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3321.40362__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:46 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3321.40318__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:45 | 000,671,744 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3321.40415__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:45 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3321.40415__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:44 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3321.40346__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:44 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3321.40372__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.11.23 14:14:43 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3321.40380__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:43 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3321.40310__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:43 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:43 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:43 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:43 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3321.40345__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:43 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3321.40324__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:43 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:42 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3321.40359__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:42 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3321.40340__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:42 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.11.23 14:14:42 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:42 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:42 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3321.40355__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.11.23 14:14:41 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.11.23 14:14:41 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.11.23 14:14:41 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.11.23 14:14:41 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009.11.23 14:14:41 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.11.23 14:14:41 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.11.23 14:14:41 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.11.23 14:14:41 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.11.23 14:14:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.11.23 14:14:40 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.11.23 14:14:39 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.11.23 14:14:39 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.11.23 14:14:39 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.11.23 14:14:39 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.11.23 14:14:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.11.23 14:14:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2009.11.23 14:14:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.11.23 14:14:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.11.23 14:14:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.11.23 14:14:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.11.23 14:14:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.11.23 14:14:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.11.23 14:14:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.11.23 14:14:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.11.23 14:14:38 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.11.23 14:14:38 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3294.18797__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2009.11.23 14:14:38 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.11.23 14:14:38 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.11.23 14:14:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3294.18759__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.11.23 14:14:38 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.11.23 14:14:38 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3321.40431__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009.11.23 14:14:37 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3321.40409__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.11.23 14:14:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.11.23 14:14:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.11.23 14:14:37 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.11.23 14:14:36 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3321.40393__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.11.23 14:14:36 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3321.40391__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.11.23 14:14:36 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.11.23 14:14:36 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.11.23 14:14:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009.11.23 14:14:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.11.23 14:14:36 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.11.23 14:14:36 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.11.23 14:14:36 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3321.40297__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.11.23 14:14:35 | 000,540,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3321.40387__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.11.23 14:14:35 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.11.23 14:14:35 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3321.40298__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.11.23 14:14:35 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3321.40300__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.11.23 14:14:35 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.11.23 14:14:35 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.11.23 14:14:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.11.23 14:14:34 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3321.40305__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.11.23 14:14:34 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3321.40299__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.11.23 14:14:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.11.23 14:14:34 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.11.23 14:14:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3321.40392__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.11.23 14:14:34 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.11.23 14:14:33 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3321.40298__90ba9c70f846762e\APM.Server.dll
MOD - [2009.11.23 14:14:33 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3321.40297__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.10.30 15:39:12 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.04.14 07:52:18 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.04.02 18:19:22 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2007.01.18 10:29:22 | 000,102,400 | ---- | M] () -- C:\WINDOWS\system32\ASupplicant.dll
MOD - [2006.05.19 16:09:40 | 000,352,256 | ---- | M] () -- C:\acer\Empowering Technology\eRecovery\it41.dll
MOD - [2006.05.15 22:11:16 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2006.05.15 22:11:16 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2006.05.15 22:11:16 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2006.05.15 22:11:16 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll
MOD - [2006.05.15 22:10:18 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2006.05.15 22:10:18 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll
MOD - [2006.05.15 22:10:18 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\system.serviceprocess.resources\1.0.5000.0_de_b03f5f7f11d50a3a\system.serviceprocess.resources.dll
MOD - [2006.05.04 14:50:54 | 000,151,552 | ---- | M] () -- C:\Programme\Acer\Acer eConsole\MediaUtil.dll
MOD - [2006.05.04 14:47:50 | 000,737,280 | ---- | M] () -- C:\Programme\Acer\Acer eConsole\log4cxx.dll
MOD - [2006.03.29 21:50:52 | 000,114,784 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
MOD - [2006.03.29 21:50:50 | 000,266,338 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
MOD - [2006.03.29 21:50:42 | 000,225,384 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLCapEngine.dll
MOD - [2006.03.29 21:50:42 | 000,065,634 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLSchMgr.dll
MOD - [2006.03.29 21:50:42 | 000,032,768 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvcps.dll
MOD - [2006.01.12 09:33:34 | 000,212,992 | ---- | M] () -- C:\acer\Empowering Technology\eRecovery\imagefile.dll
MOD - [2002.11.26 13:43:18 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\BrMuSNMP.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.05.08 19:03:26 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 19:03:25 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.05 09:24:31 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.03 07:50:06 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.05 12:34:26 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.03.28 08:24:28 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\programme\gemeinsame dateien\akamai/netsession_win_6c825ce.dll -- (Akamai)
SRV - [2012.01.31 15:43:34 | 000,048,128 | ---- | M] (FS) [Auto | Running] -- C:\Programme\FS\Spyro Portal\FlashPortal.exe -- (SpyroService)
SRV - [2011.10.27 19:54:25 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.04.14 07:52:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008.04.14 07:52:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008.04.14 07:52:40 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008.04.14 07:52:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008.04.14 07:52:16 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008.04.14 07:52:08 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2006.05.04 14:53:36 | 000,438,272 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Programme\Acer\Acer eConsole\MediaServerService.exe -- (Acer Media Server)
SRV - [2006.03.29 21:50:52 | 000,114,784 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2006.03.29 21:50:50 | 000,266,338 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006.03.29 21:50:20 | 001,073,152 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2006.03.29 20:53:34 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zd1211u.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zd1211Bu.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva394.sys -- (XDva394)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\Harald\LOKALE~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.05.08 19:03:26 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 19:03:26 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.03.29 16:32:12 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.09.16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.08.18 15:25:12 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2011.08.18 15:25:12 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.07.13 17:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2009.02.04 09:27:20 | 003,488,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.10.31 20:52:16 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.04.14 07:32:18 | 000,120,576 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008.04.14 07:28:20 | 000,154,112 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008.04.14 07:28:14 | 000,800,384 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008.04.14 00:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2007.08.08 18:54:10 | 000,028,968 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2006.10.12 16:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wn311b.sys -- (BCM43XX)
DRV - [2006.09.29 19:49:06 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006.03.03 13:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.03.03 13:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005.09.22 17:34:00 | 003,727,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.08.12 15:31:12 | 000,098,432 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2005.03.09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
DRV - [2004.08.04 06:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004.08.04 06:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004.08.04 06:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004.08.04 06:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2002.04.11 17:43:44 | 000,016,194 | ---- | M] (AMBIT Microsystems Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\AWINDIS5.SYS -- (AWINDIS5)
DRV - [2001.08.17 14:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
 
IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..\SearchScopes,DefaultScope = {76070548-D27D-49E2-AE55-B929389AAAFF}
IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..\SearchScopes\{76070548-D27D-49E2-AE55-B929389AAAFF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=
IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://at.msn.com/?ocid=iefvrt"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.05.03 07:50:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.09.04 08:35:54 | 000,000,000 | ---D | M]
 
[2009.04.22 17:21:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Extensions
[2012.05.02 15:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions
[2011.09.30 19:52:28 | 000,000,000 | ---D | M] () -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2010.05.10 08:38:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.03.19 11:37:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.05.03 07:50:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.02.18 14:38:45 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.01 21:48:09 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.01 21:48:09 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.10.01 21:48:09 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.01 21:48:09 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.01 21:48:09 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.01 21:48:09 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.04.16 16:21:06 | 000,305,232 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	123haustiereundmehr.com
O1 - Hosts: 10508 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O4 - HKLM..\Run: [AS00_WN311B] C:\Programme\NETGEAR\WN311B\Utility\WN311B.exe ( )
O4 - HKLM..\Run: [AspireService] C:\Programme\Acer\Acer eMode Management\AspireService.exe (Acer Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [eRecoveryService] C:\acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\.DEFAULT..\RunOnce: [AutoLaunch] C:\Programme\Lavasoft\Ad-Aware\AutoLaunch.exe ()
O4 - HKU\S-1-5-18..\RunOnce: [AutoLaunch] C:\Programme\Lavasoft\Ad-Aware\AutoLaunch.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acer Empowering Technology.lnk = C:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00  [binary data]
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: //@install.mar@ ([]msni in My Computer)
O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: //@mail.mar@ ([]msni in Local intranet)
O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229084475500 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7BD96D4-BF78-4A87-B09B-311AC4B0F0E5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA6412CF-EB72-45D3-ADB1-D80B60595D34}: NameServer = 10.0.0.254
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.05.15 22:13:38 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell - "" = AutoRun
O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell\AutoRun\command - "" = J:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Acrobat Assistant.lnk - C:\Programme\Adobe\Acrobat 5.0\Distillr\AcroTray.exe - (Adobe Systems Inc.)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk - C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Synchronizer.lnk - C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - ()
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^AOL 9.0 Tray-Symbol.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Ashampoo AntiVirus Service.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
MsConfig - StartUpReg: Acer Empowering Technology Monitor - hkey= - key= -  File not found
MsConfig - StartUpReg: AOLDialer - hkey= - key= -  File not found
MsConfig - StartUpReg: BrMfcWnd - hkey= - key= - C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
MsConfig - StartUpReg: ControlCenter3 - hkey= - key= - C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
MsConfig - StartUpReg: GameXN (news) - hkey= - key= -  File not found
MsConfig - StartUpReg: GameXN (update) - hkey= - key= -  File not found
MsConfig - StartUpReg: IMJPMIG8.1 - hkey= - key= - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
MsConfig - StartUpReg: IndexSearch - hkey= - key= - C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: ISTray - hkey= - key= -  File not found
MsConfig - StartUpReg: LaunchApp - hkey= - key= - C:\WINDOWS\Alaunch.exe (Acer Inc.)
MsConfig - StartUpReg: MediaSync - hkey= - key= - C:\Programme\Acer\Acer eConsole\MediaSync.exe (Acer Inc.)
MsConfig - StartUpReg: MSPY2002 - hkey= - key= -  File not found
MsConfig - StartUpReg: ntiMUI - hkey= - key= - c:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe ()
MsConfig - StartUpReg: PaperPort PTD - hkey= - key= - C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: PCMService - hkey= - key= - C:\Program Files\Acer TV-FM\PCMService.exe (CyberLink Corp.)
MsConfig - StartUpReg: PHIME2002A - hkey= - key= -  File not found
MsConfig - StartUpReg: PHIME2002ASync - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Computer, Inc.)
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Programme\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: Skype - hkey= - key= -  File not found
MsConfig - StartUpReg: SSBkgdUpdate - hkey= - key= - C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - 
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp -  File not found
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.29 14:32:50 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Harald\Desktop\OTL.exe
[2012.05.27 16:41:35 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.05.27 10:56:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Malwarebytes
[2012.05.27 10:55:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.05.27 10:55:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.05.27 10:55:56 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.05.27 10:55:56 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.05.26 19:45:23 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012.05.26 19:45:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012
[2012.05.26 19:45:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\TuneUp Software
[2012.05.26 19:44:50 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012
[2012.05.26 19:44:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.05.26 19:43:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.05.26 19:43:33 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.05.24 15:33:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Harald\Eigene Dateien\gmer
[2012.05.24 15:05:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
[2012.05.24 15:05:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Harald\Desktop\7-Zip
[2012.05.24 10:49:33 | 000,607,260 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\Harald\Desktop\dds.com
[2012.05.16 15:33:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BigFishGamesCache
[2012.05.03 07:50:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla
[2012.05.03 07:50:09 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service
[2 C:\Dokumente und Einstellungen\Harald\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Harald\Eigene Dateien\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.29 14:32:50 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Harald\Desktop\OTL.exe
[2012.05.29 14:24:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.05.29 13:20:25 | 000,000,484 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.05.29 13:19:29 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.05.29 13:19:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.05.29 13:19:19 | 1609,093,120 | -HS- | M] () -- C:\hiberfil.sys
[2012.05.29 13:19:17 | 000,604,989 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2012.05.27 19:52:36 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012.05.27 19:52:36 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012.05.27 10:55:57 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.26 19:45:20 | 000,001,715 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.05.26 19:45:20 | 000,001,711 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.05.24 15:53:09 | 000,064,844 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald\Desktop\gmer1.zip
[2012.05.24 15:40:23 | 000,045,126 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald\Eigene Dateien\gmer.7z
[2012.05.24 15:11:52 | 000,000,144 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald\Desktop\Anhänge verwalten - Trojaner-Board.URL
[2012.05.24 11:06:36 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald\Desktop\fwnxi4l8.exe
[2012.05.24 10:49:34 | 000,607,260 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\Harald\Desktop\dds.com
[2012.05.24 10:44:48 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald\defogger_reenable
[2012.05.24 10:37:57 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.05.16 11:09:45 | 000,000,040 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\_rgpl
[2012.05.16 11:04:37 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2012.05.12 12:34:13 | 000,246,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.12 12:29:15 | 000,461,100 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.05.12 12:29:15 | 000,443,038 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.05.12 12:29:15 | 000,085,832 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.05.12 12:29:15 | 000,072,304 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.05.12 12:26:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.05.08 19:03:26 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.05.08 19:03:26 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2 C:\Dokumente und Einstellungen\Harald\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Harald\Eigene Dateien\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.27 10:55:57 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.05.26 19:45:20 | 000,001,717 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2012.05.26 19:45:20 | 000,001,715 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.05.26 19:45:20 | 000,001,711 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.05.24 15:53:09 | 000,064,844 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald\Desktop\gmer1.zip
[2012.05.24 15:38:13 | 000,045,126 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald\Eigene Dateien\gmer.7z
[2012.05.24 15:11:52 | 000,000,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald\Desktop\Anhänge verwalten - Trojaner-Board.URL
[2012.05.24 11:06:35 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald\Desktop\fwnxi4l8.exe
[2012.05.24 10:44:48 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald\defogger_reenable
[2012.05.16 11:09:45 | 000,000,040 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\_rgpl
[2012.03.02 13:23:05 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2012.02.15 08:09:16 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.11 19:53:26 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.09.11 19:53:26 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
 
========== LOP Check ==========
 
[2012.05.26 19:43:33 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2006.10.05 16:12:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eConsole
[2008.04.09 20:46:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\m2backup
[2008.04.09 20:46:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mquadr.at
[2007.05.04 22:08:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NtiDvdCopy
[2008.04.16 22:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2009.04.06 20:48:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012.05.26 19:45:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2006.09.29 19:49:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2012.05.26 19:43:33 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.02.07 13:42:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\.minecraft
[2009.04.06 15:36:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Auslogics
[2011.10.29 09:57:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\cerasus.media
[2012.03.22 15:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\FOG Downloader
[2008.02.01 18:24:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\InterTrust
[2008.04.09 20:46:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\mquadr.at
[2012.03.19 15:07:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sony Online Entertainment
[2009.02.27 21:45:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\SPAMfighter
[2012.05.26 19:45:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\TuneUp Software
[2008.11.13 16:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Viewpoint
[2012.05.29 13:20:25 | 000,000,484 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.02.07 13:42:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\.minecraft
[2008.04.22 21:17:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Adobe
[2006.10.31 10:14:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\AdobeUM
[2009.04.16 19:43:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\AOL
[2009.11.23 14:27:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\ATI
[2009.04.06 15:36:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Auslogics
[2012.04.20 09:02:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Avira
[2008.06.12 17:10:52 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Brother
[2011.10.29 09:57:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\cerasus.media
[2008.01.14 19:20:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\CyberLink
[2012.03.22 15:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\FOG Downloader
[2008.04.17 19:07:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Google
[2008.04.13 19:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Help
[2006.09.12 01:25:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Identities
[2008.04.16 22:13:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\InstallShield
[2008.02.01 18:24:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\InterTrust
[2008.04.04 17:10:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Macromedia
[2012.05.27 10:56:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Malwarebytes
[2012.03.24 14:48:41 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Microsoft
[2009.04.22 17:21:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla
[2008.04.09 20:46:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\mquadr.at
[2012.05.16 07:07:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Skype
[2011.09.27 16:05:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\skypePM
[2012.03.19 15:07:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sony Online Entertainment
[2009.02.27 21:45:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\SPAMfighter
[2008.09.06 10:58:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun
[2012.05.26 19:45:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\TuneUp Software
[2008.11.13 16:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Viewpoint
[2006.09.29 19:49:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\You've Got Pictures Screensaver
 
< %APPDATA%\*.exe /s >
[2006.09.29 20:24:44 | 000,032,768 | R--- | M] () -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Microsoft\Installer\{4CB85172-FE20-4922-9190-4E45D8E5500A}\_E8403F91F070_48C9_B83F_3EECABD028C2.exe
[2009.11.23 14:12:28 | 000,009,158 | R--- | M] () -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
[2007.12.22 13:24:56 | 000,028,672 | R--- | M] () -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Microsoft\Installer\{8FFBF26D-1938-4514-A276-DC18BED89887}\_CAAA66822132_46B4_AE7F_B4EBCFFCCEEB.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2004.08.04 06:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys
[2004.08.04 06:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 06:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys
[2004.08.04 06:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 06:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: NVATABUS.SYS  >
[2005.08.12 15:31:12 | 000,098,432 | ---- | M] (NVIDIA Corporation) MD5=11D1AD7E946538E02F9EF6A6E1792061 -- C:\WINDOWS\OemDir\nvatabus.sys
[2005.08.12 15:31:12 | 000,098,432 | ---- | M] (NVIDIA Corporation) MD5=11D1AD7E946538E02F9EF6A6E1792061 -- C:\WINDOWS\system32\drivers\nvatabus.sys
[2006.03.16 16:51:32 | 000,099,840 | ---- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\drv\raid\NVATABUS.SYS
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 06:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2004.08.04 06:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll
[2007.03.08 17:48:39 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2011.10.06 20:11:56 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 06:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004.08.04 06:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 06:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 06:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.05.15 22:51:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006.05.15 22:51:26 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.05.15 22:51:26 | 000,450,560 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\Dokumente und Einstellungen\Harald\Eigene Dateien\Stellungnahme RW 100408.pdf:SummaryInformation
@Alternate Data Stream - 116 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >
         

Entschuldige dass ich das mit der Code Box nicht mitbekommen habe,
ich hoffe, dass ich das so richtig gemacht habe

Gruß
Barbara

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code: Alles auswählenAufklappen

ATTFilter

:OTL
FF - user.js - File not found
[2010.05.10 08:38:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
O3 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00  [binary data]
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.05.15 22:13:38 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell - "" = AutoRun
O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell\AutoRun\command - "" = J:\LGAutoRun.exe
@Alternate Data Stream - 116 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
         

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Alles erledigt

Code: Alles auswählenAufklappen

ATTFilter

 All processes killed
========== OTL ==========
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-4176108125-2712142671-340414201-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d366418-1002-11e0-893e-00184d56af9d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d366418-1002-11e0-893e-00184d56af9d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d366418-1002-11e0-893e-00184d56af9d}\ not found.
File J:\LGAutoRun.exe not found.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
 
User: Harald
->Temp folder emptied: 366885328 bytes
->Temporary Internet Files folder emptied: 27429748 bytes
->Java cache emptied: 377271 bytes
->FireFox cache emptied: 418523344 bytes
->Flash cache emptied: 84906270 bytes
 
User: LocalService
->Temp folder emptied: 82513 bytes
->Temporary Internet Files folder emptied: 13022100 bytes
->FireFox cache emptied: 3627531 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10872389 bytes
RecycleBin emptied: 1646421098 bytes
 
Total Files Cleaned = 2.453,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Default User
 
User: Harald
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
Total Flash Files Cleaned = 0,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.44.0 log created on 05292012_160430

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7e0.dat not found!

Registry entries deleted on Reboot...
         

Danke und Gruß

Barbara

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Code: Alles auswählenAufklappen

ATTFilter

 14:36:36.0375 1660	TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
14:36:36.0953 1660	============================================================
14:36:36.0953 1660	Current date / time: 2012/05/30 14:36:36.0953
14:36:36.0953 1660	SystemInfo:
14:36:36.0953 1660	
14:36:36.0953 1660	OS Version: 5.1.2600 ServicePack: 3.0
14:36:36.0953 1660	Product type: Workstation
14:36:36.0953 1660	ComputerName: ACER-75EEBC93E0
14:36:36.0953 1660	UserName: Harald
14:36:36.0953 1660	Windows directory: C:\WINDOWS
14:36:36.0953 1660	System windows directory: C:\WINDOWS
14:36:36.0953 1660	Processor architecture: Intel x86
14:36:36.0953 1660	Number of processors: 2
14:36:36.0953 1660	Page size: 0x1000
14:36:36.0953 1660	Boot type: Normal boot
14:36:36.0953 1660	============================================================
14:36:38.0062 1660	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:36:38.0093 1660	============================================================
14:36:38.0093 1660	\Device\Harddisk0\DR0:
14:36:38.0093 1660	MBR partitions:
14:36:38.0093 1660	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x9C263D, BlocksNum 0x124B8022
14:36:38.0093 1660	\Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x12E7A65F, BlocksNum 0x125B3062
14:36:38.0093 1660	============================================================
14:36:38.0125 1660	C: <-> \Device\Harddisk0\DR0\Partition0
14:36:38.0140 1660	D: <-> \Device\Harddisk0\DR0\Partition1
14:36:38.0140 1660	============================================================
14:36:38.0140 1660	Initialize success
14:36:38.0140 1660	============================================================
14:36:59.0359 3576	============================================================
14:36:59.0359 3576	Scan started
14:36:59.0359 3576	Mode: Manual; 
14:36:59.0359 3576	============================================================
14:36:59.0640 3576	Abiosdsk - ok
14:36:59.0656 3576	abp480n5 - ok
14:36:59.0734 3576	Acer Media Server (ba875aa88898cdf5ecdd8213020c75c6) C:\Programme\Acer\Acer eConsole\MediaServerService.exe
14:36:59.0750 3576	Acer Media Server - ok
14:36:59.0796 3576	AcerMemUsageCheckService (3caabc2d0f87413eb1e0c7e0b3245e67) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
14:36:59.0796 3576	AcerMemUsageCheckService - ok
14:36:59.0828 3576	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:36:59.0875 3576	ACPI - ok
14:36:59.0890 3576	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:36:59.0890 3576	ACPIEC - ok
14:36:59.0953 3576	AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:36:59.0968 3576	AdobeFlashPlayerUpdateSvc - ok
14:36:59.0968 3576	adpu160m - ok
14:37:00.0000 3576	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:37:00.0015 3576	aec - ok
14:37:00.0046 3576	Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
14:37:00.0046 3576	Afc - ok
14:37:00.0078 3576	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:37:00.0109 3576	AFD - ok
14:37:00.0109 3576	Aha154x - ok
14:37:00.0125 3576	aic78u2 - ok
14:37:00.0140 3576	aic78xx - ok
14:37:00.0406 3576	Akamai          (c775d704feb2b600a5bf7b0b088546af) c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll
14:37:00.0406 3576	Suspicious file (Hidden): c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
14:37:00.0421 3576	Akamai ( HiddenFile.Multi.Generic ) - warning
14:37:00.0421 3576	Akamai - detected HiddenFile.Multi.Generic (1)
14:37:00.0781 3576	ALCXWDM         (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
14:37:00.0890 3576	ALCXWDM - ok
14:37:00.0968 3576	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
14:37:00.0968 3576	Alerter - ok
14:37:00.0984 3576	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
14:37:00.0984 3576	ALG - ok
14:37:01.0000 3576	AliIde - ok
14:37:01.0031 3576	AmdK8           (769844eb65df6a62aa51b886290fe51d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
14:37:01.0031 3576	AmdK8 - ok
14:37:01.0046 3576	amsint - ok
14:37:01.0125 3576	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
14:37:01.0125 3576	AntiVirSchedulerService - ok
14:37:01.0187 3576	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
14:37:01.0203 3576	AntiVirService - ok
14:37:01.0203 3576	AppMgmt - ok
14:37:01.0234 3576	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:37:01.0234 3576	Arp1394 - ok
14:37:01.0250 3576	asc - ok
14:37:01.0265 3576	asc3350p - ok
14:37:01.0265 3576	asc3550 - ok
14:37:01.0312 3576	ASCTRM          (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
14:37:01.0312 3576	ASCTRM - ok
14:37:01.0390 3576	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:37:01.0390 3576	aspnet_state - ok
14:37:01.0406 3576	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:37:01.0406 3576	AsyncMac - ok
14:37:01.0421 3576	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:37:01.0437 3576	atapi - ok
14:37:01.0437 3576	Atdisk - ok
14:37:01.0500 3576	Ati HotKey Poller (42e4e2cf0406394bbce7eb358ae4e208) C:\WINDOWS\system32\Ati2evxx.exe
14:37:01.0546 3576	Ati HotKey Poller - ok
14:37:01.0593 3576	ATI Smart       (460741befbfc91c88934620bc546d172) C:\WINDOWS\system32\ati2sgag.exe
14:37:01.0609 3576	ATI Smart - ok
14:37:01.0812 3576	ati2mtag        (81c3e6674d0609aa84c07681bca252de) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:37:01.0921 3576	ati2mtag - ok
14:37:02.0078 3576	AtiHdmiService  (d9bc8892b9440a2551b8148c57aa039e) C:\WINDOWS\system32\drivers\AtiHdmi.sys
14:37:02.0078 3576	AtiHdmiService - ok
14:37:02.0109 3576	ATITool         (d4ed96ac2fafee2c697436b9a2871cd3) C:\WINDOWS\system32\DRIVERS\ATITool.sys
14:37:02.0109 3576	ATITool - ok
14:37:02.0125 3576	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:37:02.0125 3576	Atmarpc - ok
14:37:02.0171 3576	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
14:37:02.0171 3576	AudioSrv - ok
14:37:02.0187 3576	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:37:02.0187 3576	audstub - ok
14:37:02.0218 3576	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:37:02.0234 3576	avgntflt - ok
14:37:02.0250 3576	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:37:02.0296 3576	avipbb - ok
14:37:02.0312 3576	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:37:02.0312 3576	avkmgr - ok
14:37:02.0343 3576	AWINDIS5        (f62b70d3209e38a6c19a03109a25b903) C:\WINDOWS\system32\AWINDIS5.SYS
14:37:02.0343 3576	AWINDIS5 - ok
14:37:02.0406 3576	BCM43XX         (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\wn311b.sys
14:37:02.0437 3576	BCM43XX - ok
14:37:02.0453 3576	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:37:02.0453 3576	Beep - ok
14:37:02.0500 3576	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
14:37:02.0531 3576	BITS - ok
14:37:02.0828 3576	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
14:37:02.0828 3576	Browser - ok
14:37:02.0843 3576	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:37:02.0843 3576	cbidf2k - ok
14:37:02.0859 3576	cd20xrnt - ok
14:37:02.0875 3576	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:37:02.0875 3576	Cdaudio - ok
14:37:02.0921 3576	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:37:02.0921 3576	Cdfs - ok
14:37:02.0953 3576	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:37:02.0968 3576	Cdrom - ok
14:37:02.0968 3576	Changer - ok
14:37:02.0984 3576	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
14:37:03.0000 3576	CiSvc - ok
14:37:03.0046 3576	CLCapSvc        (cfbcf1def8779481e6695f4739621dde) C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
14:37:03.0062 3576	CLCapSvc - ok
14:37:03.0062 3576	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
14:37:03.0062 3576	ClipSrv - ok
14:37:03.0156 3576	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:37:03.0156 3576	clr_optimization_v2.0.50727_32 - ok
14:37:03.0203 3576	CLSched         (418b3bf615cb329ef208055cad1108fc) C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
14:37:03.0203 3576	CLSched - ok
14:37:03.0203 3576	CmdIde - ok
14:37:03.0203 3576	COMSysApp - ok
14:37:03.0218 3576	Cpqarray - ok
14:37:03.0250 3576	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
14:37:03.0250 3576	CryptSvc - ok
14:37:03.0312 3576	CyberLink Media Library Service (1cfdcb99812c62e19c47896a5857d342) C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
14:37:03.0343 3576	CyberLink Media Library Service - ok
14:37:03.0343 3576	dac2w2k - ok
14:37:03.0359 3576	dac960nt - ok
14:37:03.0390 3576	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:37:03.0406 3576	DcomLaunch - ok
14:37:03.0421 3576	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
14:37:03.0421 3576	Dhcp - ok
14:37:03.0484 3576	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:37:03.0484 3576	Disk - ok
14:37:03.0484 3576	dmadmin - ok
14:37:03.0546 3576	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:37:03.0578 3576	dmboot - ok
14:37:03.0593 3576	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
14:37:03.0593 3576	dmio - ok
14:37:03.0625 3576	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:37:03.0625 3576	dmload - ok
14:37:03.0640 3576	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
14:37:03.0640 3576	dmserver - ok
14:37:03.0671 3576	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:37:03.0671 3576	DMusic - ok
14:37:03.0687 3576	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
14:37:03.0687 3576	Dnscache - ok
14:37:03.0718 3576	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
14:37:03.0750 3576	Dot3svc - ok
14:37:03.0750 3576	dpti2o - ok
14:37:03.0765 3576	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:37:03.0765 3576	drmkaud - ok
14:37:03.0781 3576	EagleNT - ok
14:37:03.0781 3576	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
14:37:03.0781 3576	EapHost - ok
14:37:03.0828 3576	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
14:37:03.0828 3576	ERSvc - ok
14:37:03.0843 3576	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:37:03.0859 3576	Eventlog - ok
14:37:03.0890 3576	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
14:37:03.0953 3576	EventSystem - ok
14:37:03.0968 3576	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:37:04.0000 3576	Fastfat - ok
14:37:04.0031 3576	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:37:04.0046 3576	FastUserSwitchingCompatibility - ok
14:37:04.0062 3576	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:37:04.0062 3576	Fdc - ok
14:37:04.0078 3576	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:37:04.0078 3576	Fips - ok
14:37:04.0093 3576	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:37:04.0093 3576	Flpydisk - ok
14:37:04.0125 3576	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:37:04.0125 3576	FltMgr - ok
14:37:04.0187 3576	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:37:04.0187 3576	FontCache3.0.0.0 - ok
14:37:04.0218 3576	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:37:04.0218 3576	Fs_Rec - ok
14:37:04.0234 3576	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:37:04.0250 3576	Ftdisk - ok
14:37:04.0265 3576	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:37:04.0265 3576	Gpc - ok
14:37:04.0359 3576	gusvc - ok
14:37:04.0375 3576	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:37:04.0390 3576	HDAudBus - ok
14:37:04.0484 3576	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:37:04.0484 3576	helpsvc - ok
14:37:04.0515 3576	HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
14:37:04.0515 3576	HidServ - ok
14:37:04.0562 3576	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:37:04.0562 3576	hidusb - ok
14:37:04.0703 3576	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
14:37:04.0703 3576	hkmsvc - ok
14:37:04.0718 3576	hpn - ok
14:37:05.0000 3576	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:37:05.0015 3576	HTTP - ok
14:37:05.0078 3576	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
14:37:05.0093 3576	HTTPFilter - ok
14:37:05.0093 3576	i2omgmt - ok
14:37:05.0109 3576	i2omp - ok
14:37:05.0125 3576	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:37:05.0125 3576	i8042prt - ok
14:37:05.0187 3576	IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:37:05.0203 3576	IDriverT - ok
14:37:05.0281 3576	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:37:05.0312 3576	idsvc - ok
14:37:05.0328 3576	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:37:05.0328 3576	Imapi - ok
14:37:05.0375 3576	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
14:37:05.0390 3576	ImapiService - ok
14:37:05.0390 3576	ini910u - ok
14:37:05.0468 3576	int15.sys       (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys
14:37:05.0468 3576	int15.sys - ok
14:37:05.0468 3576	IntelIde - ok
14:37:05.0484 3576	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:37:05.0484 3576	Ip6Fw - ok
14:37:05.0515 3576	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:37:05.0515 3576	IpFilterDriver - ok
14:37:05.0531 3576	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:37:05.0531 3576	IpInIp - ok
14:37:05.0546 3576	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:37:05.0609 3576	IpNat - ok
14:37:05.0609 3576	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:37:05.0625 3576	IPSec - ok
14:37:05.0640 3576	irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:37:05.0640 3576	irda - ok
14:37:05.0671 3576	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:37:05.0671 3576	IRENUM - ok
14:37:05.0687 3576	Irmon           (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
14:37:05.0687 3576	Irmon - ok
14:37:05.0703 3576	irsir           (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
14:37:05.0703 3576	irsir - ok
14:37:05.0718 3576	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:37:05.0718 3576	isapnp - ok
14:37:05.0796 3576	JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
14:37:05.0828 3576	JavaQuickStarterService - ok
14:37:05.0843 3576	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:37:05.0859 3576	Kbdclass - ok
14:37:05.0875 3576	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:37:05.0875 3576	kbdhid - ok
14:37:05.0890 3576	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:37:05.0937 3576	kmixer - ok
14:37:05.0953 3576	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:37:05.0968 3576	KSecDD - ok
14:37:05.0984 3576	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
14:37:05.0984 3576	lanmanserver - ok
14:37:06.0015 3576	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
14:37:06.0031 3576	lanmanworkstation - ok
14:37:06.0187 3576	Lavasoft Ad-Aware Service (4d99fca201b72e0f2ca996e357baa170) C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
14:37:06.0203 3576	Lavasoft Ad-Aware Service - ok
14:37:06.0218 3576	Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys
14:37:06.0218 3576	Lavasoft Kernexplorer - ok
14:37:06.0375 3576	Lbd             (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
14:37:06.0375 3576	Lbd - ok
14:37:06.0390 3576	lbrtfdc - ok
14:37:06.0437 3576	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
14:37:06.0453 3576	LmHosts - ok
14:37:06.0500 3576	mbr - ok
14:37:06.0578 3576	MDM             (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
14:37:06.0625 3576	MDM - ok
14:37:06.0640 3576	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
14:37:06.0656 3576	Messenger - ok
14:37:06.0687 3576	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:37:06.0687 3576	mnmdd - ok
14:37:06.0703 3576	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
14:37:06.0703 3576	mnmsrvc - ok
14:37:06.0765 3576	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:37:06.0765 3576	Modem - ok
14:37:06.0781 3576	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:37:06.0781 3576	Mouclass - ok
14:37:06.0828 3576	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:37:06.0828 3576	mouhid - ok
14:37:06.0843 3576	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:37:06.0843 3576	MountMgr - ok
14:37:06.0875 3576	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
14:37:06.0890 3576	MozillaMaintenance - ok
14:37:06.0890 3576	mraid35x - ok
14:37:06.0921 3576	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:37:06.0968 3576	MRxDAV - ok
14:37:07.0031 3576	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:37:07.0046 3576	MRxSmb - ok
14:37:07.0062 3576	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
14:37:07.0078 3576	MSDTC - ok
14:37:07.0109 3576	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:37:07.0109 3576	Msfs - ok
14:37:07.0109 3576	MSIServer - ok
14:37:07.0125 3576	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:37:07.0140 3576	MSKSSRV - ok
14:37:07.0156 3576	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:37:07.0156 3576	MSPCLOCK - ok
14:37:07.0187 3576	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:37:07.0203 3576	MSPQM - ok
14:37:07.0234 3576	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:37:07.0234 3576	mssmbios - ok
14:37:07.0265 3576	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:37:07.0265 3576	Mup - ok
14:37:07.0312 3576	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
14:37:07.0328 3576	napagent - ok
14:37:07.0343 3576	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:37:07.0406 3576	NDIS - ok
14:37:07.0421 3576	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:37:07.0421 3576	NdisTapi - ok
14:37:07.0437 3576	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:37:07.0453 3576	Ndisuio - ok
14:37:07.0468 3576	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:37:07.0468 3576	NdisWan - ok
14:37:07.0500 3576	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:37:07.0500 3576	NDProxy - ok
14:37:07.0546 3576	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:37:07.0546 3576	NetBIOS - ok
14:37:07.0562 3576	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:37:07.0578 3576	NetBT - ok
14:37:07.0625 3576	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:37:07.0625 3576	NetDDE - ok
14:37:07.0625 3576	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:37:07.0640 3576	NetDDEdsdm - ok
14:37:07.0671 3576	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:37:07.0671 3576	Netlogon - ok
14:37:07.0703 3576	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
14:37:07.0718 3576	Netman - ok
14:37:07.0781 3576	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:37:07.0828 3576	NetTcpPortSharing - ok
14:37:07.0828 3576	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:37:07.0843 3576	NIC1394 - ok
14:37:07.0859 3576	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
14:37:07.0921 3576	Nla - ok
14:37:07.0937 3576	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:37:07.0937 3576	Npfs - ok
14:37:07.0984 3576	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:37:08.0000 3576	Ntfs - ok
14:37:08.0015 3576	NTIDrvr         (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
14:37:08.0015 3576	NTIDrvr - ok
14:37:08.0015 3576	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:37:08.0015 3576	NtLmSsp - ok
14:37:08.0062 3576	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
14:37:08.0109 3576	NtmsSvc - ok
14:37:08.0140 3576	NuidFltr        (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
14:37:08.0140 3576	NuidFltr - ok
14:37:08.0140 3576	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:37:08.0140 3576	Null - ok
14:37:08.0171 3576	nvatabus        (11d1ad7e946538e02f9ef6a6e1792061) C:\WINDOWS\system32\drivers\nvatabus.sys
14:37:08.0171 3576	nvatabus - ok
14:37:08.0187 3576	NVENETFD        (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
14:37:08.0187 3576	NVENETFD - ok
14:37:08.0234 3576	nvnetbus        (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
14:37:08.0234 3576	nvnetbus - ok
14:37:08.0250 3576	nvraid          (3bc8b9d8a744df75698fe35d52f18a0a) C:\WINDOWS\system32\drivers\nvraid.sys
14:37:08.0250 3576	nvraid - ok
14:37:08.0250 3576	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:37:08.0250 3576	NwlnkFlt - ok
14:37:08.0265 3576	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:37:08.0265 3576	NwlnkFwd - ok
14:37:08.0296 3576	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:37:08.0296 3576	ohci1394 - ok
14:37:08.0312 3576	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
14:37:08.0312 3576	Parport - ok
14:37:08.0328 3576	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:37:08.0328 3576	PartMgr - ok
14:37:08.0343 3576	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:37:08.0343 3576	ParVdm - ok
14:37:08.0359 3576	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:37:08.0359 3576	PCI - ok
14:37:08.0375 3576	PCIDump - ok
14:37:08.0390 3576	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:37:08.0390 3576	PCIIde - ok
14:37:08.0406 3576	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:37:08.0406 3576	Pcmcia - ok
14:37:08.0406 3576	PDCOMP - ok
14:37:08.0421 3576	PDFRAME - ok
14:37:08.0437 3576	PDRELI - ok
14:37:08.0437 3576	PDRFRAME - ok
14:37:08.0453 3576	perc2 - ok
14:37:08.0453 3576	perc2hib - ok
14:37:08.0500 3576	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:37:08.0500 3576	PlugPlay - ok
14:37:08.0531 3576	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:37:08.0531 3576	PolicyAgent - ok
14:37:08.0546 3576	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:37:08.0546 3576	PptpMiniport - ok
14:37:08.0562 3576	Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
14:37:08.0562 3576	Processor - ok
14:37:08.0562 3576	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:37:08.0562 3576	ProtectedStorage - ok
14:37:08.0609 3576	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:37:08.0609 3576	PSched - ok
14:37:08.0640 3576	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:37:08.0640 3576	Ptilink - ok
14:37:08.0640 3576	ql1080 - ok
14:37:08.0656 3576	Ql10wnt - ok
14:37:08.0671 3576	ql12160 - ok
14:37:08.0671 3576	ql1240 - ok
14:37:08.0687 3576	ql1280 - ok
14:37:08.0703 3576	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:37:08.0703 3576	RasAcd - ok
14:37:08.0734 3576	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
14:37:08.0734 3576	RasAuto - ok
14:37:08.0750 3576	Rasirda         (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:37:08.0750 3576	Rasirda - ok
14:37:08.0765 3576	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:37:08.0781 3576	Rasl2tp - ok
14:37:08.0828 3576	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
14:37:08.0875 3576	RasMan - ok
14:37:08.0875 3576	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:37:08.0875 3576	RasPppoe - ok
14:37:08.0921 3576	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:37:08.0921 3576	Raspti - ok
14:37:08.0937 3576	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:37:08.0968 3576	Rdbss - ok
14:37:08.0984 3576	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:37:08.0984 3576	RDPCDD - ok
14:37:09.0015 3576	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
14:37:09.0015 3576	RDPWD - ok
14:37:09.0046 3576	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
14:37:09.0062 3576	RDSessMgr - ok
14:37:09.0078 3576	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:37:09.0078 3576	redbook - ok
14:37:09.0125 3576	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
14:37:09.0125 3576	RemoteAccess - ok
14:37:09.0156 3576	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
14:37:09.0156 3576	RpcLocator - ok
14:37:09.0187 3576	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:37:09.0187 3576	RpcSs - ok
14:37:09.0218 3576	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
14:37:09.0265 3576	RSVP - ok
14:37:09.0296 3576	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:37:09.0296 3576	SamSs - ok
14:37:09.0312 3576	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
14:37:09.0312 3576	SCardSvr - ok
14:37:09.0343 3576	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
14:37:09.0390 3576	Schedule - ok
14:37:09.0421 3576	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:37:09.0421 3576	Secdrv - ok
14:37:09.0437 3576	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
14:37:09.0437 3576	seclogon - ok
14:37:09.0437 3576	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
14:37:09.0453 3576	SENS - ok
14:37:09.0468 3576	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:37:09.0468 3576	serenum - ok
14:37:09.0484 3576	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
14:37:09.0484 3576	Serial - ok
14:37:09.0515 3576	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:37:09.0515 3576	Sfloppy - ok
14:37:09.0546 3576	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
14:37:09.0609 3576	SharedAccess - ok
14:37:09.0640 3576	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:37:09.0640 3576	ShellHWDetection - ok
14:37:09.0640 3576	Simbad - ok
14:37:09.0656 3576	Sparrow - ok
14:37:09.0687 3576	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:37:09.0687 3576	splitter - ok
14:37:09.0703 3576	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:37:09.0703 3576	Spooler - ok
14:37:09.0750 3576	SpyroService    (bfae719594989d1f02b9e9cd86db293e) C:\Programme\FS\Spyro Portal\FlashPortal.exe
14:37:09.0750 3576	SpyroService - ok
14:37:09.0781 3576	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:37:09.0781 3576	sr - ok
14:37:09.0828 3576	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
14:37:09.0843 3576	srservice - ok
14:37:09.0875 3576	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:37:09.0921 3576	Srv - ok
14:37:09.0953 3576	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
14:37:09.0953 3576	SSDPSRV - ok
14:37:09.0984 3576	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:37:09.0984 3576	ssmdrv - ok
14:37:10.0015 3576	StillCam        (a2dbcc4c8860449df1ab758ea28b4de0) C:\WINDOWS\system32\DRIVERS\serscan.sys
14:37:10.0015 3576	StillCam - ok
14:37:10.0062 3576	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
14:37:10.0078 3576	stisvc - ok
14:37:10.0109 3576	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:37:10.0109 3576	swenum - ok
14:37:10.0125 3576	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:37:10.0125 3576	swmidi - ok
14:37:10.0140 3576	SwPrv - ok
14:37:10.0156 3576	symc810 - ok
14:37:10.0171 3576	symc8xx - ok
14:37:10.0171 3576	sym_hi - ok
14:37:10.0187 3576	sym_u3 - ok
14:37:10.0218 3576	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:37:10.0218 3576	sysaudio - ok
14:37:10.0250 3576	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
14:37:10.0265 3576	SysmonLog - ok
14:37:10.0281 3576	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
14:37:10.0328 3576	TapiSrv - ok
14:37:10.0359 3576	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:37:10.0390 3576	Tcpip - ok
14:37:10.0406 3576	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:37:10.0406 3576	TDPIPE - ok
14:37:10.0421 3576	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:37:10.0421 3576	TDTCP - ok
14:37:10.0437 3576	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:37:10.0437 3576	TermDD - ok
14:37:10.0468 3576	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
14:37:10.0468 3576	TermService - ok
14:37:10.0500 3576	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:37:10.0515 3576	Themes - ok
14:37:10.0515 3576	TosIde - ok
14:37:10.0531 3576	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
14:37:10.0531 3576	TrkWks - ok
14:37:10.0593 3576	UBHelper        (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
14:37:10.0593 3576	UBHelper - ok
14:37:10.0625 3576	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:37:10.0625 3576	Udfs - ok
14:37:10.0625 3576	ultra - ok
14:37:10.0671 3576	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:37:10.0687 3576	Update - ok
14:37:10.0718 3576	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
14:37:10.0734 3576	upnphost - ok
14:37:10.0750 3576	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
14:37:10.0750 3576	UPS - ok
14:37:10.0781 3576	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:37:10.0781 3576	usbccgp - ok
14:37:10.0828 3576	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:37:10.0828 3576	usbehci - ok
14:37:10.0828 3576	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:37:10.0843 3576	usbhub - ok
14:37:10.0859 3576	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:37:10.0859 3576	usbohci - ok
14:37:10.0875 3576	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:37:10.0875 3576	USBSTOR - ok
14:37:10.0890 3576	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:37:10.0890 3576	VgaSave - ok
14:37:10.0890 3576	ViaIde - ok
14:37:10.0921 3576	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:37:10.0921 3576	VolSnap - ok
14:37:10.0953 3576	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
14:37:10.0953 3576	VSS - ok
14:37:11.0000 3576	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
14:37:11.0046 3576	W32Time - ok
14:37:11.0062 3576	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:37:11.0062 3576	Wanarp - ok
14:37:11.0078 3576	wanatw - ok
14:37:11.0140 3576	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:37:11.0156 3576	Wdf01000 - ok
14:37:11.0171 3576	WDICA - ok
14:37:11.0187 3576	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:37:11.0187 3576	wdmaud - ok
14:37:11.0203 3576	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
14:37:11.0203 3576	WebClient - ok
14:37:11.0265 3576	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:37:11.0281 3576	winmgmt - ok
14:37:11.0312 3576	WinUSB          (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
14:37:11.0312 3576	WinUSB - ok
14:37:11.0359 3576	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
14:37:11.0375 3576	WmdmPmSN - ok
14:37:11.0390 3576	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:37:11.0390 3576	WmiApSrv - ok
14:37:11.0515 3576	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
14:37:11.0546 3576	WMPNetworkSvc - ok
14:37:11.0562 3576	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:37:11.0562 3576	WpdUsb - ok
14:37:11.0593 3576	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
14:37:11.0593 3576	wscsvc - ok
14:37:11.0609 3576	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
14:37:11.0609 3576	wuauserv - ok
14:37:11.0640 3576	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:37:11.0640 3576	WudfPf - ok
14:37:11.0671 3576	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:37:11.0671 3576	WudfRd - ok
14:37:11.0687 3576	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
14:37:11.0687 3576	WudfSvc - ok
14:37:11.0734 3576	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
14:37:11.0781 3576	WZCSVC - ok
14:37:11.0781 3576	XDva394 - ok
14:37:11.0812 3576	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
14:37:11.0828 3576	xmlprov - ok
14:37:11.0828 3576	ZD1211BU(ZyDAS) - ok
14:37:11.0843 3576	ZD1211U(ZyDAS) - ok
14:37:11.0843 3576	ZDPSp50 - ok
14:37:11.0890 3576	MBR (0x1B8)     (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0
14:37:11.0921 3576	\Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
14:37:11.0921 3576	\Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
14:37:11.0937 3576	Boot (0x1200)   (333c6e6fde65f3fefacef0a674749c87) \Device\Harddisk0\DR0\Partition0
14:37:11.0953 3576	\Device\Harddisk0\DR0\Partition0 - ok
14:37:11.0968 3576	Boot (0x1200)   (83047847fabad226b373ccec927ef9ef) \Device\Harddisk0\DR0\Partition1
14:37:11.0968 3576	\Device\Harddisk0\DR0\Partition1 - ok
14:37:11.0968 3576	============================================================
14:37:11.0968 3576	Scan finished
14:37:11.0968 3576	============================================================
14:37:12.0000 0692	Detected object count: 2
14:37:12.0000 0692	Actual detected object count: 2
14:37:59.0781 0692	Akamai ( HiddenFile.Multi.Generic ) - skipped by user
14:37:59.0781 0692	Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
14:38:02.0671 0692	\Device\Harddisk0\DR0\# - copied to quarantine
14:38:02.0671 0692	\Device\Harddisk0\DR0 - copied to quarantine
14:38:02.0671 0692	\Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
14:38:02.0718 0692	\Device\Harddisk0\DR0 - ok
14:38:02.0718 0692	\Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure 
14:38:38.0109 3052	Deinitialize success
         

Code: Alles auswählenAufklappen

ATTFilter

 14:45:56.0015 1600	TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
14:45:56.0171 1600	============================================================
14:45:56.0171 1600	Current date / time: 2012/05/30 14:45:56.0171
14:45:56.0171 1600	SystemInfo:
14:45:56.0171 1600	
14:45:56.0171 1600	OS Version: 5.1.2600 ServicePack: 3.0
14:45:56.0171 1600	Product type: Workstation
14:45:56.0171 1600	ComputerName: ACER-75EEBC93E0
14:45:56.0171 1600	UserName: Harald
14:45:56.0171 1600	Windows directory: C:\WINDOWS
14:45:56.0171 1600	System windows directory: C:\WINDOWS
14:45:56.0171 1600	Processor architecture: Intel x86
14:45:56.0171 1600	Number of processors: 2
14:45:56.0171 1600	Page size: 0x1000
14:45:56.0171 1600	Boot type: Normal boot
14:45:56.0171 1600	============================================================
14:45:56.0375 1600	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:45:56.0406 1600	============================================================
14:45:56.0406 1600	\Device\Harddisk0\DR0:
14:45:56.0406 1600	MBR partitions:
14:45:56.0406 1600	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x9C263D, BlocksNum 0x124B8022
14:45:56.0406 1600	\Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x12E7A65F, BlocksNum 0x125B3062
14:45:56.0406 1600	============================================================
14:45:56.0437 1600	C: <-> \Device\Harddisk0\DR0\Partition0
14:45:56.0453 1600	D: <-> \Device\Harddisk0\DR0\Partition1
14:45:56.0453 1600	============================================================
14:45:56.0453 1600	Initialize success
14:45:56.0453 1600	============================================================
14:47:45.0156 1992	============================================================
14:47:45.0156 1992	Scan started
14:47:45.0156 1992	Mode: Manual; SigCheck; TDLFS; 
14:47:45.0156 1992	============================================================
14:47:45.0468 1992	Abiosdsk - ok
14:47:45.0468 1992	abp480n5 - ok
14:47:45.0546 1992	Acer Media Server (ba875aa88898cdf5ecdd8213020c75c6) C:\Programme\Acer\Acer eConsole\MediaServerService.exe
14:47:45.0656 1992	Acer Media Server ( UnsignedFile.Multi.Generic ) - warning
14:47:45.0656 1992	Acer Media Server - detected UnsignedFile.Multi.Generic (1)
14:47:45.0703 1992	AcerMemUsageCheckService (3caabc2d0f87413eb1e0c7e0b3245e67) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
14:47:45.0718 1992	AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - warning
14:47:45.0718 1992	AcerMemUsageCheckService - detected UnsignedFile.Multi.Generic (1)
14:47:45.0734 1992	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:47:46.0312 1992	ACPI - ok
14:47:46.0328 1992	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:47:46.0531 1992	ACPIEC - ok
14:47:46.0593 1992	AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:47:46.0609 1992	AdobeFlashPlayerUpdateSvc - ok
14:47:46.0609 1992	adpu160m - ok
14:47:46.0656 1992	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:47:46.0812 1992	aec - ok
14:47:46.0828 1992	Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
14:47:46.0843 1992	Afc ( UnsignedFile.Multi.Generic ) - warning
14:47:46.0843 1992	Afc - detected UnsignedFile.Multi.Generic (1)
14:47:46.0875 1992	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:47:46.0921 1992	AFD - ok
14:47:46.0921 1992	Aha154x - ok
14:47:46.0937 1992	aic78u2 - ok
14:47:46.0937 1992	aic78xx - ok
14:47:47.0187 1992	Akamai          (c775d704feb2b600a5bf7b0b088546af) c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll
14:47:47.0187 1992	Suspicious file (Hidden): c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
14:47:47.0203 1992	Akamai ( HiddenFile.Multi.Generic ) - warning
14:47:47.0203 1992	Akamai - detected HiddenFile.Multi.Generic (1)
14:47:47.0515 1992	ALCXWDM         (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
14:47:47.0718 1992	ALCXWDM - ok
14:47:47.0796 1992	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
14:47:48.0015 1992	Alerter - ok
14:47:48.0031 1992	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
14:47:48.0093 1992	ALG - ok
14:47:48.0093 1992	AliIde - ok
14:47:48.0109 1992	AmdK8           (769844eb65df6a62aa51b886290fe51d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
14:47:48.0140 1992	AmdK8 - ok
14:47:48.0140 1992	amsint - ok
14:47:48.0203 1992	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
14:47:48.0203 1992	AntiVirSchedulerService - ok
14:47:48.0250 1992	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
14:47:48.0265 1992	AntiVirService - ok
14:47:48.0281 1992	AppMgmt - ok
14:47:48.0296 1992	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:47:48.0437 1992	Arp1394 - ok
14:47:48.0453 1992	asc - ok
14:47:48.0453 1992	asc3350p - ok
14:47:48.0468 1992	asc3550 - ok
14:47:48.0500 1992	ASCTRM          (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
14:47:48.0515 1992	ASCTRM ( UnsignedFile.Multi.Generic ) - warning
14:47:48.0515 1992	ASCTRM - detected UnsignedFile.Multi.Generic (1)
14:47:48.0578 1992	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:47:48.0593 1992	aspnet_state - ok
14:47:48.0609 1992	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:47:48.0781 1992	AsyncMac - ok
14:47:48.0796 1992	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:47:48.0937 1992	atapi - ok
14:47:48.0937 1992	Atdisk - ok
14:47:48.0984 1992	Ati HotKey Poller (42e4e2cf0406394bbce7eb358ae4e208) C:\WINDOWS\system32\Ati2evxx.exe
14:47:49.0062 1992	Ati HotKey Poller - ok
14:47:49.0109 1992	ATI Smart       (460741befbfc91c88934620bc546d172) C:\WINDOWS\system32\ati2sgag.exe
14:47:49.0140 1992	ATI Smart ( UnsignedFile.Multi.Generic ) - warning
14:47:49.0140 1992	ATI Smart - detected UnsignedFile.Multi.Generic (1)
14:47:49.0328 1992	ati2mtag        (81c3e6674d0609aa84c07681bca252de) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:47:49.0453 1992	ati2mtag - ok
14:47:49.0625 1992	AtiHdmiService  (d9bc8892b9440a2551b8148c57aa039e) C:\WINDOWS\system32\drivers\AtiHdmi.sys
14:47:49.0656 1992	AtiHdmiService - ok
14:47:49.0671 1992	ATITool         (d4ed96ac2fafee2c697436b9a2871cd3) C:\WINDOWS\system32\DRIVERS\ATITool.sys
14:47:49.0718 1992	ATITool ( UnsignedFile.Multi.Generic ) - warning
14:47:49.0718 1992	ATITool - detected UnsignedFile.Multi.Generic (1)
14:47:49.0734 1992	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:47:49.0906 1992	Atmarpc - ok
14:47:49.0921 1992	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
14:47:50.0062 1992	AudioSrv - ok
14:47:50.0078 1992	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:47:50.0218 1992	audstub - ok
14:47:50.0234 1992	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:47:50.0250 1992	avgntflt - ok
14:47:50.0265 1992	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:47:50.0281 1992	avipbb - ok
14:47:50.0296 1992	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:47:50.0312 1992	avkmgr - ok
14:47:50.0328 1992	AWINDIS5        (f62b70d3209e38a6c19a03109a25b903) C:\WINDOWS\system32\AWINDIS5.SYS
14:47:50.0328 1992	AWINDIS5 ( UnsignedFile.Multi.Generic ) - warning
14:47:50.0328 1992	AWINDIS5 - detected UnsignedFile.Multi.Generic (1)
14:47:50.0375 1992	BCM43XX         (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\wn311b.sys
14:47:50.0406 1992	BCM43XX ( UnsignedFile.Multi.Generic ) - warning
14:47:50.0406 1992	BCM43XX - detected UnsignedFile.Multi.Generic (1)
14:47:50.0437 1992	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:47:50.0578 1992	Beep - ok
14:47:50.0609 1992	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
14:47:50.0765 1992	BITS - ok
14:47:50.0781 1992	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
14:47:50.0984 1992	Browser - ok
14:47:51.0000 1992	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:47:51.0156 1992	cbidf2k - ok
14:47:51.0171 1992	cd20xrnt - ok
14:47:51.0187 1992	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:47:51.0312 1992	Cdaudio - ok
14:47:51.0328 1992	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:47:51.0453 1992	Cdfs - ok
14:47:51.0468 1992	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:47:51.0609 1992	Cdrom - ok
14:47:51.0609 1992	Changer - ok
14:47:51.0625 1992	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
14:47:51.0750 1992	CiSvc - ok
14:47:51.0812 1992	CLCapSvc        (cfbcf1def8779481e6695f4739621dde) C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
14:47:51.0843 1992	CLCapSvc ( UnsignedFile.Multi.Generic ) - warning
14:47:51.0843 1992	CLCapSvc - detected UnsignedFile.Multi.Generic (1)
14:47:51.0859 1992	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
14:47:52.0015 1992	ClipSrv - ok
14:47:52.0078 1992	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:47:52.0078 1992	clr_optimization_v2.0.50727_32 - ok
14:47:52.0093 1992	CLSched         (418b3bf615cb329ef208055cad1108fc) C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
14:47:52.0140 1992	CLSched ( UnsignedFile.Multi.Generic ) - warning
14:47:52.0140 1992	CLSched - detected UnsignedFile.Multi.Generic (1)
14:47:52.0156 1992	CmdIde - ok
14:47:52.0156 1992	COMSysApp - ok
14:47:52.0187 1992	Cpqarray - ok
14:47:52.0203 1992	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
14:47:52.0343 1992	CryptSvc - ok
14:47:52.0406 1992	CyberLink Media Library Service (1cfdcb99812c62e19c47896a5857d342) C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
14:47:52.0453 1992	CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - warning
14:47:52.0453 1992	CyberLink Media Library Service - detected UnsignedFile.Multi.Generic (1)
14:47:52.0468 1992	dac2w2k - ok
14:47:52.0484 1992	dac960nt - ok
14:47:52.0515 1992	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:47:52.0562 1992	DcomLaunch - ok
14:47:52.0593 1992	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
14:47:52.0796 1992	Dhcp - ok
14:47:52.0812 1992	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:47:52.0968 1992	Disk - ok
14:47:52.0984 1992	dmadmin - ok
14:47:53.0031 1992	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:47:53.0156 1992	dmboot - ok
14:47:53.0171 1992	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
14:47:53.0312 1992	dmio - ok
14:47:53.0343 1992	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:47:53.0484 1992	dmload - ok
14:47:53.0500 1992	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
14:47:53.0640 1992	dmserver - ok
14:47:53.0656 1992	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:47:53.0781 1992	DMusic - ok
14:47:53.0796 1992	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
14:47:53.0843 1992	Dnscache - ok
14:47:53.0875 1992	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
14:47:54.0015 1992	Dot3svc - ok
14:47:54.0031 1992	dpti2o - ok
14:47:54.0046 1992	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:47:54.0187 1992	drmkaud - ok
14:47:54.0187 1992	EagleNT - ok
14:47:54.0203 1992	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
14:47:54.0359 1992	EapHost - ok
14:47:54.0375 1992	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
14:47:54.0531 1992	ERSvc - ok
14:47:54.0546 1992	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:47:54.0562 1992	Eventlog - ok
14:47:54.0593 1992	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
14:47:54.0640 1992	EventSystem - ok
14:47:54.0671 1992	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:47:54.0812 1992	Fastfat - ok
14:47:54.0843 1992	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:47:54.0875 1992	FastUserSwitchingCompatibility - ok
14:47:54.0890 1992	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:47:55.0156 1992	Fdc - ok
14:47:55.0187 1992	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:47:55.0343 1992	Fips - ok
14:47:55.0359 1992	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:47:55.0531 1992	Flpydisk - ok
14:47:55.0546 1992	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:47:55.0671 1992	FltMgr - ok
14:47:55.0718 1992	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:47:55.0734 1992	FontCache3.0.0.0 - ok
14:47:55.0750 1992	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:47:55.0906 1992	Fs_Rec - ok
14:47:55.0921 1992	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:47:56.0046 1992	Ftdisk - ok
14:47:56.0062 1992	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:47:56.0203 1992	Gpc - ok
14:47:56.0234 1992	gusvc - ok
14:47:56.0250 1992	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:47:56.0406 1992	HDAudBus - ok
14:47:56.0437 1992	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:47:56.0578 1992	helpsvc - ok
14:47:56.0609 1992	HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
14:47:56.0750 1992	HidServ - ok
14:47:56.0765 1992	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:47:56.0906 1992	hidusb - ok
14:47:56.0921 1992	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
14:47:57.0046 1992	hkmsvc - ok
14:47:57.0046 1992	hpn - ok
14:47:57.0078 1992	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:47:57.0140 1992	HTTP - ok
14:47:57.0140 1992	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
14:47:57.0281 1992	HTTPFilter - ok
14:47:57.0281 1992	i2omgmt - ok
14:47:57.0296 1992	i2omp - ok
14:47:57.0312 1992	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:47:57.0437 1992	i8042prt - ok
14:47:57.0484 1992	IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:47:57.0484 1992	IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:47:57.0484 1992	IDriverT - detected UnsignedFile.Multi.Generic (1)
14:47:57.0562 1992	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:47:57.0609 1992	idsvc - ok
14:47:57.0625 1992	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:47:57.0781 1992	Imapi - ok
14:47:57.0796 1992	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
14:47:57.0953 1992	ImapiService - ok
14:47:57.0953 1992	ini910u - ok
14:47:58.0031 1992	int15.sys       (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys
14:47:58.0031 1992	int15.sys ( UnsignedFile.Multi.Generic ) - warning
14:47:58.0031 1992	int15.sys - detected UnsignedFile.Multi.Generic (1)
14:47:58.0031 1992	IntelIde - ok
14:47:58.0062 1992	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:47:58.0187 1992	Ip6Fw - ok
14:47:58.0218 1992	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:47:58.0343 1992	IpFilterDriver - ok
14:47:58.0359 1992	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:47:58.0500 1992	IpInIp - ok
14:47:58.0531 1992	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:47:58.0687 1992	IpNat - ok
14:47:58.0703 1992	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:47:58.0843 1992	IPSec - ok
14:47:58.0859 1992	irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:47:58.0921 1992	irda - ok
14:47:58.0921 1992	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:47:58.0984 1992	IRENUM - ok
14:47:59.0000 1992	Irmon           (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
14:47:59.0062 1992	Irmon - ok
14:47:59.0078 1992	irsir           (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
14:47:59.0125 1992	irsir - ok
14:47:59.0140 1992	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:47:59.0312 1992	isapnp - ok
14:47:59.0390 1992	JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
14:47:59.0390 1992	JavaQuickStarterService - ok
14:47:59.0421 1992	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:47:59.0531 1992	Kbdclass - ok
14:47:59.0546 1992	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:47:59.0703 1992	kbdhid - ok
14:47:59.0734 1992	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:47:59.0859 1992	kmixer - ok
14:47:59.0890 1992	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:47:59.0937 1992	KSecDD - ok
14:47:59.0968 1992	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
14:48:00.0000 1992	lanmanserver - ok
14:48:00.0015 1992	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
14:48:00.0046 1992	lanmanworkstation - ok
14:48:00.0203 1992	Lavasoft Ad-Aware Service (4d99fca201b72e0f2ca996e357baa170) C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
14:48:00.0296 1992	Lavasoft Ad-Aware Service - ok
14:48:00.0343 1992	Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys
14:48:00.0343 1992	Lavasoft Kernexplorer - ok
14:48:00.0515 1992	Lbd             (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
14:48:00.0515 1992	Lbd - ok
14:48:00.0531 1992	lbrtfdc - ok
14:48:00.0562 1992	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
14:48:00.0718 1992	LmHosts - ok
14:48:00.0781 1992	mbr - ok
14:48:00.0843 1992	MDM             (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
14:48:00.0875 1992	MDM - ok
14:48:00.0890 1992	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
14:48:01.0031 1992	Messenger - ok
14:48:01.0046 1992	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:48:01.0171 1992	mnmdd - ok
14:48:01.0187 1992	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
14:48:01.0328 1992	mnmsrvc - ok
14:48:01.0343 1992	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:48:01.0468 1992	Modem - ok
14:48:01.0500 1992	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:48:01.0625 1992	Mouclass - ok
14:48:01.0625 1992	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:48:01.0765 1992	mouhid - ok
14:48:01.0781 1992	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:48:01.0890 1992	MountMgr - ok
14:48:01.0921 1992	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
14:48:01.0937 1992	MozillaMaintenance - ok
14:48:01.0937 1992	mraid35x - ok
14:48:01.0968 1992	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:48:02.0125 1992	MRxDAV - ok
14:48:02.0171 1992	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:48:02.0203 1992	MRxSmb - ok
14:48:02.0250 1992	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
14:48:02.0375 1992	MSDTC - ok
14:48:02.0390 1992	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:48:02.0546 1992	Msfs - ok
14:48:02.0546 1992	MSIServer - ok
14:48:02.0578 1992	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:48:02.0703 1992	MSKSSRV - ok
14:48:02.0718 1992	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:48:02.0843 1992	MSPCLOCK - ok
14:48:02.0859 1992	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:48:02.0968 1992	MSPQM - ok
14:48:03.0000 1992	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:48:03.0125 1992	mssmbios - ok
14:48:03.0140 1992	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:48:03.0156 1992	Mup - ok
14:48:03.0187 1992	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
14:48:03.0312 1992	napagent - ok
14:48:03.0328 1992	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:48:03.0500 1992	NDIS - ok
14:48:03.0515 1992	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:48:03.0546 1992	NdisTapi - ok
14:48:03.0578 1992	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:48:03.0687 1992	Ndisuio - ok
14:48:03.0703 1992	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:48:03.0843 1992	NdisWan - ok
14:48:03.0859 1992	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:48:03.0875 1992	NDProxy - ok
14:48:03.0890 1992	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:48:04.0031 1992	NetBIOS - ok
14:48:04.0046 1992	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:48:04.0171 1992	NetBT - ok
14:48:04.0203 1992	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:48:04.0328 1992	NetDDE - ok
14:48:04.0343 1992	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:48:04.0453 1992	NetDDEdsdm - ok
14:48:04.0484 1992	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:48:04.0625 1992	Netlogon - ok
14:48:04.0656 1992	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
14:48:04.0781 1992	Netman - ok
14:48:04.0843 1992	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:48:04.0859 1992	NetTcpPortSharing - ok
14:48:04.0890 1992	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:48:05.0140 1992	NIC1394 - ok
14:48:05.0171 1992	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
14:48:05.0218 1992	Nla - ok
14:48:05.0250 1992	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:48:05.0359 1992	Npfs - ok
14:48:05.0406 1992	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:48:05.0546 1992	Ntfs - ok
14:48:05.0562 1992	NTIDrvr         (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
14:48:05.0562 1992	NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
14:48:05.0562 1992	NTIDrvr - detected UnsignedFile.Multi.Generic (1)
14:48:05.0578 1992	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:48:05.0703 1992	NtLmSsp - ok
14:48:05.0734 1992	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
14:48:05.0859 1992	NtmsSvc - ok
14:48:05.0890 1992	NuidFltr        (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
14:48:05.0906 1992	NuidFltr - ok
14:48:05.0921 1992	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:48:06.0031 1992	Null - ok
14:48:06.0046 1992	nvatabus        (11d1ad7e946538e02f9ef6a6e1792061) C:\WINDOWS\system32\drivers\nvatabus.sys
14:48:06.0093 1992	nvatabus - ok
14:48:06.0109 1992	NVENETFD        (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
14:48:06.0125 1992	NVENETFD - ok
14:48:06.0140 1992	nvnetbus        (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
14:48:06.0171 1992	nvnetbus - ok
14:48:06.0187 1992	nvraid          (3bc8b9d8a744df75698fe35d52f18a0a) C:\WINDOWS\system32\drivers\nvraid.sys
14:48:06.0234 1992	nvraid - ok
14:48:06.0250 1992	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:48:06.0359 1992	NwlnkFlt - ok
14:48:06.0375 1992	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:48:06.0515 1992	NwlnkFwd - ok
14:48:06.0531 1992	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:48:06.0671 1992	ohci1394 - ok
14:48:06.0703 1992	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
14:48:06.0843 1992	Parport - ok
14:48:06.0859 1992	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:48:07.0000 1992	PartMgr - ok
14:48:07.0015 1992	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:48:07.0125 1992	ParVdm - ok
14:48:07.0140 1992	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:48:07.0281 1992	PCI - ok
14:48:07.0281 1992	PCIDump - ok
14:48:07.0296 1992	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:48:07.0421 1992	PCIIde - ok
14:48:07.0437 1992	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:48:07.0562 1992	Pcmcia - ok
14:48:07.0578 1992	PDCOMP - ok
14:48:07.0578 1992	PDFRAME - ok
14:48:07.0593 1992	PDRELI - ok
14:48:07.0609 1992	PDRFRAME - ok
14:48:07.0625 1992	perc2 - ok
14:48:07.0625 1992	perc2hib - ok
14:48:07.0687 1992	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:48:07.0703 1992	PlugPlay - ok
14:48:07.0718 1992	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:48:07.0843 1992	PolicyAgent - ok
14:48:07.0843 1992	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:48:07.0968 1992	PptpMiniport - ok
14:48:07.0984 1992	Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
14:48:08.0125 1992	Processor - ok
14:48:08.0125 1992	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:48:08.0250 1992	ProtectedStorage - ok
14:48:08.0265 1992	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:48:08.0390 1992	PSched - ok
14:48:08.0421 1992	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:48:08.0546 1992	Ptilink - ok
14:48:08.0562 1992	ql1080 - ok
14:48:08.0562 1992	Ql10wnt - ok
14:48:08.0578 1992	ql12160 - ok
14:48:08.0593 1992	ql1240 - ok
14:48:08.0593 1992	ql1280 - ok
14:48:08.0625 1992	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:48:08.0750 1992	RasAcd - ok
14:48:08.0765 1992	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
14:48:08.0890 1992	RasAuto - ok
14:48:08.0890 1992	Rasirda         (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:48:08.0953 1992	Rasirda - ok
14:48:08.0968 1992	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:48:09.0109 1992	Rasl2tp - ok
14:48:09.0140 1992	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
14:48:09.0296 1992	RasMan - ok
14:48:09.0312 1992	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:48:09.0437 1992	RasPppoe - ok
14:48:09.0453 1992	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:48:09.0593 1992	Raspti - ok
14:48:09.0625 1992	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:48:09.0765 1992	Rdbss - ok
14:48:09.0781 1992	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:48:09.0906 1992	RDPCDD - ok
14:48:09.0937 1992	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
14:48:09.0968 1992	RDPWD - ok
14:48:09.0984 1992	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
14:48:10.0109 1992	RDSessMgr - ok
14:48:10.0125 1992	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:48:10.0250 1992	redbook - ok
14:48:10.0281 1992	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
14:48:10.0406 1992	RemoteAccess - ok
14:48:10.0421 1992	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
14:48:10.0546 1992	RpcLocator - ok
14:48:10.0593 1992	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:48:10.0609 1992	RpcSs - ok
14:48:10.0640 1992	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
14:48:10.0796 1992	RSVP - ok
14:48:10.0828 1992	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:48:10.0953 1992	SamSs - ok
14:48:10.0968 1992	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
14:48:11.0125 1992	SCardSvr - ok
14:48:11.0156 1992	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
14:48:11.0281 1992	Schedule - ok
14:48:11.0296 1992	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:48:11.0343 1992	Secdrv - ok
14:48:11.0359 1992	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
14:48:11.0484 1992	seclogon - ok
14:48:11.0515 1992	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
14:48:11.0625 1992	SENS - ok
14:48:11.0656 1992	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:48:11.0781 1992	serenum - ok
14:48:11.0796 1992	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
14:48:11.0921 1992	Serial - ok
14:48:11.0953 1992	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:48:12.0093 1992	Sfloppy - ok
14:48:12.0125 1992	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
14:48:12.0281 1992	SharedAccess - ok
14:48:12.0312 1992	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:48:12.0328 1992	ShellHWDetection - ok
14:48:12.0328 1992	Simbad - ok
14:48:12.0343 1992	Sparrow - ok
14:48:12.0375 1992	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:48:12.0500 1992	splitter - ok
14:48:12.0531 1992	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:48:12.0546 1992	Spooler - ok
14:48:12.0593 1992	SpyroService    (bfae719594989d1f02b9e9cd86db293e) C:\Programme\FS\Spyro Portal\FlashPortal.exe
14:48:12.0593 1992	SpyroService ( UnsignedFile.Multi.Generic ) - warning
14:48:12.0593 1992	SpyroService - detected UnsignedFile.Multi.Generic (1)
14:48:12.0625 1992	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:48:12.0687 1992	sr - ok
14:48:12.0718 1992	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
14:48:12.0796 1992	srservice - ok
14:48:12.0828 1992	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:48:12.0859 1992	Srv - ok
14:48:12.0875 1992	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
14:48:12.0953 1992	SSDPSRV - ok
14:48:12.0968 1992	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:48:12.0984 1992	ssmdrv - ok
14:48:13.0000 1992	StillCam        (a2dbcc4c8860449df1ab758ea28b4de0) C:\WINDOWS\system32\DRIVERS\serscan.sys
14:48:13.0125 1992	StillCam - ok
14:48:13.0156 1992	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
14:48:13.0296 1992	stisvc - ok
14:48:13.0312 1992	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:48:13.0437 1992	swenum - ok
14:48:13.0453 1992	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:48:13.0593 1992	swmidi - ok
14:48:13.0593 1992	SwPrv - ok
14:48:13.0609 1992	symc810 - ok
14:48:13.0625 1992	symc8xx - ok
14:48:13.0640 1992	sym_hi - ok
14:48:13.0640 1992	sym_u3 - ok
14:48:13.0671 1992	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:48:13.0781 1992	sysaudio - ok
14:48:13.0796 1992	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
14:48:13.0921 1992	SysmonLog - ok
14:48:13.0937 1992	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
14:48:14.0078 1992	TapiSrv - ok
14:48:14.0109 1992	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:48:14.0125 1992	Tcpip - ok
14:48:14.0156 1992	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:48:14.0296 1992	TDPIPE - ok
14:48:14.0312 1992	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:48:14.0437 1992	TDTCP - ok
14:48:14.0453 1992	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:48:14.0578 1992	TermDD - ok
14:48:14.0609 1992	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
14:48:14.0750 1992	TermService - ok
14:48:14.0781 1992	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:48:14.0781 1992	Themes - ok
14:48:14.0796 1992	TosIde - ok
14:48:14.0812 1992	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
14:48:14.0968 1992	TrkWks - ok
14:48:15.0046 1992	UBHelper        (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
14:48:15.0046 1992	UBHelper ( UnsignedFile.Multi.Generic ) - warning
14:48:15.0046 1992	UBHelper - detected UnsignedFile.Multi.Generic (1)
14:48:15.0187 1992	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:48:15.0312 1992	Udfs - ok
14:48:15.0312 1992	ultra - ok
14:48:15.0359 1992	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:48:15.0468 1992	Update - ok
14:48:15.0500 1992	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
14:48:15.0546 1992	upnphost - ok
14:48:15.0562 1992	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
14:48:15.0718 1992	UPS - ok
14:48:15.0734 1992	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:48:15.0859 1992	usbccgp - ok
14:48:15.0875 1992	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:48:16.0000 1992	usbehci - ok
14:48:16.0015 1992	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:48:16.0125 1992	usbhub - ok
14:48:16.0140 1992	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:48:16.0265 1992	usbohci - ok
14:48:16.0281 1992	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:48:16.0390 1992	USBSTOR - ok
14:48:16.0406 1992	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:48:16.0531 1992	VgaSave - ok
14:48:16.0546 1992	ViaIde - ok
14:48:16.0562 1992	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:48:16.0687 1992	VolSnap - ok
14:48:16.0703 1992	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
14:48:16.0781 1992	VSS - ok
14:48:16.0796 1992	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
14:48:16.0906 1992	W32Time - ok
14:48:16.0937 1992	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:48:17.0062 1992	Wanarp - ok
14:48:17.0078 1992	wanatw - ok
14:48:17.0109 1992	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:48:17.0140 1992	Wdf01000 - ok
14:48:17.0140 1992	WDICA - ok
14:48:17.0156 1992	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:48:17.0265 1992	wdmaud - ok
14:48:17.0281 1992	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
14:48:17.0390 1992	WebClient - ok
14:48:17.0453 1992	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:48:17.0562 1992	winmgmt - ok
14:48:17.0593 1992	WinUSB          (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
14:48:17.0625 1992	WinUSB - ok
14:48:17.0640 1992	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
14:48:17.0671 1992	WmdmPmSN - ok
14:48:17.0703 1992	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:48:17.0859 1992	WmiApSrv - ok
14:48:17.0937 1992	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
14:48:17.0984 1992	WMPNetworkSvc - ok
14:48:18.0015 1992	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:48:18.0031 1992	WpdUsb - ok
14:48:18.0062 1992	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
14:48:18.0203 1992	wscsvc - ok
14:48:18.0218 1992	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
14:48:18.0359 1992	wuauserv - ok
14:48:18.0375 1992	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:48:18.0406 1992	WudfPf - ok
14:48:18.0421 1992	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:48:18.0468 1992	WudfRd - ok
14:48:18.0468 1992	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
14:48:18.0500 1992	WudfSvc - ok
14:48:18.0531 1992	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
14:48:18.0656 1992	WZCSVC - ok
14:48:18.0671 1992	XDva394 - ok
14:48:18.0687 1992	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
14:48:18.0812 1992	xmlprov - ok
14:48:18.0812 1992	ZD1211BU(ZyDAS) - ok
14:48:18.0828 1992	ZD1211U(ZyDAS) - ok
14:48:18.0843 1992	ZDPSp50 - ok
14:48:18.0875 1992	MBR (0x1B8)     (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0
14:48:21.0765 1992	\Device\Harddisk0\DR0 - ok
14:48:21.0796 1992	Boot (0x1200)   (333c6e6fde65f3fefacef0a674749c87) \Device\Harddisk0\DR0\Partition0
14:48:21.0796 1992	\Device\Harddisk0\DR0\Partition0 - ok
14:48:21.0812 1992	Boot (0x1200)   (83047847fabad226b373ccec927ef9ef) \Device\Harddisk0\DR0\Partition1
14:48:21.0812 1992	\Device\Harddisk0\DR0\Partition1 - ok
14:48:21.0812 1992	============================================================
14:48:21.0812 1992	Scan finished
14:48:21.0812 1992	============================================================
14:48:21.0937 0576	Detected object count: 17
14:48:21.0937 0576	Actual detected object count: 17
14:49:57.0843 0576	Acer Media Server ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0843 0576	Acer Media Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0843 0576	AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0843 0576	AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0859 0576	Afc ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0859 0576	Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0859 0576	Akamai ( HiddenFile.Multi.Generic ) - skipped by user
14:49:57.0859 0576	Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
14:49:57.0859 0576	ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0859 0576	ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0875 0576	ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0875 0576	ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0875 0576	ATITool ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0875 0576	ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0890 0576	AWINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0890 0576	AWINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0890 0576	BCM43XX ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0890 0576	BCM43XX ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0890 0576	CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0890 0576	CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0890 0576	CLSched ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0890 0576	CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0890 0576	CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0890 0576	CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0890 0576	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0890 0576	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0906 0576	int15.sys ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0906 0576	int15.sys ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0906 0576	NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0906 0576	NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0906 0576	SpyroService ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0906 0576	SpyroService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:49:57.0921 0576	UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
14:49:57.0921 0576	UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:04.0171 0448	============================================================
14:50:04.0171 0448	Scan started
14:50:04.0171 0448	Mode: Manual; SigCheck; TDLFS; 
14:50:04.0171 0448	============================================================
14:50:04.0500 0448	Abiosdsk - ok
14:50:04.0515 0448	abp480n5 - ok
14:50:04.0578 0448	Acer Media Server (ba875aa88898cdf5ecdd8213020c75c6) C:\Programme\Acer\Acer eConsole\MediaServerService.exe
14:50:04.0640 0448	Acer Media Server ( UnsignedFile.Multi.Generic ) - warning
14:50:04.0640 0448	Acer Media Server - detected UnsignedFile.Multi.Generic (1)
14:50:04.0687 0448	AcerMemUsageCheckService (3caabc2d0f87413eb1e0c7e0b3245e67) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
14:50:04.0703 0448	AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - warning
14:50:04.0703 0448	AcerMemUsageCheckService - detected UnsignedFile.Multi.Generic (1)
14:50:04.0718 0448	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:50:04.0859 0448	ACPI - ok
14:50:04.0890 0448	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:50:05.0015 0448	ACPIEC - ok
14:50:05.0062 0448	AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:50:05.0093 0448	AdobeFlashPlayerUpdateSvc - ok
14:50:05.0093 0448	adpu160m - ok
14:50:05.0125 0448	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:50:05.0296 0448	aec - ok
14:50:05.0312 0448	Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
14:50:05.0328 0448	Afc ( UnsignedFile.Multi.Generic ) - warning
14:50:05.0328 0448	Afc - detected UnsignedFile.Multi.Generic (1)
14:50:05.0343 0448	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:50:05.0406 0448	AFD - ok
14:50:05.0406 0448	Aha154x - ok
14:50:05.0421 0448	aic78u2 - ok
14:50:05.0437 0448	aic78xx - ok
14:50:05.0671 0448	Akamai          (c775d704feb2b600a5bf7b0b088546af) c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll
14:50:05.0671 0448	Suspicious file (Hidden): c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
14:50:05.0687 0448	Akamai ( HiddenFile.Multi.Generic ) - warning
14:50:05.0687 0448	Akamai - detected HiddenFile.Multi.Generic (1)
14:50:06.0015 0448	ALCXWDM         (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
14:50:06.0187 0448	ALCXWDM - ok
14:50:06.0265 0448	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
14:50:06.0437 0448	Alerter - ok
14:50:06.0468 0448	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
14:50:06.0531 0448	ALG - ok
14:50:06.0546 0448	AliIde - ok
14:50:06.0578 0448	AmdK8           (769844eb65df6a62aa51b886290fe51d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
14:50:06.0593 0448	AmdK8 - ok
14:50:06.0593 0448	amsint - ok
14:50:06.0640 0448	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
14:50:06.0656 0448	AntiVirSchedulerService - ok
14:50:06.0703 0448	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
14:50:06.0718 0448	AntiVirService - ok
14:50:06.0718 0448	AppMgmt - ok
14:50:06.0750 0448	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:50:06.0906 0448	Arp1394 - ok
14:50:06.0906 0448	asc - ok
14:50:06.0921 0448	asc3350p - ok
14:50:06.0937 0448	asc3550 - ok
14:50:06.0968 0448	ASCTRM          (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
14:50:06.0984 0448	ASCTRM ( UnsignedFile.Multi.Generic ) - warning
14:50:06.0984 0448	ASCTRM - detected UnsignedFile.Multi.Generic (1)
14:50:07.0062 0448	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:50:07.0078 0448	aspnet_state - ok
14:50:07.0078 0448	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:50:07.0203 0448	AsyncMac - ok
14:50:07.0234 0448	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:50:07.0343 0448	atapi - ok
14:50:07.0359 0448	Atdisk - ok
14:50:07.0390 0448	Ati HotKey Poller (42e4e2cf0406394bbce7eb358ae4e208) C:\WINDOWS\system32\Ati2evxx.exe
14:50:07.0453 0448	Ati HotKey Poller - ok
14:50:07.0500 0448	ATI Smart       (460741befbfc91c88934620bc546d172) C:\WINDOWS\system32\ati2sgag.exe
14:50:07.0515 0448	ATI Smart ( UnsignedFile.Multi.Generic ) - warning
14:50:07.0515 0448	ATI Smart - detected UnsignedFile.Multi.Generic (1)
14:50:07.0718 0448	ati2mtag        (81c3e6674d0609aa84c07681bca252de) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:50:07.0875 0448	ati2mtag - ok
14:50:08.0031 0448	AtiHdmiService  (d9bc8892b9440a2551b8148c57aa039e) C:\WINDOWS\system32\drivers\AtiHdmi.sys
14:50:08.0046 0448	AtiHdmiService - ok
14:50:08.0078 0448	ATITool         (d4ed96ac2fafee2c697436b9a2871cd3) C:\WINDOWS\system32\DRIVERS\ATITool.sys
14:50:08.0093 0448	ATITool ( UnsignedFile.Multi.Generic ) - warning
14:50:08.0093 0448	ATITool - detected UnsignedFile.Multi.Generic (1)
14:50:08.0109 0448	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:50:08.0281 0448	Atmarpc - ok
14:50:08.0296 0448	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
14:50:08.0421 0448	AudioSrv - ok
14:50:08.0437 0448	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:50:08.0546 0448	audstub - ok
14:50:08.0578 0448	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:50:08.0593 0448	avgntflt - ok
14:50:08.0609 0448	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:50:08.0625 0448	avipbb - ok
14:50:08.0640 0448	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:50:08.0656 0448	avkmgr - ok
14:50:08.0671 0448	AWINDIS5        (f62b70d3209e38a6c19a03109a25b903) C:\WINDOWS\system32\AWINDIS5.SYS
14:50:08.0671 0448	AWINDIS5 ( UnsignedFile.Multi.Generic ) - warning
14:50:08.0671 0448	AWINDIS5 - detected UnsignedFile.Multi.Generic (1)
14:50:08.0734 0448	BCM43XX         (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\wn311b.sys
14:50:08.0765 0448	BCM43XX ( UnsignedFile.Multi.Generic ) - warning
14:50:08.0765 0448	BCM43XX - detected UnsignedFile.Multi.Generic (1)
14:50:08.0781 0448	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:50:08.0921 0448	Beep - ok
14:50:08.0953 0448	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
14:50:09.0109 0448	BITS - ok
14:50:09.0140 0448	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
14:50:09.0328 0448	Browser - ok
14:50:09.0343 0448	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:50:09.0468 0448	cbidf2k - ok
14:50:09.0484 0448	cd20xrnt - ok
14:50:09.0500 0448	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:50:09.0640 0448	Cdaudio - ok
14:50:09.0656 0448	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:50:09.0765 0448	Cdfs - ok
14:50:09.0781 0448	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:50:09.0906 0448	Cdrom - ok
14:50:09.0906 0448	Changer - ok
14:50:09.0937 0448	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
14:50:10.0031 0448	CiSvc - ok
14:50:10.0093 0448	CLCapSvc        (cfbcf1def8779481e6695f4739621dde) C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe
14:50:10.0109 0448	CLCapSvc ( UnsignedFile.Multi.Generic ) - warning
14:50:10.0109 0448	CLCapSvc - detected UnsignedFile.Multi.Generic (1)
14:50:10.0125 0448	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
14:50:10.0250 0448	ClipSrv - ok
14:50:10.0312 0448	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:50:10.0312 0448	clr_optimization_v2.0.50727_32 - ok
14:50:10.0343 0448	CLSched         (418b3bf615cb329ef208055cad1108fc) C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe
14:50:10.0375 0448	CLSched ( UnsignedFile.Multi.Generic ) - warning
14:50:10.0375 0448	CLSched - detected UnsignedFile.Multi.Generic (1)
14:50:10.0390 0448	CmdIde - ok
14:50:10.0390 0448	COMSysApp - ok
14:50:10.0421 0448	Cpqarray - ok
14:50:10.0453 0448	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
14:50:10.0562 0448	CryptSvc - ok
14:50:10.0625 0448	CyberLink Media Library Service (1cfdcb99812c62e19c47896a5857d342) C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe
14:50:10.0671 0448	CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - warning
14:50:10.0671 0448	CyberLink Media Library Service - detected UnsignedFile.Multi.Generic (1)
14:50:10.0671 0448	dac2w2k - ok
14:50:10.0687 0448	dac960nt - ok
14:50:10.0750 0448	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:50:10.0765 0448	DcomLaunch - ok
14:50:10.0796 0448	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
14:50:10.0953 0448	Dhcp - ok
14:50:10.0968 0448	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:50:11.0078 0448	Disk - ok
14:50:11.0093 0448	dmadmin - ok
14:50:11.0156 0448	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
14:50:11.0281 0448	dmboot - ok
14:50:11.0312 0448	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
14:50:11.0437 0448	dmio - ok
14:50:11.0453 0448	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:50:11.0562 0448	dmload - ok
14:50:11.0578 0448	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
14:50:11.0703 0448	dmserver - ok
14:50:11.0718 0448	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:50:11.0843 0448	DMusic - ok
14:50:11.0859 0448	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
14:50:11.0875 0448	Dnscache - ok
14:50:11.0906 0448	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
14:50:12.0031 0448	Dot3svc - ok
14:50:12.0046 0448	dpti2o - ok
14:50:12.0062 0448	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:50:12.0203 0448	drmkaud - ok
14:50:12.0203 0448	EagleNT - ok
14:50:12.0218 0448	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
14:50:12.0328 0448	EapHost - ok
14:50:12.0343 0448	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
14:50:12.0484 0448	ERSvc - ok
14:50:12.0500 0448	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:50:12.0515 0448	Eventlog - ok
14:50:12.0546 0448	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
14:50:12.0578 0448	EventSystem - ok
14:50:12.0609 0448	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:50:12.0734 0448	Fastfat - ok
14:50:12.0765 0448	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:50:12.0781 0448	FastUserSwitchingCompatibility - ok
14:50:12.0796 0448	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:50:12.0937 0448	Fdc - ok
14:50:12.0968 0448	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
14:50:13.0078 0448	Fips - ok
14:50:13.0078 0448	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:50:13.0203 0448	Flpydisk - ok
14:50:13.0234 0448	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:50:13.0343 0448	FltMgr - ok
14:50:13.0406 0448	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:50:13.0421 0448	FontCache3.0.0.0 - ok
14:50:13.0437 0448	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:50:13.0578 0448	Fs_Rec - ok
14:50:13.0593 0448	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:50:13.0718 0448	Ftdisk - ok
14:50:13.0718 0448	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:50:13.0843 0448	Gpc - ok
14:50:13.0875 0448	gusvc - ok
14:50:13.0906 0448	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:50:14.0046 0448	HDAudBus - ok
14:50:14.0078 0448	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:50:14.0203 0448	helpsvc - ok
14:50:14.0234 0448	HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
14:50:14.0343 0448	HidServ - ok
14:50:14.0359 0448	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:50:14.0468 0448	hidusb - ok
14:50:14.0500 0448	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
14:50:14.0593 0448	hkmsvc - ok
14:50:14.0593 0448	hpn - ok
14:50:14.0640 0448	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:50:14.0687 0448	HTTP - ok
14:50:14.0718 0448	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
14:50:14.0828 0448	HTTPFilter - ok
14:50:14.0843 0448	i2omgmt - ok
14:50:14.0843 0448	i2omp - ok
14:50:14.0859 0448	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:50:14.0984 0448	i8042prt - ok
14:50:15.0187 0448	IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:50:15.0187 0448	IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:50:15.0187 0448	IDriverT - detected UnsignedFile.Multi.Generic (1)
14:50:15.0265 0448	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:50:15.0296 0448	idsvc - ok
14:50:15.0312 0448	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:50:15.0437 0448	Imapi - ok
14:50:15.0468 0448	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
14:50:15.0625 0448	ImapiService - ok
14:50:15.0625 0448	ini910u - ok
14:50:15.0687 0448	int15.sys       (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys
14:50:15.0703 0448	int15.sys ( UnsignedFile.Multi.Generic ) - warning
14:50:15.0703 0448	int15.sys - detected UnsignedFile.Multi.Generic (1)
14:50:15.0703 0448	IntelIde - ok
14:50:15.0750 0448	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:50:15.0875 0448	Ip6Fw - ok
14:50:15.0906 0448	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:50:16.0015 0448	IpFilterDriver - ok
14:50:16.0031 0448	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:50:16.0140 0448	IpInIp - ok
14:50:16.0171 0448	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:50:16.0312 0448	IpNat - ok
14:50:16.0328 0448	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:50:16.0437 0448	IPSec - ok
14:50:16.0453 0448	irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:50:16.0515 0448	irda - ok
14:50:16.0531 0448	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:50:16.0593 0448	IRENUM - ok
14:50:16.0609 0448	Irmon           (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
14:50:16.0671 0448	Irmon - ok
14:50:16.0703 0448	irsir           (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
14:50:16.0765 0448	irsir - ok
14:50:16.0781 0448	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:50:16.0890 0448	isapnp - ok
14:50:16.0968 0448	JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
14:50:16.0984 0448	JavaQuickStarterService - ok
14:50:17.0000 0448	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:50:17.0125 0448	Kbdclass - ok
14:50:17.0140 0448	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:50:17.0250 0448	kbdhid - ok
14:50:17.0281 0448	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:50:17.0406 0448	kmixer - ok
14:50:17.0421 0448	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:50:17.0453 0448	KSecDD - ok
14:50:17.0484 0448	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
14:50:17.0500 0448	lanmanserver - ok
14:50:17.0531 0448	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
14:50:17.0546 0448	lanmanworkstation - ok
14:50:17.0687 0448	Lavasoft Ad-Aware Service (4d99fca201b72e0f2ca996e357baa170) C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
14:50:17.0765 0448	Lavasoft Ad-Aware Service - ok
14:50:17.0796 0448	Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys
14:50:17.0812 0448	Lavasoft Kernexplorer - ok
14:50:18.0000 0448	Lbd             (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
14:50:18.0015 0448	Lbd - ok
14:50:18.0031 0448	lbrtfdc - ok
14:50:18.0062 0448	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
14:50:18.0265 0448	LmHosts - ok
14:50:18.0312 0448	mbr - ok
14:50:18.0390 0448	MDM             (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
14:50:18.0406 0448	MDM - ok
14:50:18.0421 0448	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
14:50:18.0562 0448	Messenger - ok
14:50:18.0593 0448	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:50:18.0703 0448	mnmdd - ok
14:50:18.0718 0448	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
14:50:18.0859 0448	mnmsrvc - ok
14:50:18.0890 0448	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
14:50:19.0015 0448	Modem - ok
14:50:19.0015 0448	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:50:19.0140 0448	Mouclass - ok
14:50:19.0156 0448	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:50:19.0265 0448	mouhid - ok
14:50:19.0281 0448	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:50:19.0390 0448	MountMgr - ok
14:50:19.0421 0448	MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
14:50:19.0437 0448	MozillaMaintenance - ok
14:50:19.0437 0448	mraid35x - ok
14:50:19.0468 0448	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:50:19.0609 0448	MRxDAV - ok
14:50:19.0656 0448	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:50:19.0703 0448	MRxSmb - ok
14:50:19.0734 0448	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
14:50:19.0843 0448	MSDTC - ok
14:50:19.0859 0448	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:50:19.0968 0448	Msfs - ok
14:50:19.0984 0448	MSIServer - ok
14:50:20.0000 0448	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:50:20.0125 0448	MSKSSRV - ok
14:50:20.0140 0448	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:50:20.0234 0448	MSPCLOCK - ok
14:50:20.0265 0448	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:50:20.0359 0448	MSPQM - ok
14:50:20.0390 0448	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:50:20.0484 0448	mssmbios - ok
14:50:20.0515 0448	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:50:20.0515 0448	Mup - ok
14:50:20.0546 0448	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
14:50:20.0656 0448	napagent - ok
14:50:20.0687 0448	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:50:20.0828 0448	NDIS - ok
14:50:20.0843 0448	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:50:20.0859 0448	NdisTapi - ok
14:50:20.0890 0448	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:50:20.0984 0448	Ndisuio - ok
14:50:21.0000 0448	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:50:21.0125 0448	NdisWan - ok
14:50:21.0140 0448	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:50:21.0140 0448	NDProxy - ok
14:50:21.0156 0448	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:50:21.0281 0448	NetBIOS - ok
14:50:21.0296 0448	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:50:21.0390 0448	NetBT - ok
14:50:21.0421 0448	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:50:21.0562 0448	NetDDE - ok
14:50:21.0562 0448	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
14:50:21.0687 0448	NetDDEdsdm - ok
14:50:21.0703 0448	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:50:21.0796 0448	Netlogon - ok
14:50:21.0828 0448	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
14:50:21.0937 0448	Netman - ok
14:50:22.0000 0448	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:50:22.0015 0448	NetTcpPortSharing - ok
14:50:22.0046 0448	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:50:22.0156 0448	NIC1394 - ok
14:50:22.0187 0448	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
14:50:22.0234 0448	Nla - ok
14:50:22.0250 0448	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:50:22.0375 0448	Npfs - ok
14:50:22.0406 0448	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:50:22.0546 0448	Ntfs - ok
14:50:22.0562 0448	NTIDrvr         (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
14:50:22.0578 0448	NTIDrvr ( UnsignedFile.Multi.Generic ) - warning
14:50:22.0578 0448	NTIDrvr - detected UnsignedFile.Multi.Generic (1)
14:50:22.0578 0448	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:50:22.0687 0448	NtLmSsp - ok
14:50:22.0734 0448	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
14:50:22.0843 0448	NtmsSvc - ok
14:50:22.0875 0448	NuidFltr        (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
14:50:22.0875 0448	NuidFltr - ok
14:50:22.0890 0448	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:50:22.0984 0448	Null - ok
14:50:23.0000 0448	nvatabus        (11d1ad7e946538e02f9ef6a6e1792061) C:\WINDOWS\system32\drivers\nvatabus.sys
14:50:23.0062 0448	nvatabus - ok
14:50:23.0078 0448	NVENETFD        (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
14:50:23.0093 0448	NVENETFD - ok
14:50:23.0093 0448	nvnetbus        (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
14:50:23.0109 0448	nvnetbus - ok
14:50:23.0125 0448	nvraid          (3bc8b9d8a744df75698fe35d52f18a0a) C:\WINDOWS\system32\drivers\nvraid.sys
14:50:23.0171 0448	nvraid - ok
14:50:23.0187 0448	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:50:23.0296 0448	NwlnkFlt - ok
14:50:23.0312 0448	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:50:23.0406 0448	NwlnkFwd - ok
14:50:23.0437 0448	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:50:23.0562 0448	ohci1394 - ok
14:50:23.0593 0448	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys
14:50:23.0703 0448	Parport - ok
14:50:23.0718 0448	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:50:23.0828 0448	PartMgr - ok
14:50:23.0843 0448	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
14:50:23.0937 0448	ParVdm - ok
14:50:23.0953 0448	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
14:50:24.0078 0448	PCI - ok
14:50:24.0078 0448	PCIDump - ok
14:50:24.0093 0448	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:50:24.0203 0448	PCIIde - ok
14:50:24.0218 0448	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:50:24.0328 0448	Pcmcia - ok
14:50:24.0328 0448	PDCOMP - ok
14:50:24.0343 0448	PDFRAME - ok
14:50:24.0359 0448	PDRELI - ok
14:50:24.0359 0448	PDRFRAME - ok
14:50:24.0375 0448	perc2 - ok
14:50:24.0390 0448	perc2hib - ok
14:50:24.0453 0448	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
14:50:24.0468 0448	PlugPlay - ok
14:50:24.0484 0448	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:50:24.0593 0448	PolicyAgent - ok
14:50:24.0609 0448	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:50:24.0718 0448	PptpMiniport - ok
14:50:24.0734 0448	Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
14:50:24.0859 0448	Processor - ok
14:50:24.0859 0448	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:50:24.0968 0448	ProtectedStorage - ok
14:50:25.0062 0448	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:50:25.0171 0448	PSched - ok
14:50:25.0218 0448	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:50:25.0312 0448	Ptilink - ok
14:50:25.0312 0448	ql1080 - ok
14:50:25.0328 0448	Ql10wnt - ok
14:50:25.0343 0448	ql12160 - ok
14:50:25.0359 0448	ql1240 - ok
14:50:25.0359 0448	ql1280 - ok
14:50:25.0390 0448	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:50:25.0484 0448	RasAcd - ok
14:50:25.0515 0448	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
14:50:25.0609 0448	RasAuto - ok
14:50:25.0640 0448	Rasirda         (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:50:25.0687 0448	Rasirda - ok
14:50:25.0703 0448	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:50:25.0812 0448	Rasl2tp - ok
14:50:25.0843 0448	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
14:50:26.0000 0448	RasMan - ok
14:50:26.0000 0448	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:50:26.0109 0448	RasPppoe - ok
14:50:26.0140 0448	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:50:26.0250 0448	Raspti - ok
14:50:26.0281 0448	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:50:26.0406 0448	Rdbss - ok
14:50:26.0421 0448	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:50:26.0515 0448	RDPCDD - ok
14:50:26.0546 0448	RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
14:50:26.0562 0448	RDPWD - ok
14:50:26.0593 0448	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
14:50:26.0703 0448	RDSessMgr - ok
14:50:26.0718 0448	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:50:26.0843 0448	redbook - ok
14:50:26.0859 0448	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
14:50:26.0984 0448	RemoteAccess - ok
14:50:27.0000 0448	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
14:50:27.0156 0448	RpcLocator - ok
14:50:27.0187 0448	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
14:50:27.0203 0448	RpcSs - ok
14:50:27.0250 0448	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
14:50:27.0390 0448	RSVP - ok
14:50:27.0406 0448	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
14:50:27.0531 0448	SamSs - ok
14:50:27.0546 0448	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
14:50:27.0703 0448	SCardSvr - ok
14:50:27.0734 0448	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
14:50:27.0890 0448	Schedule - ok
14:50:27.0906 0448	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:50:27.0968 0448	Secdrv - ok
14:50:27.0968 0448	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
14:50:28.0093 0448	seclogon - ok
14:50:28.0109 0448	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
14:50:28.0218 0448	SENS - ok
14:50:28.0234 0448	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:50:28.0343 0448	serenum - ok
14:50:28.0359 0448	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
14:50:28.0468 0448	Serial - ok
14:50:28.0500 0448	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:50:28.0609 0448	Sfloppy - ok
14:50:28.0640 0448	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
14:50:28.0812 0448	SharedAccess - ok
14:50:28.0843 0448	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:50:28.0859 0448	ShellHWDetection - ok
14:50:28.0859 0448	Simbad - ok
14:50:28.0875 0448	Sparrow - ok
14:50:28.0890 0448	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:50:29.0000 0448	splitter - ok
14:50:29.0031 0448	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:50:29.0046 0448	Spooler - ok
14:50:29.0078 0448	SpyroService    (bfae719594989d1f02b9e9cd86db293e) C:\Programme\FS\Spyro Portal\FlashPortal.exe
14:50:29.0093 0448	SpyroService ( UnsignedFile.Multi.Generic ) - warning
14:50:29.0093 0448	SpyroService - detected UnsignedFile.Multi.Generic (1)
14:50:29.0093 0448	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
14:50:29.0156 0448	sr - ok
14:50:29.0187 0448	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
14:50:29.0250 0448	srservice - ok
14:50:29.0281 0448	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:50:29.0296 0448	Srv - ok
14:50:29.0343 0448	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
14:50:29.0406 0448	SSDPSRV - ok
14:50:29.0421 0448	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
14:50:29.0437 0448	ssmdrv - ok
14:50:29.0468 0448	StillCam        (a2dbcc4c8860449df1ab758ea28b4de0) C:\WINDOWS\system32\DRIVERS\serscan.sys
14:50:29.0609 0448	StillCam - ok
14:50:29.0640 0448	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
14:50:29.0765 0448	stisvc - ok
14:50:29.0796 0448	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:50:29.0906 0448	swenum - ok
14:50:29.0906 0448	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:50:30.0031 0448	swmidi - ok
14:50:30.0031 0448	SwPrv - ok
14:50:30.0046 0448	symc810 - ok
14:50:30.0062 0448	symc8xx - ok
14:50:30.0062 0448	sym_hi - ok
14:50:30.0078 0448	sym_u3 - ok
14:50:30.0109 0448	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:50:30.0234 0448	sysaudio - ok
14:50:30.0250 0448	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
14:50:30.0375 0448	SysmonLog - ok
14:50:30.0390 0448	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
14:50:30.0531 0448	TapiSrv - ok
14:50:30.0562 0448	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:50:30.0578 0448	Tcpip - ok
14:50:30.0609 0448	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:50:30.0734 0448	TDPIPE - ok
14:50:30.0750 0448	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:50:30.0859 0448	TDTCP - ok
14:50:30.0875 0448	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:50:30.0984 0448	TermDD - ok
14:50:31.0015 0448	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
14:50:31.0140 0448	TermService - ok
14:50:31.0171 0448	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
14:50:31.0171 0448	Themes - ok
14:50:31.0187 0448	TosIde - ok
14:50:31.0218 0448	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
14:50:31.0359 0448	TrkWks - ok
14:50:31.0375 0448	UBHelper        (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
14:50:31.0390 0448	UBHelper ( UnsignedFile.Multi.Generic ) - warning
14:50:31.0390 0448	UBHelper - detected UnsignedFile.Multi.Generic (1)
14:50:31.0406 0448	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:50:31.0515 0448	Udfs - ok
14:50:31.0531 0448	ultra - ok
14:50:31.0578 0448	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:50:31.0671 0448	Update - ok
14:50:31.0703 0448	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
14:50:31.0781 0448	upnphost - ok
14:50:31.0796 0448	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
14:50:31.0953 0448	UPS - ok
14:50:31.0984 0448	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:50:32.0109 0448	usbccgp - ok
14:50:32.0125 0448	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:50:32.0250 0448	usbehci - ok
14:50:32.0265 0448	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:50:32.0375 0448	usbhub - ok
14:50:32.0390 0448	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:50:32.0500 0448	usbohci - ok
14:50:32.0515 0448	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:50:32.0609 0448	USBSTOR - ok
14:50:32.0625 0448	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:50:32.0765 0448	VgaSave - ok
14:50:32.0765 0448	ViaIde - ok
14:50:32.0796 0448	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
14:50:32.0906 0448	VolSnap - ok
14:50:32.0937 0448	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
14:50:33.0000 0448	VSS - ok
14:50:33.0015 0448	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
14:50:33.0125 0448	W32Time - ok
14:50:33.0140 0448	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:50:33.0265 0448	Wanarp - ok
14:50:33.0265 0448	wanatw - ok
14:50:33.0296 0448	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:50:33.0328 0448	Wdf01000 - ok
14:50:33.0328 0448	WDICA - ok
14:50:33.0359 0448	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:50:33.0468 0448	wdmaud - ok
14:50:33.0484 0448	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
14:50:33.0640 0448	WebClient - ok
14:50:33.0703 0448	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:50:33.0812 0448	winmgmt - ok
14:50:33.0843 0448	WinUSB          (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
14:50:33.0859 0448	WinUSB - ok
14:50:33.0890 0448	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
14:50:33.0890 0448	WmdmPmSN - ok
14:50:33.0921 0448	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:50:34.0062 0448	WmiApSrv - ok
14:50:34.0156 0448	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
14:50:34.0187 0448	WMPNetworkSvc - ok
14:50:34.0218 0448	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:50:34.0234 0448	WpdUsb - ok
14:50:34.0265 0448	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
14:50:34.0375 0448	wscsvc - ok
14:50:34.0390 0448	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
14:50:34.0500 0448	wuauserv - ok
14:50:34.0531 0448	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:50:34.0531 0448	WudfPf - ok
14:50:34.0562 0448	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:50:34.0609 0448	WudfRd - ok
14:50:34.0625 0448	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
14:50:34.0640 0448	WudfSvc - ok
14:50:34.0687 0448	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
14:50:34.0796 0448	WZCSVC - ok
14:50:34.0812 0448	XDva394 - ok
14:50:34.0828 0448	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
14:50:34.0953 0448	xmlprov - ok
14:50:34.0953 0448	ZD1211BU(ZyDAS) - ok
14:50:34.0968 0448	ZD1211U(ZyDAS) - ok
14:50:34.0984 0448	ZDPSp50 - ok
14:50:35.0031 0448	MBR (0x1B8)     (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0
14:50:38.0125 0448	\Device\Harddisk0\DR0 - ok
14:50:38.0156 0448	Boot (0x1200)   (333c6e6fde65f3fefacef0a674749c87) \Device\Harddisk0\DR0\Partition0
14:50:38.0156 0448	\Device\Harddisk0\DR0\Partition0 - ok
14:50:38.0171 0448	Boot (0x1200)   (83047847fabad226b373ccec927ef9ef) \Device\Harddisk0\DR0\Partition1
14:50:38.0171 0448	\Device\Harddisk0\DR0\Partition1 - ok
14:50:38.0171 0448	============================================================
14:50:38.0171 0448	Scan finished
14:50:38.0171 0448	============================================================
14:50:38.0187 0760	Detected object count: 17
14:50:38.0187 0760	Actual detected object count: 17
14:50:52.0890 0760	Acer Media Server ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0890 0760	Acer Media Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0906 0760	AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0906 0760	AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0906 0760	Afc ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0906 0760	Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0906 0760	Akamai ( HiddenFile.Multi.Generic ) - skipped by user
14:50:52.0906 0760	Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 
14:50:52.0906 0760	ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0906 0760	ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0921 0760	ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0921 0760	ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0921 0760	ATITool ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0921 0760	ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0921 0760	AWINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0921 0760	AWINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0937 0760	BCM43XX ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0937 0760	BCM43XX ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0937 0760	CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0937 0760	CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0953 0760	CLSched ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0953 0760	CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0953 0760	CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0953 0760	CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0953 0760	IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0953 0760	IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0953 0760	int15.sys ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0953 0760	int15.sys ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0953 0760	NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0953 0760	NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0953 0760	SpyroService ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0953 0760	SpyroService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:52.0953 0760	UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user
14:50:52.0953 0760	UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:50:58.0484 1104	Deinitialize success
         

Gruß
Barbara

Wieso hast du da so zwei völlig verschiedene Logfiles von TDSS?
Und eigentlich solltest du erstmal nur alles skippen und nichts entfernen!