Trojaner-Board - Nach Entfernung von EXP/Java.Vedenbi.Gen 14 Warnungen

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Nach Entfernung von EXP/Java.Vedenbi.Gen 14 Warnungen (https://www.trojaner-board.de/115698-entfernung-exp-java-vedenbi-gen-14-warnungen.html)

Nach Entfernung von EXP/Java.Vedenbi.Gen 14 Warnungen

Hallo an alle!
Ich bitte euch um Hilfe und erwähne sofort, dass ich absolut keine Ahnung vom Innenleben eines PC's habe, daher ersuche ich euch, falls mir jemand hilft, um absolut idiotensichere Erklärungen.
Mein Problem: Ich fand gestern mit Avira den Virus EXP/JAVA.Vedenbi.Gen und habe ihn in Quarantäne geschickt. Beim darauffolgenden Suchlauf wurde weder von Avira noch von Ad Aware mehr etwas gefunden. Seither habe ich aber 14 Warnungen. Kann das was mit dem Virus zu tun haben? Ich hatte noch nie mehr als 2 Warnungen. Weiters ist mir seit geraumer Zeit aufgefallen, dass der Bootvorgang immer länger dauert. Kann das auch mit dem Virus zu tun haben oder versteckt sich da noch irgendwo etwas?

Zitat:

Seither habe ich aber 14 Warnungen. Kann das was mit dem Virus zu tun haben? Ich hatte noch nie mehr als 2 Warnungen.

Du hast das AntIVir-Log nicht gepostet, keiner weiß dadurch was für Warnungen sein sollen und dementsprechend ist KEINE Aussage dazu möglich

Hallo Arne,
danke dass du dir mein Probelm anschauen willst.
Hier das Antivir-Log:

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 24. Mai 2012 09:32

Es wird nach 3743776 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Microsoft Windows XP
Windowsversion : (Service Pack 3) [5.1.2600]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : ACER
Versionsinformationen:
BUILD.DAT : 12.0.0.1125 41829 Bytes 02.05.2012 16:34:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 08.05.2012 17:03:25
AVSCAN.DLL : 12.3.0.15 66256 Bytes 08.05.2012 17:03:25
LUKE.DLL : 12.3.0.15 68304 Bytes 08.05.2012 17:03:26
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 08.05.2012 17:03:26
AVREG.DLL : 12.3.0.17 232200 Bytes 10.05.2012 17:02:54
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 09:49:21
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 06:56:15
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 06:56:21
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 06:59:15
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 06:59:40
VBASE005.VDF : 7.11.29.136 2166272 Bytes 10.05.2012 17:02:52
VBASE006.VDF : 7.11.29.137 2048 Bytes 10.05.2012 17:02:52
VBASE007.VDF : 7.11.29.138 2048 Bytes 10.05.2012 17:02:52
VBASE008.VDF : 7.11.29.139 2048 Bytes 10.05.2012 17:02:52
VBASE009.VDF : 7.11.29.140 2048 Bytes 10.05.2012 17:02:52
VBASE010.VDF : 7.11.29.141 2048 Bytes 10.05.2012 17:02:52
VBASE011.VDF : 7.11.29.142 2048 Bytes 10.05.2012 17:02:52
VBASE012.VDF : 7.11.29.143 2048 Bytes 10.05.2012 17:02:52
VBASE013.VDF : 7.11.29.144 2048 Bytes 10.05.2012 17:02:52
VBASE014.VDF : 7.11.30.3 198144 Bytes 14.05.2012 17:03:50
VBASE015.VDF : 7.11.30.69 186368 Bytes 17.05.2012 06:49:36
VBASE016.VDF : 7.11.30.143 223744 Bytes 21.05.2012 05:32:03
VBASE017.VDF : 7.11.30.207 287744 Bytes 23.05.2012 05:32:56
VBASE018.VDF : 7.11.30.208 2048 Bytes 23.05.2012 05:32:57
VBASE019.VDF : 7.11.30.209 2048 Bytes 23.05.2012 05:32:57
VBASE020.VDF : 7.11.30.210 2048 Bytes 23.05.2012 05:32:57
VBASE021.VDF : 7.11.30.211 2048 Bytes 23.05.2012 05:32:57
VBASE022.VDF : 7.11.30.212 2048 Bytes 23.05.2012 05:32:57
VBASE023.VDF : 7.11.30.213 2048 Bytes 23.05.2012 05:32:57
VBASE024.VDF : 7.11.30.214 2048 Bytes 23.05.2012 05:32:58
VBASE025.VDF : 7.11.30.215 2048 Bytes 23.05.2012 05:32:58
VBASE026.VDF : 7.11.30.216 2048 Bytes 23.05.2012 05:32:58
VBASE027.VDF : 7.11.30.217 2048 Bytes 23.05.2012 05:32:59
VBASE028.VDF : 7.11.30.218 2048 Bytes 23.05.2012 05:32:59
VBASE029.VDF : 7.11.30.219 2048 Bytes 23.05.2012 05:32:59
VBASE030.VDF : 7.11.30.220 2048 Bytes 23.05.2012 05:32:59
VBASE031.VDF : 7.11.30.222 2048 Bytes 23.05.2012 05:32:59
Engineversion : 8.2.10.68
AEVDF.DLL : 8.1.2.2 106868 Bytes 31.01.2012 06:55:38
AESCRIPT.DLL : 8.1.4.19 455034 Bytes 11.05.2012 17:03:55
AESCN.DLL : 8.1.8.2 131444 Bytes 20.04.2012 07:00:09
AESBX.DLL : 8.2.5.5 606579 Bytes 20.04.2012 07:00:11
AERDL.DLL : 8.1.9.15 639348 Bytes 31.01.2012 06:55:37
AEPACK.DLL : 8.2.16.13 807287 Bytes 11.05.2012 17:03:54
AEOFFICE.DLL : 8.1.2.28 201082 Bytes 27.04.2012 06:59:09
AEHEUR.DLL : 8.1.4.28 4800886 Bytes 18.05.2012 06:49:46
AEHELP.DLL : 8.1.21.0 254326 Bytes 11.05.2012 17:03:45
AEGEN.DLL : 8.1.5.28 422260 Bytes 27.04.2012 06:58:59
AEEXP.DLL : 8.1.0.40 82292 Bytes 18.05.2012 06:49:47
AEEMU.DLL : 8.1.3.0 393589 Bytes 31.01.2012 06:55:34
AECORE.DLL : 8.1.25.6 201078 Bytes 20.04.2012 06:59:54
AEBB.DLL : 8.1.1.0 53618 Bytes 31.01.2012 06:55:33
AVWINLL.DLL : 12.3.0.15 27344 Bytes 08.05.2012 17:03:25
AVPREF.DLL : 12.3.0.15 51920 Bytes 08.05.2012 17:03:25
AVREP.DLL : 12.3.0.15 179208 Bytes 08.05.2012 17:03:26
AVARKT.DLL : 12.3.0.15 211408 Bytes 08.05.2012 17:03:25
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 08.05.2012 17:03:25
SQLITE3.DLL : 3.7.0.1 398288 Bytes 08.05.2012 17:03:26
AVSMTP.DLL : 12.3.0.15 63440 Bytes 08.05.2012 17:03:25
NETNT.DLL : 12.3.0.15 17104 Bytes 08.05.2012 17:03:26
RCIMAGE.DLL : 12.3.0.15 4447952 Bytes 08.05.2012 17:03:25
RCTEXT.DLL : 12.3.0.15 98512 Bytes 08.05.2012 17:03:25

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: c:\programme\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Donnerstag, 24. Mai 2012 09:32

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD2
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD3
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD4
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'rsmsink.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'logon.scr' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'msdtc.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'AAWTray.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'alg.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiapsrv.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'Acer.Empowering.Framework.Launcher.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleToolbarNotifier.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'msmsgs.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'WN311B.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'qttask.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'AspireService.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'eRAgent.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SOUNDMAN.EXE' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLSched.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPortal.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'mdm.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'jqs.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMLServer.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLCapSvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'MemCheck.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'MediaServerService.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'AAWService.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '171' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2100' Dateien ).

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <ACER>
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\0\3d049340-79d8d3ec-4.0.29.0--temp
[WARNUNG] Unerwartetes Dateiende erreicht
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\40\34f5f568-25189608-temp
[WARNUNG] Unerwartetes Dateiende erreicht
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\40\34f5f568-3f917f9e-temp
[WARNUNG] Unerwartetes Dateiende erreicht
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\40\34f5f568-5d6a80c0-temp
[WARNUNG] Unerwartetes Dateiende erreicht
C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\60\5d2564fc-77fe6e5e-temp
[WARNUNG] Unerwartetes Dateiende erreicht
C:\Dokumente und Einstellungen\Harald\Eigene Dateien\Neuer Ordner (2)\avira_free_antivirus_de.exe
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Anwendungsdaten\Solid State Networks\Host.330347e7b32fd5e52eaeae4e81faa2ea8726f8c4\downloader.bundle
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Anwendungsdaten\Solid State Networks\Host.330347e7b32fd5e52eaeae4e81faa2ea8726f8c4\launcher.bundle
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Temp\bH2Cwa0J.exe.part
[WARNUNG] Unerwartetes Dateiende erreicht
C:\RECYCLER\S-1-5-21-4176108125-2712142671-340414201-1006\Dc921.7z
[WARNUNG] Die Komprimierungsmethode wird nicht unterstützt
C:\RECYCLER\S-1-5-21-4176108125-2712142671-340414201-1006\Dc922.7z
[WARNUNG] Die Komprimierungsmethode wird nicht unterstützt
C:\RECYCLER\S-1-5-21-4176108125-2712142671-340414201-1006\Dc926.exe
[WARNUNG] Unerwartetes Dateiende erreicht
C:\System Volume Information\_restore{1107CD76-A604-490C-8000-52E48BD8A404}\RP1349\A0565345.exe
[WARNUNG] Die Datei ist kennwortgeschützt
C:\System Volume Information\_restore{1107CD76-A604-490C-8000-52E48BD8A404}\RP1349\A0565348.exe
[WARNUNG] Die Datei ist kennwortgeschützt
Beginne mit der Suche in 'D:\' <ACERDATA>

Ende des Suchlaufs: Donnerstag, 24. Mai 2012 10:31
Benötigte Zeit: 58:50 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

9445 Verzeichnisse wurden überprüft
401815 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
401815 Dateien ohne Befall
17190 Archive wurden durchsucht
14 Warnungen
0 Hinweise
455531 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden

Danke im Voraus für deine Hilfe

Bitte erstmal routinemäßig einen Vollscan mit malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

Alles klar, danke für die Anleitung

Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.05.27.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Harald :: ACER[Administrator]

27.05.2012 10:58:14
mbam-log-2012-05-27 (10-58-14).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 291222
Laufzeit: 51 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Programme\Registry Doktor 2009 (Rogue.RegistryDoctor) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 2
C:\RECYCLER\S-1-5-21-4176108125-2712142671-340414201-1006\Dc931.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Programme\Registry Doktor 2009\R_DSchedule.txt (Rogue.RegistryDoctor) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=dd7052002b5ec849a84c3965d37d667a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-27 03:38:49
# local_time=2012-05-27 05:38:49 (+0100, Westeuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1792 16777191 100 0 3224971 3224971 0 0
# compatibility_mode=8192 67108863 100 0 328 328 0 0
# scanned=74336
# found=0
# cleaned=0
# scan_time=3107

Gruß
Barbara

Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Hallo,
funktioniert alles normal und mir fehlt auch nichts
Gruß
Barbara

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Code:

OTL logfile created on: 29.05.2012 14:36:24 - Run 1

OTL by OldTimer - Version 3.2.44.0     Folder = C:\Dokumente und Einstellungen\Harald\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

 

1,50 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 71,38% Memory free

2,85 Gb Paging File | 2,25 Gb Available in Paging File | 78,72% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 146,36 Gb Total Space | 120,70 Gb Free Space | 82,47% Space Free | Partition Type: NTFS

Drive D: | 146,81 Gb Total Space | 145,39 Gb Free Space | 99,03% Space Free | Partition Type: FAT32

Drive E: | 3,59 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive Z: | 931,19 Gb Total Space | 449,52 Gb Free Space | 48,27% Space Free | Partition Type: NTFS

 

Computer Name: ACER-75EEBC93E0 | User Name: Harald | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.05.29 14:32:50 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Harald\Desktop\OTL.exe

PRC - [2012.05.08 19:03:26 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe

PRC - [2012.05.08 19:03:25 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe

PRC - [2012.05.08 19:03:25 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe

PRC - [2012.05.08 19:03:25 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe

PRC - [2012.05.08 00:31:08 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe

PRC - [2012.04.05 12:34:26 | 001,529,152 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

PRC - [2012.04.05 12:34:26 | 001,220,928 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

PRC - [2012.01.31 15:43:34 | 000,048,128 | ---- | M] (FS) -- C:\Programme\FS\Spyro Portal\FlashPortal.exe

PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

PRC - [2011.10.27 19:54:27 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe

PRC - [2011.10.27 19:54:25 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe

PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007.02.13 17:02:18 | 001,138,688 | ---- | M] ( ) -- C:\Programme\NETGEAR\WN311B\Utility\WN311B.exe

PRC - [2006.06.09 12:24:18 | 000,110,592 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Acer eMode Management\AspireService.exe

PRC - [2006.06.01 14:40:54 | 000,413,696 | ---- | M] (Acer Inc.) -- C:\acer\Empowering Technology\eRecovery\eRAgent.exe

PRC - [2006.05.11 13:00:24 | 000,045,056 | ---- | M] (Acer Inc.) -- C:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe

PRC - [2006.05.04 14:53:36 | 000,438,272 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Acer eConsole\MediaServerService.exe

PRC - [2006.03.29 21:50:52 | 000,114,784 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe

PRC - [2006.03.29 21:50:50 | 000,266,338 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe

PRC - [2006.03.29 21:50:20 | 001,073,152 | ---- | M] (Cyberlink) -- C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe

PRC - [2006.03.29 20:53:34 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\acer\Empowering Technology\ePerformance\MemCheck.exe

PRC - [2005.09.22 17:42:00 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe

PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.05.12 13:07:13 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\7861cd979ea5db3fb7d30ed94fb0edd2\System.Web.ni.dll

MOD - [2012.05.12 13:07:03 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8dc4a28c456f81ee7399da21bd9d55aa\System.ServiceProcess.ni.dll

MOD - [2012.05.12 13:05:43 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll

MOD - [2012.05.12 13:05:35 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll

MOD - [2012.05.12 12:31:54 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll

MOD - [2012.05.12 12:31:48 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\995fcf39ead2c2a53e084505c2c67d49\System.Windows.Forms.ni.dll

MOD - [2012.05.12 12:31:34 | 001,591,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\8ca00132a08c69697adf1cda32ebd835\System.Drawing.ni.dll

MOD - [2012.05.12 12:29:54 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll

MOD - [2012.05.12 12:29:42 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll

MOD - [2012.05.12 12:28:58 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

MOD - [2012.05.08 19:03:26 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll

MOD - [2012.04.12 20:35:03 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_449375a1\system.drawing.dll

MOD - [2012.04.12 20:34:58 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ce86bb86\system.windows.forms.dll

MOD - [2012.04.12 20:34:44 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll

MOD - [2012.03.28 08:24:28 | 003,417,376 | ---- | M] () -- c:\Programme\Gemeinsame Dateien\Akamai\netsession_win_6c825ce.dll

MOD - [2012.02.05 13:41:50 | 000,181,616 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll

MOD - [2012.02.05 13:41:48 | 000,210,288 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll

MOD - [2012.01.09 08:04:55 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1efe84e3\mscorlib.dll

MOD - [2012.01.09 08:04:36 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_186b92ef\system.xml.dll

MOD - [2012.01.08 21:17:26 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_49adc62f\system.dll

MOD - [2012.01.08 21:17:19 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll

MOD - [2012.01.08 21:17:16 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll

MOD - [2011.11.03 16:02:24 | 000,142,336 | ---- | M] () -- C:\Programme\FS\Spyro Portal\SpyroLibrary.dll

MOD - [2011.09.08 19:58:43 | 000,430,568 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\VipreBridge.dll

MOD - [2011.09.08 19:58:39 | 000,589,184 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\RPAPI.dll

MOD - [2011.09.08 19:57:59 | 000,508,776 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft\Ad-Aware\Defs\thorax.aaw

MOD - [2011.08.18 15:25:12 | 000,308,560 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\Vipre.dll

MOD - [2009.11.23 14:14:48 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3321.40301__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:48 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3321.40319__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll

MOD - [2009.11.23 14:14:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll

MOD - [2009.11.23 14:14:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3321.40308__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:48 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll

MOD - [2009.11.23 14:14:48 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll

MOD - [2009.11.23 14:14:48 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3321.40422__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll

MOD - [2009.11.23 14:14:48 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3321.40417__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll

MOD - [2009.11.23 14:14:47 | 001,691,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3321.40317__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll

MOD - [2009.11.23 14:14:47 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3321.40369__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll

MOD - [2009.11.23 14:14:47 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3321.40399__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll

MOD - [2009.11.23 14:14:47 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3321.40384__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll

MOD - [2009.11.23 14:14:47 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3321.40378__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:47 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3321.40308__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:47 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3321.40357__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:47 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:46 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:46 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3321.40400__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:46 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3321.40318__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll

MOD - [2009.11.23 14:14:46 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3321.40362__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:46 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3321.40318__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:45 | 000,671,744 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3321.40415__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:45 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3321.40415__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:44 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3321.40346__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:44 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3321.40372__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll

MOD - [2009.11.23 14:14:43 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3321.40380__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:43 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3321.40310__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:43 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:43 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:43 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:43 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3321.40345__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:43 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3321.40324__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:43 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:42 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3321.40359__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:42 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3321.40340__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:42 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll

MOD - [2009.11.23 14:14:42 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:42 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:42 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3321.40355__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll

MOD - [2009.11.23 14:14:41 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll

MOD - [2009.11.23 14:14:41 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll

MOD - [2009.11.23 14:14:41 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll

MOD - [2009.11.23 14:14:41 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll

MOD - [2009.11.23 14:14:41 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll

MOD - [2009.11.23 14:14:41 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll

MOD - [2009.11.23 14:14:41 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll

MOD - [2009.11.23 14:14:41 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll

MOD - [2009.11.23 14:14:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll

MOD - [2009.11.23 14:14:40 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll

MOD - [2009.11.23 14:14:39 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll

MOD - [2009.11.23 14:14:39 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll

MOD - [2009.11.23 14:14:39 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll

MOD - [2009.11.23 14:14:39 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll

MOD - [2009.11.23 14:14:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll

MOD - [2009.11.23 14:14:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll

MOD - [2009.11.23 14:14:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll

MOD - [2009.11.23 14:14:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll

MOD - [2009.11.23 14:14:39 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll

MOD - [2009.11.23 14:14:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll

MOD - [2009.11.23 14:14:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll

MOD - [2009.11.23 14:14:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll

MOD - [2009.11.23 14:14:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll

MOD - [2009.11.23 14:14:39 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll

MOD - [2009.11.23 14:14:38 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll

MOD - [2009.11.23 14:14:38 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3294.18797__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll

MOD - [2009.11.23 14:14:38 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll

MOD - [2009.11.23 14:14:38 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll

MOD - [2009.11.23 14:14:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3294.18759__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll

MOD - [2009.11.23 14:14:38 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll

MOD - [2009.11.23 14:14:38 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3321.40431__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll

MOD - [2009.11.23 14:14:37 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3321.40409__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll

MOD - [2009.11.23 14:14:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll

MOD - [2009.11.23 14:14:37 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll

MOD - [2009.11.23 14:14:37 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll

MOD - [2009.11.23 14:14:36 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3321.40393__90ba9c70f846762e\MOM.Implementation.dll

MOD - [2009.11.23 14:14:36 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3321.40391__90ba9c70f846762e\LOG.Foundation.Implementation.dll

MOD - [2009.11.23 14:14:36 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll

MOD - [2009.11.23 14:14:36 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll

MOD - [2009.11.23 14:14:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll

MOD - [2009.11.23 14:14:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll

MOD - [2009.11.23 14:14:36 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll

MOD - [2009.11.23 14:14:36 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll

MOD - [2009.11.23 14:14:36 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3321.40297__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll

MOD - [2009.11.23 14:14:35 | 000,540,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3321.40387__90ba9c70f846762e\CLI.Component.Systemtray.dll

MOD - [2009.11.23 14:14:35 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Component.Wizard.dll

MOD - [2009.11.23 14:14:35 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3321.40298__90ba9c70f846762e\CLI.Component.Runtime.dll

MOD - [2009.11.23 14:14:35 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3321.40300__90ba9c70f846762e\CLI.Component.SkinFactory.dll

MOD - [2009.11.23 14:14:35 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll

MOD - [2009.11.23 14:14:35 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll

MOD - [2009.11.23 14:14:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll

MOD - [2009.11.23 14:14:34 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3321.40305__90ba9c70f846762e\CLI.Component.Dashboard.dll

MOD - [2009.11.23 14:14:34 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3321.40299__90ba9c70f846762e\ATIDEMOS.dll

MOD - [2009.11.23 14:14:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll

MOD - [2009.11.23 14:14:34 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll

MOD - [2009.11.23 14:14:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3321.40392__90ba9c70f846762e\CCC.Implementation.dll

MOD - [2009.11.23 14:14:34 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll

MOD - [2009.11.23 14:14:33 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3321.40298__90ba9c70f846762e\APM.Server.dll

MOD - [2009.11.23 14:14:33 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3321.40297__90ba9c70f846762e\AEM.Server.dll

MOD - [2008.10.30 15:39:12 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll

MOD - [2008.04.14 07:52:18 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2007.04.02 18:19:22 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll

MOD - [2007.01.18 10:29:22 | 000,102,400 | ---- | M] () -- C:\WINDOWS\system32\ASupplicant.dll

MOD - [2006.05.19 16:09:40 | 000,352,256 | ---- | M] () -- C:\acer\Empowering Technology\eRecovery\it41.dll

MOD - [2006.05.15 22:11:16 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll

MOD - [2006.05.15 22:11:16 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll

MOD - [2006.05.15 22:11:16 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll

MOD - [2006.05.15 22:11:16 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll

MOD - [2006.05.15 22:10:18 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll

MOD - [2006.05.15 22:10:18 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll

MOD - [2006.05.15 22:10:18 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\system.serviceprocess.resources\1.0.5000.0_de_b03f5f7f11d50a3a\system.serviceprocess.resources.dll

MOD - [2006.05.04 14:50:54 | 000,151,552 | ---- | M] () -- C:\Programme\Acer\Acer eConsole\MediaUtil.dll

MOD - [2006.05.04 14:47:50 | 000,737,280 | ---- | M] () -- C:\Programme\Acer\Acer eConsole\log4cxx.dll

MOD - [2006.03.29 21:50:52 | 000,114,784 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe

MOD - [2006.03.29 21:50:50 | 000,266,338 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe

MOD - [2006.03.29 21:50:42 | 000,225,384 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLCapEngine.dll

MOD - [2006.03.29 21:50:42 | 000,065,634 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLSchMgr.dll

MOD - [2006.03.29 21:50:42 | 000,032,768 | ---- | M] () -- C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvcps.dll

MOD - [2006.01.12 09:33:34 | 000,212,992 | ---- | M] () -- C:\acer\Empowering Technology\eRecovery\imagefile.dll

MOD - [2002.11.26 13:43:18 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\BrMuSNMP.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [On_Demand | Stopped] -- C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)

SRV - [2012.05.08 19:03:26 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012.05.08 19:03:25 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012.05.05 09:24:31 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.05.03 07:50:06 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.04.05 12:34:26 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2012.03.28 08:24:28 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\programme\gemeinsame dateien\akamai/netsession_win_6c825ce.dll -- (Akamai)

SRV - [2012.01.31 15:43:34 | 000,048,128 | ---- | M] (FS) [Auto | Running] -- C:\Programme\FS\Spyro Portal\FlashPortal.exe -- (SpyroService)

SRV - [2011.10.27 19:54:25 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)

SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

SRV - [2008.04.14 07:52:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)

SRV - [2008.04.14 07:52:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)

SRV - [2008.04.14 07:52:40 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)

SRV - [2008.04.14 07:52:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)

SRV - [2008.04.14 07:52:16 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)

SRV - [2008.04.14 07:52:08 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)

SRV - [2006.05.04 14:53:36 | 000,438,272 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Programme\Acer\Acer eConsole\MediaServerService.exe -- (Acer Media Server)

SRV - [2006.03.29 21:50:52 | 000,114,784 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)

SRV - [2006.03.29 21:50:50 | 000,266,338 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)

SRV - [2006.03.29 21:50:20 | 001,073,152 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)

SRV - [2006.03.29 20:53:34 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)

SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZDPSp50.sys -- (ZDPSp50)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zd1211u.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zd1211Bu.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva394.sys -- (XDva394)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\Harald\LOKALE~1\Temp\mbr.sys -- (mbr)

DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)

DRV - File not found [Kernel | System | Stopped] --  -- (Changer)

DRV - [2012.05.08 19:03:26 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2012.05.08 19:03:26 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2012.03.29 16:32:12 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2011.09.16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)

DRV - [2011.08.18 15:25:12 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)

DRV - [2011.08.18 15:25:12 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)

DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009.07.13 17:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)

DRV - [2009.02.04 09:27:20 | 003,488,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2008.10.31 20:52:16 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV - [2008.04.14 07:32:18 | 000,120,576 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)

DRV - [2008.04.14 07:28:20 | 000,154,112 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)

DRV - [2008.04.14 07:28:14 | 000,800,384 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)

DRV - [2008.04.14 00:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)

DRV - [2007.08.08 18:54:10 | 000,028,968 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)

DRV - [2006.10.12 16:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wn311b.sys -- (BCM43XX)

DRV - [2006.09.29 19:49:06 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)

DRV - [2006.03.03 13:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2006.03.03 13:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2005.09.22 17:34:00 | 003,727,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2005.08.12 15:31:12 | 000,098,432 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)

DRV - [2005.03.09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)

DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)

DRV - [2004.08.04 06:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)

DRV - [2004.08.04 06:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)

DRV - [2004.08.04 06:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)

DRV - [2004.08.04 06:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)

DRV - [2002.04.11 17:43:44 | 000,016,194 | ---- | M] (AMBIT Microsystems Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\AWINDIS5.SYS -- (AWINDIS5)

DRV - [2001.08.17 14:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

 

 

IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..\SearchScopes,DefaultScope = {76070548-D27D-49E2-AE55-B929389AAAFF}

IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC

IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..\SearchScopes\{76070548-D27D-49E2-AE55-B929389AAAFF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=

IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "hxxp://at.msn.com/?ocid=iefvrt"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.05.03 07:50:06 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.09.04 08:35:54 | 000,000,000 | ---D | M]

 

[2009.04.22 17:21:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Extensions

[2012.05.02 15:56:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions

[2011.09.30 19:52:28 | 000,000,000 | ---D | M] () -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}

[2010.05.10 08:38:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2012.03.19 11:37:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.05.03 07:50:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2012.02.18 14:38:45 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll

[2011.10.01 21:48:09 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.10.01 21:48:09 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2011.10.01 21:48:09 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2011.10.01 21:48:09 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.10.01 21:48:09 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.10.01 21:48:09 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.04.16 16:21:06 | 000,305,232 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 127.0.0.1        123haustiereundmehr.com

O1 - Hosts: 10508 more lines...

O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O3 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O4 - HKLM..\Run: [AS00_WN311B] C:\Programme\NETGEAR\WN311B\Utility\WN311B.exe ( )

O4 - HKLM..\Run: [AspireService] C:\Programme\Acer\Acer eMode Management\AspireService.exe (Acer Inc.)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [eRecoveryService] C:\acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)

O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\Harald\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc)

O4 - HKU\.DEFAULT..\RunOnce: [AutoLaunch] C:\Programme\Lavasoft\Ad-Aware\AutoLaunch.exe ()

O4 - HKU\S-1-5-18..\RunOnce: [AutoLaunch] C:\Programme\Lavasoft\Ad-Aware\AutoLaunch.exe ()

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acer Empowering Technology.lnk = C:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00  [binary data]

O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)

O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)

O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: //@install.mar@ ([]msni in My Computer)

O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: //@mail.mar@ ([]msni in Local intranet)

O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)

O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..Trusted Domains: sony.com ([]* in Trusted sites)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229084475500 (WUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7BD96D4-BF78-4A87-B09B-311AC4B0F0E5}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA6412CF-EB72-45D3-ADB1-D80B60595D34}: NameServer = 10.0.0.254

O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.05.15 22:13:38 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell - "" = AutoRun

O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell\AutoRun\command - "" = J:\LGAutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (OODBS)

O34 - HKLM BootExecute: (lsdelete)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

NetSvcs: 6to4 -  File not found

NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found

NetSvcs: Ias -  File not found

NetSvcs: Iprip -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: WmdmPmSp -  File not found

 

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Acrobat Assistant.lnk - C:\Programme\Adobe\Acrobat 5.0\Distillr\AcroTray.exe - (Adobe Systems Inc.)

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk - C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Synchronizer.lnk - C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - ()

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^AOL 9.0 Tray-Symbol.lnk -  - File not found

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Ashampoo AntiVirus Service.lnk -  - File not found

MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)

MsConfig - StartUpReg: Acer Empowering Technology Monitor - hkey= - key= -  File not found

MsConfig - StartUpReg: AOLDialer - hkey= - key= -  File not found

MsConfig - StartUpReg: BrMfcWnd - hkey= - key= - C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)

MsConfig - StartUpReg: ControlCenter3 - hkey= - key= - C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)

MsConfig - StartUpReg: GameXN (news) - hkey= - key= -  File not found

MsConfig - StartUpReg: GameXN (update) - hkey= - key= -  File not found

MsConfig - StartUpReg: IMJPMIG8.1 - hkey= - key= - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

MsConfig - StartUpReg: IndexSearch - hkey= - key= - C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)

MsConfig - StartUpReg: ISTray - hkey= - key= -  File not found

MsConfig - StartUpReg: LaunchApp - hkey= - key= - C:\WINDOWS\Alaunch.exe (Acer Inc.)

MsConfig - StartUpReg: MediaSync - hkey= - key= - C:\Programme\Acer\Acer eConsole\MediaSync.exe (Acer Inc.)

MsConfig - StartUpReg: MSPY2002 - hkey= - key= -  File not found

MsConfig - StartUpReg: ntiMUI - hkey= - key= - c:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe ()

MsConfig - StartUpReg: PaperPort PTD - hkey= - key= - C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)

MsConfig - StartUpReg: PCMService - hkey= - key= - C:\Program Files\Acer TV-FM\PCMService.exe (CyberLink Corp.)

MsConfig - StartUpReg: PHIME2002A - hkey= - key= -  File not found

MsConfig - StartUpReg: PHIME2002ASync - hkey= - key= -  File not found

MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Computer, Inc.)

MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Programme\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

MsConfig - StartUpReg: Skype - hkey= - key= -  File not found

MsConfig - StartUpReg: SSBkgdUpdate - hkey= - key= - C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 2

 

SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: Lavasoft Ad-Aware Service - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vds - Service

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: Lavasoft Ad-Aware Service - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)

ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)

ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - 

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp -  File not found

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.05.29 14:32:50 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Harald\Desktop\OTL.exe

[2012.05.27 16:41:35 | 000,000,000 | ---D | C] -- C:\Programme\ESET

[2012.05.27 10:56:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Malwarebytes

[2012.05.27 10:55:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2012.05.27 10:55:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2012.05.27 10:55:56 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.05.27 10:55:56 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2012.05.26 19:45:23 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe

[2012.05.26 19:45:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012

[2012.05.26 19:45:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\TuneUp Software

[2012.05.26 19:44:50 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012

[2012.05.26 19:44:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software

[2012.05.26 19:43:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}

[2012.05.26 19:43:33 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files

[2012.05.24 15:33:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Harald\Eigene Dateien\gmer

[2012.05.24 15:05:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip

[2012.05.24 15:05:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Harald\Desktop\7-Zip

[2012.05.24 10:49:33 | 000,607,260 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\Harald\Desktop\dds.com

[2012.05.16 15:33:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BigFishGamesCache

[2012.05.03 07:50:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla

[2012.05.03 07:50:09 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service

[2 C:\Dokumente und Einstellungen\Harald\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Harald\Eigene Dateien\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.05.29 14:32:50 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Harald\Desktop\OTL.exe

[2012.05.29 14:24:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012.05.29 13:20:25 | 000,000,484 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

[2012.05.29 13:19:29 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012.05.29 13:19:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012.05.29 13:19:19 | 1609,093,120 | -HS- | M] () -- C:\hiberfil.sys

[2012.05.29 13:19:17 | 000,604,989 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor

[2012.05.27 19:52:36 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat

[2012.05.27 19:52:36 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat

[2012.05.27 10:55:57 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.05.26 19:45:20 | 000,001,715 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk

[2012.05.26 19:45:20 | 000,001,711 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk

[2012.05.24 15:53:09 | 000,064,844 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald\Desktop\gmer1.zip

[2012.05.24 15:40:23 | 000,045,126 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald\Eigene Dateien\gmer.7z

[2012.05.24 15:11:52 | 000,000,144 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald\Desktop\Anhänge verwalten - Trojaner-Board.URL

[2012.05.24 11:06:36 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald\Desktop\fwnxi4l8.exe

[2012.05.24 10:49:34 | 000,607,260 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\Harald\Desktop\dds.com

[2012.05.24 10:44:48 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Harald\defogger_reenable

[2012.05.24 10:37:57 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.05.16 11:09:45 | 000,000,040 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\_rgpl

[2012.05.16 11:04:37 | 000,000,211 | RHS- | M] () -- C:\boot.ini

[2012.05.12 12:34:13 | 000,246,312 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.05.12 12:29:15 | 000,461,100 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2012.05.12 12:29:15 | 000,443,038 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012.05.12 12:29:15 | 000,085,832 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2012.05.12 12:29:15 | 000,072,304 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012.05.12 12:26:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012.05.08 19:03:26 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2012.05.08 19:03:26 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2 C:\Dokumente und Einstellungen\Harald\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Harald\Eigene Dateien\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.05.27 10:55:57 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.05.26 19:45:20 | 000,001,717 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk

[2012.05.26 19:45:20 | 000,001,715 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk

[2012.05.26 19:45:20 | 000,001,711 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk

[2012.05.24 15:53:09 | 000,064,844 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald\Desktop\gmer1.zip

[2012.05.24 15:38:13 | 000,045,126 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald\Eigene Dateien\gmer.7z

[2012.05.24 15:11:52 | 000,000,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald\Desktop\Anhänge verwalten - Trojaner-Board.URL

[2012.05.24 11:06:35 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald\Desktop\fwnxi4l8.exe

[2012.05.24 10:44:48 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Harald\defogger_reenable

[2012.05.16 11:09:45 | 000,000,040 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\_rgpl

[2012.03.02 13:23:05 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe

[2012.02.15 08:09:16 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011.09.11 19:53:26 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat

[2011.09.11 19:53:26 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat

 
 ========== LOP Check ==========

 

[2012.05.26 19:43:33 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files

[2006.10.05 16:12:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eConsole

[2008.04.09 20:46:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\m2backup

[2008.04.09 20:46:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mquadr.at

[2007.05.04 22:08:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NtiDvdCopy

[2008.04.16 22:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft

[2009.04.06 20:48:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

[2012.05.26 19:45:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software

[2006.09.29 19:49:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint

[2012.05.26 19:43:33 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}

[2012.02.07 13:42:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\.minecraft

[2009.04.06 15:36:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Auslogics

[2011.10.29 09:57:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\cerasus.media

[2012.03.22 15:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\FOG Downloader

[2008.02.01 18:24:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\InterTrust

[2008.04.09 20:46:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\mquadr.at

[2012.03.19 15:07:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sony Online Entertainment

[2009.02.27 21:45:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\SPAMfighter

[2012.05.26 19:45:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\TuneUp Software

[2008.11.13 16:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Viewpoint

[2012.05.29 13:20:25 | 000,000,484 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2012.02.07 13:42:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\.minecraft

[2008.04.22 21:17:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Adobe

[2006.10.31 10:14:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\AdobeUM

[2009.04.16 19:43:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\AOL

[2009.11.23 14:27:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\ATI

[2009.04.06 15:36:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Auslogics

[2012.04.20 09:02:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Avira

[2008.06.12 17:10:52 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Brother

[2011.10.29 09:57:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\cerasus.media

[2008.01.14 19:20:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\CyberLink

[2012.03.22 15:31:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\FOG Downloader

[2008.04.17 19:07:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Google

[2008.04.13 19:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Help

[2006.09.12 01:25:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Identities

[2008.04.16 22:13:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\InstallShield

[2008.02.01 18:24:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\InterTrust

[2008.04.04 17:10:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Macromedia

[2012.05.27 10:56:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Malwarebytes

[2012.03.24 14:48:41 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Microsoft

[2009.04.22 17:21:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla

[2008.04.09 20:46:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\mquadr.at

[2012.05.16 07:07:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Skype

[2011.09.27 16:05:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\skypePM

[2012.03.19 15:07:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sony Online Entertainment

[2009.02.27 21:45:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\SPAMfighter

[2008.09.06 10:58:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Sun

[2012.05.26 19:45:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\TuneUp Software

[2008.11.13 16:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Viewpoint

[2006.09.29 19:49:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\You've Got Pictures Screensaver

 
 < %APPDATA%\*.exe /s >

[2006.09.29 20:24:44 | 000,032,768 | R--- | M] () -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Microsoft\Installer\{4CB85172-FE20-4922-9190-4E45D8E5500A}\_E8403F91F070_48C9_B83F_3EECABD028C2.exe

[2009.11.23 14:12:28 | 000,009,158 | R--- | M] () -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe

[2007.12.22 13:24:56 | 000,028,672 | R--- | M] () -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Microsoft\Installer\{8FFBF26D-1938-4514-A276-DC18BED89887}\_CAAA66822132_46B4_AE7F_B4EBCFFCCEEB.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2004.08.04 06:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys

[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys

[2004.08.04 06:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

 
 < MD5 for: ATAPI.SYS  >

[2004.08.04 06:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys

[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys

[2004.08.04 06:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004.08.04 06:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

 
 < MD5 for: EVENTLOG.DLL  >

[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll

[2004.08.04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

 
 < MD5 for: NETLOGON.DLL  >

[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll

[2004.08.04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

 
 < MD5 for: NVATABUS.SYS  >

[2005.08.12 15:31:12 | 000,098,432 | ---- | M] (NVIDIA Corporation) MD5=11D1AD7E946538E02F9EF6A6E1792061 -- C:\WINDOWS\OemDir\nvatabus.sys

[2005.08.12 15:31:12 | 000,098,432 | ---- | M] (NVIDIA Corporation) MD5=11D1AD7E946538E02F9EF6A6E1792061 -- C:\WINDOWS\system32\drivers\nvatabus.sys

[2006.03.16 16:51:32 | 000,099,840 | ---- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\drv\raid\NVATABUS.SYS

 
 < MD5 for: SCECLI.DLL  >

[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll

[2004.08.04 06:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll

[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll

[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll

[2004.08.04 06:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll

[2007.03.08 17:48:39 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll

[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll

[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2011.10.06 20:11:56 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe

[2004.08.04 06:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2004.08.04 06:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2004.08.04 06:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys

[2004.08.04 06:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2006.05.15 22:51:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2006.05.15 22:51:26 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2006.05.15 22:51:26 | 000,450,560 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 88 bytes -> C:\Dokumente und Einstellungen\Harald\Eigene Dateien\Stellungnahme RW 100408.pdf:SummaryInformation

@Alternate Data Stream - 116 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1

@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
 

< End of report >

Entschuldige dass ich das mit der Code Box nicht mitbekommen habe,
ich hoffe, dass ich das so richtig gemacht habe

Gruß
Barbara

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

FF - user.js - File not found

[2010.05.10 08:38:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

O3 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00  [binary data]

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.05.15 22:13:38 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell - "" = AutoRun

O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\Shell\AutoRun\command - "" = J:\LGAutoRun.exe

@Alternate Data Stream - 116 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1

@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

:Commands

[purity]

[emptytemp]

[emptyflash]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Alles erledigt

Code:

 All processes killed

========== OTL ==========

C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.

C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.

C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.

C:\Dokumente und Einstellungen\Harald\Anwendungsdaten\Mozilla\Firefox\Profiles\bzuq2dh3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.

Registry value HKEY_USERS\S-1-5-21-4176108125-2712142671-340414201-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.

Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.

Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

Registry value HKEY_USERS\S-1-5-21-4176108125-2712142671-340414201-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

C:\AUTOEXEC.BAT moved successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d366418-1002-11e0-893e-00184d56af9d}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d366418-1002-11e0-893e-00184d56af9d}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d366418-1002-11e0-893e-00184d56af9d}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d366418-1002-11e0-893e-00184d56af9d}\ not found.

File J:\LGAutoRun.exe not found.

ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1 deleted successfully.

ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

 

User: Harald

->Temp folder emptied: 366885328 bytes

->Temporary Internet Files folder emptied: 27429748 bytes

->Java cache emptied: 377271 bytes

->FireFox cache emptied: 418523344 bytes

->Flash cache emptied: 84906270 bytes

 

User: LocalService

->Temp folder emptied: 82513 bytes

->Temporary Internet Files folder emptied: 13022100 bytes

->FireFox cache emptied: 3627531 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 10872389 bytes

RecycleBin emptied: 1646421098 bytes

 

Total Files Cleaned = 2.453,00 mb

 

 

[EMPTYFLASH]

 

User: Administrator

 

User: All Users

 

User: Default User

 

User: Harald

->Flash cache emptied: 0 bytes

 

User: LocalService

 

User: NetworkService

 

Total Flash Files Cleaned = 0,00 mb

 

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.44.0 log created on 05292012_160430
 

Files\Folders moved on Reboot...

File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7e0.dat not found!
 

Registry entries deleted on Reboot...

Danke und Gruß

Barbara

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Code:

 14:36:36.0375 1660        TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30

14:36:36.0953 1660        ============================================================

14:36:36.0953 1660        Current date / time: 2012/05/30 14:36:36.0953

14:36:36.0953 1660        SystemInfo:

14:36:36.0953 1660        

14:36:36.0953 1660        OS Version: 5.1.2600 ServicePack: 3.0

14:36:36.0953 1660        Product type: Workstation

14:36:36.0953 1660        ComputerName: ACER-75EEBC93E0

14:36:36.0953 1660        UserName: Harald

14:36:36.0953 1660        Windows directory: C:\WINDOWS

14:36:36.0953 1660        System windows directory: C:\WINDOWS

14:36:36.0953 1660        Processor architecture: Intel x86

14:36:36.0953 1660        Number of processors: 2

14:36:36.0953 1660        Page size: 0x1000

14:36:36.0953 1660        Boot type: Normal boot

14:36:36.0953 1660        ============================================================

14:36:38.0062 1660        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

14:36:38.0093 1660        ============================================================

14:36:38.0093 1660        \Device\Harddisk0\DR0:

14:36:38.0093 1660        MBR partitions:

14:36:38.0093 1660        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x9C263D, BlocksNum 0x124B8022

14:36:38.0093 1660        \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x12E7A65F, BlocksNum 0x125B3062

14:36:38.0093 1660        ============================================================

14:36:38.0125 1660        C: <-> \Device\Harddisk0\DR0\Partition0

14:36:38.0140 1660        D: <-> \Device\Harddisk0\DR0\Partition1

14:36:38.0140 1660        ============================================================

14:36:38.0140 1660        Initialize success

14:36:38.0140 1660        ============================================================

14:36:59.0359 3576        ============================================================

14:36:59.0359 3576        Scan started

14:36:59.0359 3576        Mode: Manual; 

14:36:59.0359 3576        ============================================================

14:36:59.0640 3576        Abiosdsk - ok

14:36:59.0656 3576        abp480n5 - ok

14:36:59.0734 3576        Acer Media Server (ba875aa88898cdf5ecdd8213020c75c6) C:\Programme\Acer\Acer eConsole\MediaServerService.exe

14:36:59.0750 3576        Acer Media Server - ok

14:36:59.0796 3576        AcerMemUsageCheckService (3caabc2d0f87413eb1e0c7e0b3245e67) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

14:36:59.0796 3576        AcerMemUsageCheckService - ok

14:36:59.0828 3576        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

14:36:59.0875 3576        ACPI - ok

14:36:59.0890 3576        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys

14:36:59.0890 3576        ACPIEC - ok

14:36:59.0953 3576        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

14:36:59.0968 3576        AdobeFlashPlayerUpdateSvc - ok

14:36:59.0968 3576        adpu160m - ok

14:37:00.0000 3576        aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

14:37:00.0015 3576        aec - ok

14:37:00.0046 3576        Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys

14:37:00.0046 3576        Afc - ok

14:37:00.0078 3576        AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

14:37:00.0109 3576        AFD - ok

14:37:00.0109 3576        Aha154x - ok

14:37:00.0125 3576        aic78u2 - ok

14:37:00.0140 3576        aic78xx - ok

14:37:00.0406 3576        Akamai          (c775d704feb2b600a5bf7b0b088546af) c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll

14:37:00.0406 3576        Suspicious file (Hidden): c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af

14:37:00.0421 3576        Akamai ( HiddenFile.Multi.Generic ) - warning

14:37:00.0421 3576        Akamai - detected HiddenFile.Multi.Generic (1)

14:37:00.0781 3576        ALCXWDM         (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

14:37:00.0890 3576        ALCXWDM - ok

14:37:00.0968 3576        Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll

14:37:00.0968 3576        Alerter - ok

14:37:00.0984 3576        ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe

14:37:00.0984 3576        ALG - ok

14:37:01.0000 3576        AliIde - ok

14:37:01.0031 3576        AmdK8           (769844eb65df6a62aa51b886290fe51d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys

14:37:01.0031 3576        AmdK8 - ok

14:37:01.0046 3576        amsint - ok

14:37:01.0125 3576        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe

14:37:01.0125 3576        AntiVirSchedulerService - ok

14:37:01.0187 3576        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe

14:37:01.0203 3576        AntiVirService - ok

14:37:01.0203 3576        AppMgmt - ok

14:37:01.0234 3576        Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

14:37:01.0234 3576        Arp1394 - ok

14:37:01.0250 3576        asc - ok

14:37:01.0265 3576        asc3350p - ok

14:37:01.0265 3576        asc3550 - ok

14:37:01.0312 3576        ASCTRM          (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

14:37:01.0312 3576        ASCTRM - ok

14:37:01.0390 3576        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

14:37:01.0390 3576        aspnet_state - ok

14:37:01.0406 3576        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

14:37:01.0406 3576        AsyncMac - ok

14:37:01.0421 3576        atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

14:37:01.0437 3576        atapi - ok

14:37:01.0437 3576        Atdisk - ok

14:37:01.0500 3576        Ati HotKey Poller (42e4e2cf0406394bbce7eb358ae4e208) C:\WINDOWS\system32\Ati2evxx.exe

14:37:01.0546 3576        Ati HotKey Poller - ok

14:37:01.0593 3576        ATI Smart       (460741befbfc91c88934620bc546d172) C:\WINDOWS\system32\ati2sgag.exe

14:37:01.0609 3576        ATI Smart - ok

14:37:01.0812 3576        ati2mtag        (81c3e6674d0609aa84c07681bca252de) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

14:37:01.0921 3576        ati2mtag - ok

14:37:02.0078 3576        AtiHdmiService  (d9bc8892b9440a2551b8148c57aa039e) C:\WINDOWS\system32\drivers\AtiHdmi.sys

14:37:02.0078 3576        AtiHdmiService - ok

14:37:02.0109 3576        ATITool         (d4ed96ac2fafee2c697436b9a2871cd3) C:\WINDOWS\system32\DRIVERS\ATITool.sys

14:37:02.0109 3576        ATITool - ok

14:37:02.0125 3576        Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

14:37:02.0125 3576        Atmarpc - ok

14:37:02.0171 3576        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll

14:37:02.0171 3576        AudioSrv - ok

14:37:02.0187 3576        audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

14:37:02.0187 3576        audstub - ok

14:37:02.0218 3576        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

14:37:02.0234 3576        avgntflt - ok

14:37:02.0250 3576        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys

14:37:02.0296 3576        avipbb - ok

14:37:02.0312 3576        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys

14:37:02.0312 3576        avkmgr - ok

14:37:02.0343 3576        AWINDIS5        (f62b70d3209e38a6c19a03109a25b903) C:\WINDOWS\system32\AWINDIS5.SYS

14:37:02.0343 3576        AWINDIS5 - ok

14:37:02.0406 3576        BCM43XX         (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\wn311b.sys

14:37:02.0437 3576        BCM43XX - ok

14:37:02.0453 3576        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

14:37:02.0453 3576        Beep - ok

14:37:02.0500 3576        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll

14:37:02.0531 3576        BITS - ok

14:37:02.0828 3576        Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll

14:37:02.0828 3576        Browser - ok

14:37:02.0843 3576        cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

14:37:02.0843 3576        cbidf2k - ok

14:37:02.0859 3576        cd20xrnt - ok

14:37:02.0875 3576        Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

14:37:02.0875 3576        Cdaudio - ok

14:37:02.0921 3576        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

14:37:02.0921 3576        Cdfs - ok

14:37:02.0953 3576        Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

14:37:02.0968 3576        Cdrom - ok

14:37:02.0968 3576        Changer - ok

14:37:02.0984 3576        CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe

14:37:03.0000 3576        CiSvc - ok

14:37:03.0046 3576        CLCapSvc        (cfbcf1def8779481e6695f4739621dde) C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe

14:37:03.0062 3576        CLCapSvc - ok

14:37:03.0062 3576        ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe

14:37:03.0062 3576        ClipSrv - ok

14:37:03.0156 3576        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:37:03.0156 3576        clr_optimization_v2.0.50727_32 - ok

14:37:03.0203 3576        CLSched         (418b3bf615cb329ef208055cad1108fc) C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe

14:37:03.0203 3576        CLSched - ok

14:37:03.0203 3576        CmdIde - ok

14:37:03.0203 3576        COMSysApp - ok

14:37:03.0218 3576        Cpqarray - ok

14:37:03.0250 3576        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll

14:37:03.0250 3576        CryptSvc - ok

14:37:03.0312 3576        CyberLink Media Library Service (1cfdcb99812c62e19c47896a5857d342) C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe

14:37:03.0343 3576        CyberLink Media Library Service - ok

14:37:03.0343 3576        dac2w2k - ok

14:37:03.0359 3576        dac960nt - ok

14:37:03.0390 3576        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

14:37:03.0406 3576        DcomLaunch - ok

14:37:03.0421 3576        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll

14:37:03.0421 3576        Dhcp - ok

14:37:03.0484 3576        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

14:37:03.0484 3576        Disk - ok

14:37:03.0484 3576        dmadmin - ok

14:37:03.0546 3576        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys

14:37:03.0578 3576        dmboot - ok

14:37:03.0593 3576        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys

14:37:03.0593 3576        dmio - ok

14:37:03.0625 3576        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

14:37:03.0625 3576        dmload - ok

14:37:03.0640 3576        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll

14:37:03.0640 3576        dmserver - ok

14:37:03.0671 3576        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

14:37:03.0671 3576        DMusic - ok

14:37:03.0687 3576        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll

14:37:03.0687 3576        Dnscache - ok

14:37:03.0718 3576        Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll

14:37:03.0750 3576        Dot3svc - ok

14:37:03.0750 3576        dpti2o - ok

14:37:03.0765 3576        drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

14:37:03.0765 3576        drmkaud - ok

14:37:03.0781 3576        EagleNT - ok

14:37:03.0781 3576        EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll

14:37:03.0781 3576        EapHost - ok

14:37:03.0828 3576        ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll

14:37:03.0828 3576        ERSvc - ok

14:37:03.0843 3576        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

14:37:03.0859 3576        Eventlog - ok

14:37:03.0890 3576        EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll

14:37:03.0953 3576        EventSystem - ok

14:37:03.0968 3576        Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

14:37:04.0000 3576        Fastfat - ok

14:37:04.0031 3576        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

14:37:04.0046 3576        FastUserSwitchingCompatibility - ok

14:37:04.0062 3576        Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

14:37:04.0062 3576        Fdc - ok

14:37:04.0078 3576        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys

14:37:04.0078 3576        Fips - ok

14:37:04.0093 3576        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

14:37:04.0093 3576        Flpydisk - ok

14:37:04.0125 3576        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

14:37:04.0125 3576        FltMgr - ok

14:37:04.0187 3576        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

14:37:04.0187 3576        FontCache3.0.0.0 - ok

14:37:04.0218 3576        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

14:37:04.0218 3576        Fs_Rec - ok

14:37:04.0234 3576        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

14:37:04.0250 3576        Ftdisk - ok

14:37:04.0265 3576        Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

14:37:04.0265 3576        Gpc - ok

14:37:04.0359 3576        gusvc - ok

14:37:04.0375 3576        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

14:37:04.0390 3576        HDAudBus - ok

14:37:04.0484 3576        helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

14:37:04.0484 3576        helpsvc - ok

14:37:04.0515 3576        HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll

14:37:04.0515 3576        HidServ - ok

14:37:04.0562 3576        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

14:37:04.0562 3576        hidusb - ok

14:37:04.0703 3576        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll

14:37:04.0703 3576        hkmsvc - ok

14:37:04.0718 3576        hpn - ok

14:37:05.0000 3576        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

14:37:05.0015 3576        HTTP - ok

14:37:05.0078 3576        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll

14:37:05.0093 3576        HTTPFilter - ok

14:37:05.0093 3576        i2omgmt - ok

14:37:05.0109 3576        i2omp - ok

14:37:05.0125 3576        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

14:37:05.0125 3576        i8042prt - ok

14:37:05.0187 3576        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe

14:37:05.0203 3576        IDriverT - ok

14:37:05.0281 3576        idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

14:37:05.0312 3576        idsvc - ok

14:37:05.0328 3576        Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

14:37:05.0328 3576        Imapi - ok

14:37:05.0375 3576        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe

14:37:05.0390 3576        ImapiService - ok

14:37:05.0390 3576        ini910u - ok

14:37:05.0468 3576        int15.sys       (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys

14:37:05.0468 3576        int15.sys - ok

14:37:05.0468 3576        IntelIde - ok

14:37:05.0484 3576        Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

14:37:05.0484 3576        Ip6Fw - ok

14:37:05.0515 3576        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

14:37:05.0515 3576        IpFilterDriver - ok

14:37:05.0531 3576        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

14:37:05.0531 3576        IpInIp - ok

14:37:05.0546 3576        IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

14:37:05.0609 3576        IpNat - ok

14:37:05.0609 3576        IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

14:37:05.0625 3576        IPSec - ok

14:37:05.0640 3576        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys

14:37:05.0640 3576        irda - ok

14:37:05.0671 3576        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

14:37:05.0671 3576        IRENUM - ok

14:37:05.0687 3576        Irmon           (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll

14:37:05.0687 3576        Irmon - ok

14:37:05.0703 3576        irsir           (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys

14:37:05.0703 3576        irsir - ok

14:37:05.0718 3576        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys

14:37:05.0718 3576        isapnp - ok

14:37:05.0796 3576        JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe

14:37:05.0828 3576        JavaQuickStarterService - ok

14:37:05.0843 3576        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

14:37:05.0859 3576        Kbdclass - ok

14:37:05.0875 3576        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

14:37:05.0875 3576        kbdhid - ok

14:37:05.0890 3576        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

14:37:05.0937 3576        kmixer - ok

14:37:05.0953 3576        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

14:37:05.0968 3576        KSecDD - ok

14:37:05.0984 3576        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll

14:37:05.0984 3576        lanmanserver - ok

14:37:06.0015 3576        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll

14:37:06.0031 3576        lanmanworkstation - ok

14:37:06.0187 3576        Lavasoft Ad-Aware Service (4d99fca201b72e0f2ca996e357baa170) C:\Programme\Lavasoft\Ad-Aware\AAWService.exe

14:37:06.0203 3576        Lavasoft Ad-Aware Service - ok

14:37:06.0218 3576        Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys

14:37:06.0218 3576        Lavasoft Kernexplorer - ok

14:37:06.0375 3576        Lbd             (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys

14:37:06.0375 3576        Lbd - ok

14:37:06.0390 3576        lbrtfdc - ok

14:37:06.0437 3576        LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll

14:37:06.0453 3576        LmHosts - ok

14:37:06.0500 3576        mbr - ok

14:37:06.0578 3576        MDM             (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

14:37:06.0625 3576        MDM - ok

14:37:06.0640 3576        Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll

14:37:06.0656 3576        Messenger - ok

14:37:06.0687 3576        mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

14:37:06.0687 3576        mnmdd - ok

14:37:06.0703 3576        mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe

14:37:06.0703 3576        mnmsrvc - ok

14:37:06.0765 3576        Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys

14:37:06.0765 3576        Modem - ok

14:37:06.0781 3576        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys

14:37:06.0781 3576        Mouclass - ok

14:37:06.0828 3576        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys

14:37:06.0828 3576        mouhid - ok

14:37:06.0843 3576        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

14:37:06.0843 3576        MountMgr - ok

14:37:06.0875 3576        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

14:37:06.0890 3576        MozillaMaintenance - ok

14:37:06.0890 3576        mraid35x - ok

14:37:06.0921 3576        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

14:37:06.0968 3576        MRxDAV - ok

14:37:07.0031 3576        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

14:37:07.0046 3576        MRxSmb - ok

14:37:07.0062 3576        MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe

14:37:07.0078 3576        MSDTC - ok

14:37:07.0109 3576        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

14:37:07.0109 3576        Msfs - ok

14:37:07.0109 3576        MSIServer - ok

14:37:07.0125 3576        MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

14:37:07.0140 3576        MSKSSRV - ok

14:37:07.0156 3576        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

14:37:07.0156 3576        MSPCLOCK - ok

14:37:07.0187 3576        MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

14:37:07.0203 3576        MSPQM - ok

14:37:07.0234 3576        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

14:37:07.0234 3576        mssmbios - ok

14:37:07.0265 3576        Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

14:37:07.0265 3576        Mup - ok

14:37:07.0312 3576        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll

14:37:07.0328 3576        napagent - ok

14:37:07.0343 3576        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

14:37:07.0406 3576        NDIS - ok

14:37:07.0421 3576        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

14:37:07.0421 3576        NdisTapi - ok

14:37:07.0437 3576        Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

14:37:07.0453 3576        Ndisuio - ok

14:37:07.0468 3576        NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

14:37:07.0468 3576        NdisWan - ok

14:37:07.0500 3576        NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

14:37:07.0500 3576        NDProxy - ok

14:37:07.0546 3576        NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

14:37:07.0546 3576        NetBIOS - ok

14:37:07.0562 3576        NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

14:37:07.0578 3576        NetBT - ok

14:37:07.0625 3576        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

14:37:07.0625 3576        NetDDE - ok

14:37:07.0625 3576        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

14:37:07.0640 3576        NetDDEdsdm - ok

14:37:07.0671 3576        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:37:07.0671 3576        Netlogon - ok

14:37:07.0703 3576        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll

14:37:07.0718 3576        Netman - ok

14:37:07.0781 3576        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:37:07.0828 3576        NetTcpPortSharing - ok

14:37:07.0828 3576        NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

14:37:07.0843 3576        NIC1394 - ok

14:37:07.0859 3576        Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll

14:37:07.0921 3576        Nla - ok

14:37:07.0937 3576        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

14:37:07.0937 3576        Npfs - ok

14:37:07.0984 3576        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

14:37:08.0000 3576        Ntfs - ok

14:37:08.0015 3576        NTIDrvr         (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys

14:37:08.0015 3576        NTIDrvr - ok

14:37:08.0015 3576        NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:37:08.0015 3576        NtLmSsp - ok

14:37:08.0062 3576        NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll

14:37:08.0109 3576        NtmsSvc - ok

14:37:08.0140 3576        NuidFltr        (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys

14:37:08.0140 3576        NuidFltr - ok

14:37:08.0140 3576        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

14:37:08.0140 3576        Null - ok

14:37:08.0171 3576        nvatabus        (11d1ad7e946538e02f9ef6a6e1792061) C:\WINDOWS\system32\drivers\nvatabus.sys

14:37:08.0171 3576        nvatabus - ok

14:37:08.0187 3576        NVENETFD        (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

14:37:08.0187 3576        NVENETFD - ok

14:37:08.0234 3576        nvnetbus        (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

14:37:08.0234 3576        nvnetbus - ok

14:37:08.0250 3576        nvraid          (3bc8b9d8a744df75698fe35d52f18a0a) C:\WINDOWS\system32\drivers\nvraid.sys

14:37:08.0250 3576        nvraid - ok

14:37:08.0250 3576        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

14:37:08.0250 3576        NwlnkFlt - ok

14:37:08.0265 3576        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

14:37:08.0265 3576        NwlnkFwd - ok

14:37:08.0296 3576        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

14:37:08.0296 3576        ohci1394 - ok

14:37:08.0312 3576        Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys

14:37:08.0312 3576        Parport - ok

14:37:08.0328 3576        PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

14:37:08.0328 3576        PartMgr - ok

14:37:08.0343 3576        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys

14:37:08.0343 3576        ParVdm - ok

14:37:08.0359 3576        PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys

14:37:08.0359 3576        PCI - ok

14:37:08.0375 3576        PCIDump - ok

14:37:08.0390 3576        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys

14:37:08.0390 3576        PCIIde - ok

14:37:08.0406 3576        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys

14:37:08.0406 3576        Pcmcia - ok

14:37:08.0406 3576        PDCOMP - ok

14:37:08.0421 3576        PDFRAME - ok

14:37:08.0437 3576        PDRELI - ok

14:37:08.0437 3576        PDRFRAME - ok

14:37:08.0453 3576        perc2 - ok

14:37:08.0453 3576        perc2hib - ok

14:37:08.0500 3576        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

14:37:08.0500 3576        PlugPlay - ok

14:37:08.0531 3576        PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:37:08.0531 3576        PolicyAgent - ok

14:37:08.0546 3576        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

14:37:08.0546 3576        PptpMiniport - ok

14:37:08.0562 3576        Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys

14:37:08.0562 3576        Processor - ok

14:37:08.0562 3576        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:37:08.0562 3576        ProtectedStorage - ok

14:37:08.0609 3576        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

14:37:08.0609 3576        PSched - ok

14:37:08.0640 3576        Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

14:37:08.0640 3576        Ptilink - ok

14:37:08.0640 3576        ql1080 - ok

14:37:08.0656 3576        Ql10wnt - ok

14:37:08.0671 3576        ql12160 - ok

14:37:08.0671 3576        ql1240 - ok

14:37:08.0687 3576        ql1280 - ok

14:37:08.0703 3576        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

14:37:08.0703 3576        RasAcd - ok

14:37:08.0734 3576        RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll

14:37:08.0734 3576        RasAuto - ok

14:37:08.0750 3576        Rasirda         (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

14:37:08.0750 3576        Rasirda - ok

14:37:08.0765 3576        Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

14:37:08.0781 3576        Rasl2tp - ok

14:37:08.0828 3576        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll

14:37:08.0875 3576        RasMan - ok

14:37:08.0875 3576        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

14:37:08.0875 3576        RasPppoe - ok

14:37:08.0921 3576        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

14:37:08.0921 3576        Raspti - ok

14:37:08.0937 3576        Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

14:37:08.0968 3576        Rdbss - ok

14:37:08.0984 3576        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

14:37:08.0984 3576        RDPCDD - ok

14:37:09.0015 3576        RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

14:37:09.0015 3576        RDPWD - ok

14:37:09.0046 3576        RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe

14:37:09.0062 3576        RDSessMgr - ok

14:37:09.0078 3576        redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys

14:37:09.0078 3576        redbook - ok

14:37:09.0125 3576        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll

14:37:09.0125 3576        RemoteAccess - ok

14:37:09.0156 3576        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe

14:37:09.0156 3576        RpcLocator - ok

14:37:09.0187 3576        RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

14:37:09.0187 3576        RpcSs - ok

14:37:09.0218 3576        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe

14:37:09.0265 3576        RSVP - ok

14:37:09.0296 3576        SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:37:09.0296 3576        SamSs - ok

14:37:09.0312 3576        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe

14:37:09.0312 3576        SCardSvr - ok

14:37:09.0343 3576        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll

14:37:09.0390 3576        Schedule - ok

14:37:09.0421 3576        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

14:37:09.0421 3576        Secdrv - ok

14:37:09.0437 3576        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll

14:37:09.0437 3576        seclogon - ok

14:37:09.0437 3576        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll

14:37:09.0453 3576        SENS - ok

14:37:09.0468 3576        serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

14:37:09.0468 3576        serenum - ok

14:37:09.0484 3576        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys

14:37:09.0484 3576        Serial - ok

14:37:09.0515 3576        Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

14:37:09.0515 3576        Sfloppy - ok

14:37:09.0546 3576        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll

14:37:09.0609 3576        SharedAccess - ok

14:37:09.0640 3576        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

14:37:09.0640 3576        ShellHWDetection - ok

14:37:09.0640 3576        Simbad - ok

14:37:09.0656 3576        Sparrow - ok

14:37:09.0687 3576        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

14:37:09.0687 3576        splitter - ok

14:37:09.0703 3576        Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

14:37:09.0703 3576        Spooler - ok

14:37:09.0750 3576        SpyroService    (bfae719594989d1f02b9e9cd86db293e) C:\Programme\FS\Spyro Portal\FlashPortal.exe

14:37:09.0750 3576        SpyroService - ok

14:37:09.0781 3576        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys

14:37:09.0781 3576        sr - ok

14:37:09.0828 3576        srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll

14:37:09.0843 3576        srservice - ok

14:37:09.0875 3576        Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

14:37:09.0921 3576        Srv - ok

14:37:09.0953 3576        SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll

14:37:09.0953 3576        SSDPSRV - ok

14:37:09.0984 3576        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

14:37:09.0984 3576        ssmdrv - ok

14:37:10.0015 3576        StillCam        (a2dbcc4c8860449df1ab758ea28b4de0) C:\WINDOWS\system32\DRIVERS\serscan.sys

14:37:10.0015 3576        StillCam - ok

14:37:10.0062 3576        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll

14:37:10.0078 3576        stisvc - ok

14:37:10.0109 3576        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

14:37:10.0109 3576        swenum - ok

14:37:10.0125 3576        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

14:37:10.0125 3576        swmidi - ok

14:37:10.0140 3576        SwPrv - ok

14:37:10.0156 3576        symc810 - ok

14:37:10.0171 3576        symc8xx - ok

14:37:10.0171 3576        sym_hi - ok

14:37:10.0187 3576        sym_u3 - ok

14:37:10.0218 3576        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

14:37:10.0218 3576        sysaudio - ok

14:37:10.0250 3576        SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe

14:37:10.0265 3576        SysmonLog - ok

14:37:10.0281 3576        TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll

14:37:10.0328 3576        TapiSrv - ok

14:37:10.0359 3576        Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

14:37:10.0390 3576        Tcpip - ok

14:37:10.0406 3576        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

14:37:10.0406 3576        TDPIPE - ok

14:37:10.0421 3576        TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

14:37:10.0421 3576        TDTCP - ok

14:37:10.0437 3576        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

14:37:10.0437 3576        TermDD - ok

14:37:10.0468 3576        TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll

14:37:10.0468 3576        TermService - ok

14:37:10.0500 3576        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

14:37:10.0515 3576        Themes - ok

14:37:10.0515 3576        TosIde - ok

14:37:10.0531 3576        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll

14:37:10.0531 3576        TrkWks - ok

14:37:10.0593 3576        UBHelper        (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys

14:37:10.0593 3576        UBHelper - ok

14:37:10.0625 3576        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

14:37:10.0625 3576        Udfs - ok

14:37:10.0625 3576        ultra - ok

14:37:10.0671 3576        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

14:37:10.0687 3576        Update - ok

14:37:10.0718 3576        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll

14:37:10.0734 3576        upnphost - ok

14:37:10.0750 3576        UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe

14:37:10.0750 3576        UPS - ok

14:37:10.0781 3576        usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

14:37:10.0781 3576        usbccgp - ok

14:37:10.0828 3576        usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

14:37:10.0828 3576        usbehci - ok

14:37:10.0828 3576        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

14:37:10.0843 3576        usbhub - ok

14:37:10.0859 3576        usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

14:37:10.0859 3576        usbohci - ok

14:37:10.0875 3576        USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

14:37:10.0875 3576        USBSTOR - ok

14:37:10.0890 3576        VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

14:37:10.0890 3576        VgaSave - ok

14:37:10.0890 3576        ViaIde - ok

14:37:10.0921 3576        VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys

14:37:10.0921 3576        VolSnap - ok

14:37:10.0953 3576        VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe

14:37:10.0953 3576        VSS - ok

14:37:11.0000 3576        W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll

14:37:11.0046 3576        W32Time - ok

14:37:11.0062 3576        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

14:37:11.0062 3576        Wanarp - ok

14:37:11.0078 3576        wanatw - ok

14:37:11.0140 3576        Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

14:37:11.0156 3576        Wdf01000 - ok

14:37:11.0171 3576        WDICA - ok

14:37:11.0187 3576        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

14:37:11.0187 3576        wdmaud - ok

14:37:11.0203 3576        WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll

14:37:11.0203 3576        WebClient - ok

14:37:11.0265 3576        winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll

14:37:11.0281 3576        winmgmt - ok

14:37:11.0312 3576        WinUSB          (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\WinUSB.sys

14:37:11.0312 3576        WinUSB - ok

14:37:11.0359 3576        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

14:37:11.0375 3576        WmdmPmSN - ok

14:37:11.0390 3576        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe

14:37:11.0390 3576        WmiApSrv - ok

14:37:11.0515 3576        WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe

14:37:11.0546 3576        WMPNetworkSvc - ok

14:37:11.0562 3576        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

14:37:11.0562 3576        WpdUsb - ok

14:37:11.0593 3576        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll

14:37:11.0593 3576        wscsvc - ok

14:37:11.0609 3576        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll

14:37:11.0609 3576        wuauserv - ok

14:37:11.0640 3576        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

14:37:11.0640 3576        WudfPf - ok

14:37:11.0671 3576        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

14:37:11.0671 3576        WudfRd - ok

14:37:11.0687 3576        WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

14:37:11.0687 3576        WudfSvc - ok

14:37:11.0734 3576        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll

14:37:11.0781 3576        WZCSVC - ok

14:37:11.0781 3576        XDva394 - ok

14:37:11.0812 3576        xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll

14:37:11.0828 3576        xmlprov - ok

14:37:11.0828 3576        ZD1211BU(ZyDAS) - ok

14:37:11.0843 3576        ZD1211U(ZyDAS) - ok

14:37:11.0843 3576        ZDPSp50 - ok

14:37:11.0890 3576        MBR (0x1B8)     (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0

14:37:11.0921 3576        \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected

14:37:11.0921 3576        \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)

14:37:11.0937 3576        Boot (0x1200)   (333c6e6fde65f3fefacef0a674749c87) \Device\Harddisk0\DR0\Partition0

14:37:11.0953 3576        \Device\Harddisk0\DR0\Partition0 - ok

14:37:11.0968 3576        Boot (0x1200)   (83047847fabad226b373ccec927ef9ef) \Device\Harddisk0\DR0\Partition1

14:37:11.0968 3576        \Device\Harddisk0\DR0\Partition1 - ok

14:37:11.0968 3576        ============================================================

14:37:11.0968 3576        Scan finished

14:37:11.0968 3576        ============================================================

14:37:12.0000 0692        Detected object count: 2

14:37:12.0000 0692        Actual detected object count: 2

14:37:59.0781 0692        Akamai ( HiddenFile.Multi.Generic ) - skipped by user

14:37:59.0781 0692        Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 

14:38:02.0671 0692        \Device\Harddisk0\DR0\# - copied to quarantine

14:38:02.0671 0692        \Device\Harddisk0\DR0 - copied to quarantine

14:38:02.0671 0692        \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot

14:38:02.0718 0692        \Device\Harddisk0\DR0 - ok

14:38:02.0718 0692        \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure 

14:38:38.0109 3052        Deinitialize success

Code:

 14:45:56.0015 1600        TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30

14:45:56.0171 1600        ============================================================

14:45:56.0171 1600        Current date / time: 2012/05/30 14:45:56.0171

14:45:56.0171 1600        SystemInfo:

14:45:56.0171 1600        

14:45:56.0171 1600        OS Version: 5.1.2600 ServicePack: 3.0

14:45:56.0171 1600        Product type: Workstation

14:45:56.0171 1600        ComputerName: ACER-75EEBC93E0

14:45:56.0171 1600        UserName: Harald

14:45:56.0171 1600        Windows directory: C:\WINDOWS

14:45:56.0171 1600        System windows directory: C:\WINDOWS

14:45:56.0171 1600        Processor architecture: Intel x86

14:45:56.0171 1600        Number of processors: 2

14:45:56.0171 1600        Page size: 0x1000

14:45:56.0171 1600        Boot type: Normal boot

14:45:56.0171 1600        ============================================================

14:45:56.0375 1600        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

14:45:56.0406 1600        ============================================================

14:45:56.0406 1600        \Device\Harddisk0\DR0:

14:45:56.0406 1600        MBR partitions:

14:45:56.0406 1600        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x9C263D, BlocksNum 0x124B8022

14:45:56.0406 1600        \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x12E7A65F, BlocksNum 0x125B3062

14:45:56.0406 1600        ============================================================

14:45:56.0437 1600        C: <-> \Device\Harddisk0\DR0\Partition0

14:45:56.0453 1600        D: <-> \Device\Harddisk0\DR0\Partition1

14:45:56.0453 1600        ============================================================

14:45:56.0453 1600        Initialize success

14:45:56.0453 1600        ============================================================

14:47:45.0156 1992        ============================================================

14:47:45.0156 1992        Scan started

14:47:45.0156 1992        Mode: Manual; SigCheck; TDLFS; 

14:47:45.0156 1992        ============================================================

14:47:45.0468 1992        Abiosdsk - ok

14:47:45.0468 1992        abp480n5 - ok

14:47:45.0546 1992        Acer Media Server (ba875aa88898cdf5ecdd8213020c75c6) C:\Programme\Acer\Acer eConsole\MediaServerService.exe

14:47:45.0656 1992        Acer Media Server ( UnsignedFile.Multi.Generic ) - warning

14:47:45.0656 1992        Acer Media Server - detected UnsignedFile.Multi.Generic (1)

14:47:45.0703 1992        AcerMemUsageCheckService (3caabc2d0f87413eb1e0c7e0b3245e67) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

14:47:45.0718 1992        AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - warning

14:47:45.0718 1992        AcerMemUsageCheckService - detected UnsignedFile.Multi.Generic (1)

14:47:45.0734 1992        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

14:47:46.0312 1992        ACPI - ok

14:47:46.0328 1992        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys

14:47:46.0531 1992        ACPIEC - ok

14:47:46.0593 1992        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

14:47:46.0609 1992        AdobeFlashPlayerUpdateSvc - ok

14:47:46.0609 1992        adpu160m - ok

14:47:46.0656 1992        aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

14:47:46.0812 1992        aec - ok

14:47:46.0828 1992        Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys

14:47:46.0843 1992        Afc ( UnsignedFile.Multi.Generic ) - warning

14:47:46.0843 1992        Afc - detected UnsignedFile.Multi.Generic (1)

14:47:46.0875 1992        AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

14:47:46.0921 1992        AFD - ok

14:47:46.0921 1992        Aha154x - ok

14:47:46.0937 1992        aic78u2 - ok

14:47:46.0937 1992        aic78xx - ok

14:47:47.0187 1992        Akamai          (c775d704feb2b600a5bf7b0b088546af) c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll

14:47:47.0187 1992        Suspicious file (Hidden): c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af

14:47:47.0203 1992        Akamai ( HiddenFile.Multi.Generic ) - warning

14:47:47.0203 1992        Akamai - detected HiddenFile.Multi.Generic (1)

14:47:47.0515 1992        ALCXWDM         (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

14:47:47.0718 1992        ALCXWDM - ok

14:47:47.0796 1992        Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll

14:47:48.0015 1992        Alerter - ok

14:47:48.0031 1992        ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe

14:47:48.0093 1992        ALG - ok

14:47:48.0093 1992        AliIde - ok

14:47:48.0109 1992        AmdK8           (769844eb65df6a62aa51b886290fe51d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys

14:47:48.0140 1992        AmdK8 - ok

14:47:48.0140 1992        amsint - ok

14:47:48.0203 1992        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe

14:47:48.0203 1992        AntiVirSchedulerService - ok

14:47:48.0250 1992        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe

14:47:48.0265 1992        AntiVirService - ok

14:47:48.0281 1992        AppMgmt - ok

14:47:48.0296 1992        Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

14:47:48.0437 1992        Arp1394 - ok

14:47:48.0453 1992        asc - ok

14:47:48.0453 1992        asc3350p - ok

14:47:48.0468 1992        asc3550 - ok

14:47:48.0500 1992        ASCTRM          (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

14:47:48.0515 1992        ASCTRM ( UnsignedFile.Multi.Generic ) - warning

14:47:48.0515 1992        ASCTRM - detected UnsignedFile.Multi.Generic (1)

14:47:48.0578 1992        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

14:47:48.0593 1992        aspnet_state - ok

14:47:48.0609 1992        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

14:47:48.0781 1992        AsyncMac - ok

14:47:48.0796 1992        atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

14:47:48.0937 1992        atapi - ok

14:47:48.0937 1992        Atdisk - ok

14:47:48.0984 1992        Ati HotKey Poller (42e4e2cf0406394bbce7eb358ae4e208) C:\WINDOWS\system32\Ati2evxx.exe

14:47:49.0062 1992        Ati HotKey Poller - ok

14:47:49.0109 1992        ATI Smart       (460741befbfc91c88934620bc546d172) C:\WINDOWS\system32\ati2sgag.exe

14:47:49.0140 1992        ATI Smart ( UnsignedFile.Multi.Generic ) - warning

14:47:49.0140 1992        ATI Smart - detected UnsignedFile.Multi.Generic (1)

14:47:49.0328 1992        ati2mtag        (81c3e6674d0609aa84c07681bca252de) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

14:47:49.0453 1992        ati2mtag - ok

14:47:49.0625 1992        AtiHdmiService  (d9bc8892b9440a2551b8148c57aa039e) C:\WINDOWS\system32\drivers\AtiHdmi.sys

14:47:49.0656 1992        AtiHdmiService - ok

14:47:49.0671 1992        ATITool         (d4ed96ac2fafee2c697436b9a2871cd3) C:\WINDOWS\system32\DRIVERS\ATITool.sys

14:47:49.0718 1992        ATITool ( UnsignedFile.Multi.Generic ) - warning

14:47:49.0718 1992        ATITool - detected UnsignedFile.Multi.Generic (1)

14:47:49.0734 1992        Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

14:47:49.0906 1992        Atmarpc - ok

14:47:49.0921 1992        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll

14:47:50.0062 1992        AudioSrv - ok

14:47:50.0078 1992        audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

14:47:50.0218 1992        audstub - ok

14:47:50.0234 1992        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

14:47:50.0250 1992        avgntflt - ok

14:47:50.0265 1992        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys

14:47:50.0281 1992        avipbb - ok

14:47:50.0296 1992        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys

14:47:50.0312 1992        avkmgr - ok

14:47:50.0328 1992        AWINDIS5        (f62b70d3209e38a6c19a03109a25b903) C:\WINDOWS\system32\AWINDIS5.SYS

14:47:50.0328 1992        AWINDIS5 ( UnsignedFile.Multi.Generic ) - warning

14:47:50.0328 1992        AWINDIS5 - detected UnsignedFile.Multi.Generic (1)

14:47:50.0375 1992        BCM43XX         (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\wn311b.sys

14:47:50.0406 1992        BCM43XX ( UnsignedFile.Multi.Generic ) - warning

14:47:50.0406 1992        BCM43XX - detected UnsignedFile.Multi.Generic (1)

14:47:50.0437 1992        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

14:47:50.0578 1992        Beep - ok

14:47:50.0609 1992        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll

14:47:50.0765 1992        BITS - ok

14:47:50.0781 1992        Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll

14:47:50.0984 1992        Browser - ok

14:47:51.0000 1992        cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

14:47:51.0156 1992        cbidf2k - ok

14:47:51.0171 1992        cd20xrnt - ok

14:47:51.0187 1992        Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

14:47:51.0312 1992        Cdaudio - ok

14:47:51.0328 1992        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

14:47:51.0453 1992        Cdfs - ok

14:47:51.0468 1992        Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

14:47:51.0609 1992        Cdrom - ok

14:47:51.0609 1992        Changer - ok

14:47:51.0625 1992        CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe

14:47:51.0750 1992        CiSvc - ok

14:47:51.0812 1992        CLCapSvc        (cfbcf1def8779481e6695f4739621dde) C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe

14:47:51.0843 1992        CLCapSvc ( UnsignedFile.Multi.Generic ) - warning

14:47:51.0843 1992        CLCapSvc - detected UnsignedFile.Multi.Generic (1)

14:47:51.0859 1992        ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe

14:47:52.0015 1992        ClipSrv - ok

14:47:52.0078 1992        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:47:52.0078 1992        clr_optimization_v2.0.50727_32 - ok

14:47:52.0093 1992        CLSched         (418b3bf615cb329ef208055cad1108fc) C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe

14:47:52.0140 1992        CLSched ( UnsignedFile.Multi.Generic ) - warning

14:47:52.0140 1992        CLSched - detected UnsignedFile.Multi.Generic (1)

14:47:52.0156 1992        CmdIde - ok

14:47:52.0156 1992        COMSysApp - ok

14:47:52.0187 1992        Cpqarray - ok

14:47:52.0203 1992        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll

14:47:52.0343 1992        CryptSvc - ok

14:47:52.0406 1992        CyberLink Media Library Service (1cfdcb99812c62e19c47896a5857d342) C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe

14:47:52.0453 1992        CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - warning

14:47:52.0453 1992        CyberLink Media Library Service - detected UnsignedFile.Multi.Generic (1)

14:47:52.0468 1992        dac2w2k - ok

14:47:52.0484 1992        dac960nt - ok

14:47:52.0515 1992        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

14:47:52.0562 1992        DcomLaunch - ok

14:47:52.0593 1992        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll

14:47:52.0796 1992        Dhcp - ok

14:47:52.0812 1992        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

14:47:52.0968 1992        Disk - ok

14:47:52.0984 1992        dmadmin - ok

14:47:53.0031 1992        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys

14:47:53.0156 1992        dmboot - ok

14:47:53.0171 1992        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys

14:47:53.0312 1992        dmio - ok

14:47:53.0343 1992        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

14:47:53.0484 1992        dmload - ok

14:47:53.0500 1992        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll

14:47:53.0640 1992        dmserver - ok

14:47:53.0656 1992        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

14:47:53.0781 1992        DMusic - ok

14:47:53.0796 1992        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll

14:47:53.0843 1992        Dnscache - ok

14:47:53.0875 1992        Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll

14:47:54.0015 1992        Dot3svc - ok

14:47:54.0031 1992        dpti2o - ok

14:47:54.0046 1992        drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

14:47:54.0187 1992        drmkaud - ok

14:47:54.0187 1992        EagleNT - ok

14:47:54.0203 1992        EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll

14:47:54.0359 1992        EapHost - ok

14:47:54.0375 1992        ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll

14:47:54.0531 1992        ERSvc - ok

14:47:54.0546 1992        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

14:47:54.0562 1992        Eventlog - ok

14:47:54.0593 1992        EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll

14:47:54.0640 1992        EventSystem - ok

14:47:54.0671 1992        Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

14:47:54.0812 1992        Fastfat - ok

14:47:54.0843 1992        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

14:47:54.0875 1992        FastUserSwitchingCompatibility - ok

14:47:54.0890 1992        Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

14:47:55.0156 1992        Fdc - ok

14:47:55.0187 1992        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys

14:47:55.0343 1992        Fips - ok

14:47:55.0359 1992        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

14:47:55.0531 1992        Flpydisk - ok

14:47:55.0546 1992        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

14:47:55.0671 1992        FltMgr - ok

14:47:55.0718 1992        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

14:47:55.0734 1992        FontCache3.0.0.0 - ok

14:47:55.0750 1992        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

14:47:55.0906 1992        Fs_Rec - ok

14:47:55.0921 1992        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

14:47:56.0046 1992        Ftdisk - ok

14:47:56.0062 1992        Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

14:47:56.0203 1992        Gpc - ok

14:47:56.0234 1992        gusvc - ok

14:47:56.0250 1992        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

14:47:56.0406 1992        HDAudBus - ok

14:47:56.0437 1992        helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

14:47:56.0578 1992        helpsvc - ok

14:47:56.0609 1992        HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll

14:47:56.0750 1992        HidServ - ok

14:47:56.0765 1992        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

14:47:56.0906 1992        hidusb - ok

14:47:56.0921 1992        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll

14:47:57.0046 1992        hkmsvc - ok

14:47:57.0046 1992        hpn - ok

14:47:57.0078 1992        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

14:47:57.0140 1992        HTTP - ok

14:47:57.0140 1992        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll

14:47:57.0281 1992        HTTPFilter - ok

14:47:57.0281 1992        i2omgmt - ok

14:47:57.0296 1992        i2omp - ok

14:47:57.0312 1992        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

14:47:57.0437 1992        i8042prt - ok

14:47:57.0484 1992        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe

14:47:57.0484 1992        IDriverT ( UnsignedFile.Multi.Generic ) - warning

14:47:57.0484 1992        IDriverT - detected UnsignedFile.Multi.Generic (1)

14:47:57.0562 1992        idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

14:47:57.0609 1992        idsvc - ok

14:47:57.0625 1992        Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

14:47:57.0781 1992        Imapi - ok

14:47:57.0796 1992        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe

14:47:57.0953 1992        ImapiService - ok

14:47:57.0953 1992        ini910u - ok

14:47:58.0031 1992        int15.sys       (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys

14:47:58.0031 1992        int15.sys ( UnsignedFile.Multi.Generic ) - warning

14:47:58.0031 1992        int15.sys - detected UnsignedFile.Multi.Generic (1)

14:47:58.0031 1992        IntelIde - ok

14:47:58.0062 1992        Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

14:47:58.0187 1992        Ip6Fw - ok

14:47:58.0218 1992        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

14:47:58.0343 1992        IpFilterDriver - ok

14:47:58.0359 1992        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

14:47:58.0500 1992        IpInIp - ok

14:47:58.0531 1992        IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

14:47:58.0687 1992        IpNat - ok

14:47:58.0703 1992        IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

14:47:58.0843 1992        IPSec - ok

14:47:58.0859 1992        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys

14:47:58.0921 1992        irda - ok

14:47:58.0921 1992        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

14:47:58.0984 1992        IRENUM - ok

14:47:59.0000 1992        Irmon           (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll

14:47:59.0062 1992        Irmon - ok

14:47:59.0078 1992        irsir           (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys

14:47:59.0125 1992        irsir - ok

14:47:59.0140 1992        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys

14:47:59.0312 1992        isapnp - ok

14:47:59.0390 1992        JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe

14:47:59.0390 1992        JavaQuickStarterService - ok

14:47:59.0421 1992        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

14:47:59.0531 1992        Kbdclass - ok

14:47:59.0546 1992        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

14:47:59.0703 1992        kbdhid - ok

14:47:59.0734 1992        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

14:47:59.0859 1992        kmixer - ok

14:47:59.0890 1992        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

14:47:59.0937 1992        KSecDD - ok

14:47:59.0968 1992        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll

14:48:00.0000 1992        lanmanserver - ok

14:48:00.0015 1992        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll

14:48:00.0046 1992        lanmanworkstation - ok

14:48:00.0203 1992        Lavasoft Ad-Aware Service (4d99fca201b72e0f2ca996e357baa170) C:\Programme\Lavasoft\Ad-Aware\AAWService.exe

14:48:00.0296 1992        Lavasoft Ad-Aware Service - ok

14:48:00.0343 1992        Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys

14:48:00.0343 1992        Lavasoft Kernexplorer - ok

14:48:00.0515 1992        Lbd             (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys

14:48:00.0515 1992        Lbd - ok

14:48:00.0531 1992        lbrtfdc - ok

14:48:00.0562 1992        LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll

14:48:00.0718 1992        LmHosts - ok

14:48:00.0781 1992        mbr - ok

14:48:00.0843 1992        MDM             (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

14:48:00.0875 1992        MDM - ok

14:48:00.0890 1992        Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll

14:48:01.0031 1992        Messenger - ok

14:48:01.0046 1992        mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

14:48:01.0171 1992        mnmdd - ok

14:48:01.0187 1992        mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe

14:48:01.0328 1992        mnmsrvc - ok

14:48:01.0343 1992        Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys

14:48:01.0468 1992        Modem - ok

14:48:01.0500 1992        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys

14:48:01.0625 1992        Mouclass - ok

14:48:01.0625 1992        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys

14:48:01.0765 1992        mouhid - ok

14:48:01.0781 1992        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

14:48:01.0890 1992        MountMgr - ok

14:48:01.0921 1992        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

14:48:01.0937 1992        MozillaMaintenance - ok

14:48:01.0937 1992        mraid35x - ok

14:48:01.0968 1992        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

14:48:02.0125 1992        MRxDAV - ok

14:48:02.0171 1992        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

14:48:02.0203 1992        MRxSmb - ok

14:48:02.0250 1992        MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe

14:48:02.0375 1992        MSDTC - ok

14:48:02.0390 1992        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

14:48:02.0546 1992        Msfs - ok

14:48:02.0546 1992        MSIServer - ok

14:48:02.0578 1992        MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

14:48:02.0703 1992        MSKSSRV - ok

14:48:02.0718 1992        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

14:48:02.0843 1992        MSPCLOCK - ok

14:48:02.0859 1992        MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

14:48:02.0968 1992        MSPQM - ok

14:48:03.0000 1992        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

14:48:03.0125 1992        mssmbios - ok

14:48:03.0140 1992        Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

14:48:03.0156 1992        Mup - ok

14:48:03.0187 1992        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll

14:48:03.0312 1992        napagent - ok

14:48:03.0328 1992        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

14:48:03.0500 1992        NDIS - ok

14:48:03.0515 1992        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

14:48:03.0546 1992        NdisTapi - ok

14:48:03.0578 1992        Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

14:48:03.0687 1992        Ndisuio - ok

14:48:03.0703 1992        NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

14:48:03.0843 1992        NdisWan - ok

14:48:03.0859 1992        NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

14:48:03.0875 1992        NDProxy - ok

14:48:03.0890 1992        NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

14:48:04.0031 1992        NetBIOS - ok

14:48:04.0046 1992        NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

14:48:04.0171 1992        NetBT - ok

14:48:04.0203 1992        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

14:48:04.0328 1992        NetDDE - ok

14:48:04.0343 1992        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

14:48:04.0453 1992        NetDDEdsdm - ok

14:48:04.0484 1992        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:48:04.0625 1992        Netlogon - ok

14:48:04.0656 1992        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll

14:48:04.0781 1992        Netman - ok

14:48:04.0843 1992        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:48:04.0859 1992        NetTcpPortSharing - ok

14:48:04.0890 1992        NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

14:48:05.0140 1992        NIC1394 - ok

14:48:05.0171 1992        Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll

14:48:05.0218 1992        Nla - ok

14:48:05.0250 1992        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

14:48:05.0359 1992        Npfs - ok

14:48:05.0406 1992        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

14:48:05.0546 1992        Ntfs - ok

14:48:05.0562 1992        NTIDrvr         (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys

14:48:05.0562 1992        NTIDrvr ( UnsignedFile.Multi.Generic ) - warning

14:48:05.0562 1992        NTIDrvr - detected UnsignedFile.Multi.Generic (1)

14:48:05.0578 1992        NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:48:05.0703 1992        NtLmSsp - ok

14:48:05.0734 1992        NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll

14:48:05.0859 1992        NtmsSvc - ok

14:48:05.0890 1992        NuidFltr        (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys

14:48:05.0906 1992        NuidFltr - ok

14:48:05.0921 1992        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

14:48:06.0031 1992        Null - ok

14:48:06.0046 1992        nvatabus        (11d1ad7e946538e02f9ef6a6e1792061) C:\WINDOWS\system32\drivers\nvatabus.sys

14:48:06.0093 1992        nvatabus - ok

14:48:06.0109 1992        NVENETFD        (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

14:48:06.0125 1992        NVENETFD - ok

14:48:06.0140 1992        nvnetbus        (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

14:48:06.0171 1992        nvnetbus - ok

14:48:06.0187 1992        nvraid          (3bc8b9d8a744df75698fe35d52f18a0a) C:\WINDOWS\system32\drivers\nvraid.sys

14:48:06.0234 1992        nvraid - ok

14:48:06.0250 1992        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

14:48:06.0359 1992        NwlnkFlt - ok

14:48:06.0375 1992        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

14:48:06.0515 1992        NwlnkFwd - ok

14:48:06.0531 1992        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

14:48:06.0671 1992        ohci1394 - ok

14:48:06.0703 1992        Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys

14:48:06.0843 1992        Parport - ok

14:48:06.0859 1992        PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

14:48:07.0000 1992        PartMgr - ok

14:48:07.0015 1992        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys

14:48:07.0125 1992        ParVdm - ok

14:48:07.0140 1992        PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys

14:48:07.0281 1992        PCI - ok

14:48:07.0281 1992        PCIDump - ok

14:48:07.0296 1992        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys

14:48:07.0421 1992        PCIIde - ok

14:48:07.0437 1992        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys

14:48:07.0562 1992        Pcmcia - ok

14:48:07.0578 1992        PDCOMP - ok

14:48:07.0578 1992        PDFRAME - ok

14:48:07.0593 1992        PDRELI - ok

14:48:07.0609 1992        PDRFRAME - ok

14:48:07.0625 1992        perc2 - ok

14:48:07.0625 1992        perc2hib - ok

14:48:07.0687 1992        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

14:48:07.0703 1992        PlugPlay - ok

14:48:07.0718 1992        PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:48:07.0843 1992        PolicyAgent - ok

14:48:07.0843 1992        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

14:48:07.0968 1992        PptpMiniport - ok

14:48:07.0984 1992        Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys

14:48:08.0125 1992        Processor - ok

14:48:08.0125 1992        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:48:08.0250 1992        ProtectedStorage - ok

14:48:08.0265 1992        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

14:48:08.0390 1992        PSched - ok

14:48:08.0421 1992        Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

14:48:08.0546 1992        Ptilink - ok

14:48:08.0562 1992        ql1080 - ok

14:48:08.0562 1992        Ql10wnt - ok

14:48:08.0578 1992        ql12160 - ok

14:48:08.0593 1992        ql1240 - ok

14:48:08.0593 1992        ql1280 - ok

14:48:08.0625 1992        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

14:48:08.0750 1992        RasAcd - ok

14:48:08.0765 1992        RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll

14:48:08.0890 1992        RasAuto - ok

14:48:08.0890 1992        Rasirda         (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

14:48:08.0953 1992        Rasirda - ok

14:48:08.0968 1992        Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

14:48:09.0109 1992        Rasl2tp - ok

14:48:09.0140 1992        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll

14:48:09.0296 1992        RasMan - ok

14:48:09.0312 1992        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

14:48:09.0437 1992        RasPppoe - ok

14:48:09.0453 1992        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

14:48:09.0593 1992        Raspti - ok

14:48:09.0625 1992        Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

14:48:09.0765 1992        Rdbss - ok

14:48:09.0781 1992        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

14:48:09.0906 1992        RDPCDD - ok

14:48:09.0937 1992        RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

14:48:09.0968 1992        RDPWD - ok

14:48:09.0984 1992        RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe

14:48:10.0109 1992        RDSessMgr - ok

14:48:10.0125 1992        redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys

14:48:10.0250 1992        redbook - ok

14:48:10.0281 1992        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll

14:48:10.0406 1992        RemoteAccess - ok

14:48:10.0421 1992        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe

14:48:10.0546 1992        RpcLocator - ok

14:48:10.0593 1992        RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

14:48:10.0609 1992        RpcSs - ok

14:48:10.0640 1992        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe

14:48:10.0796 1992        RSVP - ok

14:48:10.0828 1992        SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:48:10.0953 1992        SamSs - ok

14:48:10.0968 1992        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe

14:48:11.0125 1992        SCardSvr - ok

14:48:11.0156 1992        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll

14:48:11.0281 1992        Schedule - ok

14:48:11.0296 1992        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

14:48:11.0343 1992        Secdrv - ok

14:48:11.0359 1992        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll

14:48:11.0484 1992        seclogon - ok

14:48:11.0515 1992        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll

14:48:11.0625 1992        SENS - ok

14:48:11.0656 1992        serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

14:48:11.0781 1992        serenum - ok

14:48:11.0796 1992        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys

14:48:11.0921 1992        Serial - ok

14:48:11.0953 1992        Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

14:48:12.0093 1992        Sfloppy - ok

14:48:12.0125 1992        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll

14:48:12.0281 1992        SharedAccess - ok

14:48:12.0312 1992        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

14:48:12.0328 1992        ShellHWDetection - ok

14:48:12.0328 1992        Simbad - ok

14:48:12.0343 1992        Sparrow - ok

14:48:12.0375 1992        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

14:48:12.0500 1992        splitter - ok

14:48:12.0531 1992        Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

14:48:12.0546 1992        Spooler - ok

14:48:12.0593 1992        SpyroService    (bfae719594989d1f02b9e9cd86db293e) C:\Programme\FS\Spyro Portal\FlashPortal.exe

14:48:12.0593 1992        SpyroService ( UnsignedFile.Multi.Generic ) - warning

14:48:12.0593 1992        SpyroService - detected UnsignedFile.Multi.Generic (1)

14:48:12.0625 1992        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys

14:48:12.0687 1992        sr - ok

14:48:12.0718 1992        srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll

14:48:12.0796 1992        srservice - ok

14:48:12.0828 1992        Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

14:48:12.0859 1992        Srv - ok

14:48:12.0875 1992        SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll

14:48:12.0953 1992        SSDPSRV - ok

14:48:12.0968 1992        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

14:48:12.0984 1992        ssmdrv - ok

14:48:13.0000 1992        StillCam        (a2dbcc4c8860449df1ab758ea28b4de0) C:\WINDOWS\system32\DRIVERS\serscan.sys

14:48:13.0125 1992        StillCam - ok

14:48:13.0156 1992        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll

14:48:13.0296 1992        stisvc - ok

14:48:13.0312 1992        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

14:48:13.0437 1992        swenum - ok

14:48:13.0453 1992        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

14:48:13.0593 1992        swmidi - ok

14:48:13.0593 1992        SwPrv - ok

14:48:13.0609 1992        symc810 - ok

14:48:13.0625 1992        symc8xx - ok

14:48:13.0640 1992        sym_hi - ok

14:48:13.0640 1992        sym_u3 - ok

14:48:13.0671 1992        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

14:48:13.0781 1992        sysaudio - ok

14:48:13.0796 1992        SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe

14:48:13.0921 1992        SysmonLog - ok

14:48:13.0937 1992        TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll

14:48:14.0078 1992        TapiSrv - ok

14:48:14.0109 1992        Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

14:48:14.0125 1992        Tcpip - ok

14:48:14.0156 1992        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

14:48:14.0296 1992        TDPIPE - ok

14:48:14.0312 1992        TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

14:48:14.0437 1992        TDTCP - ok

14:48:14.0453 1992        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

14:48:14.0578 1992        TermDD - ok

14:48:14.0609 1992        TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll

14:48:14.0750 1992        TermService - ok

14:48:14.0781 1992        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

14:48:14.0781 1992        Themes - ok

14:48:14.0796 1992        TosIde - ok

14:48:14.0812 1992        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll

14:48:14.0968 1992        TrkWks - ok

14:48:15.0046 1992        UBHelper        (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys

14:48:15.0046 1992        UBHelper ( UnsignedFile.Multi.Generic ) - warning

14:48:15.0046 1992        UBHelper - detected UnsignedFile.Multi.Generic (1)

14:48:15.0187 1992        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

14:48:15.0312 1992        Udfs - ok

14:48:15.0312 1992        ultra - ok

14:48:15.0359 1992        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

14:48:15.0468 1992        Update - ok

14:48:15.0500 1992        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll

14:48:15.0546 1992        upnphost - ok

14:48:15.0562 1992        UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe

14:48:15.0718 1992        UPS - ok

14:48:15.0734 1992        usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

14:48:15.0859 1992        usbccgp - ok

14:48:15.0875 1992        usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

14:48:16.0000 1992        usbehci - ok

14:48:16.0015 1992        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

14:48:16.0125 1992        usbhub - ok

14:48:16.0140 1992        usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

14:48:16.0265 1992        usbohci - ok

14:48:16.0281 1992        USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

14:48:16.0390 1992        USBSTOR - ok

14:48:16.0406 1992        VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

14:48:16.0531 1992        VgaSave - ok

14:48:16.0546 1992        ViaIde - ok

14:48:16.0562 1992        VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys

14:48:16.0687 1992        VolSnap - ok

14:48:16.0703 1992        VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe

14:48:16.0781 1992        VSS - ok

14:48:16.0796 1992        W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll

14:48:16.0906 1992        W32Time - ok

14:48:16.0937 1992        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

14:48:17.0062 1992        Wanarp - ok

14:48:17.0078 1992        wanatw - ok

14:48:17.0109 1992        Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

14:48:17.0140 1992        Wdf01000 - ok

14:48:17.0140 1992        WDICA - ok

14:48:17.0156 1992        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

14:48:17.0265 1992        wdmaud - ok

14:48:17.0281 1992        WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll

14:48:17.0390 1992        WebClient - ok

14:48:17.0453 1992        winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll

14:48:17.0562 1992        winmgmt - ok

14:48:17.0593 1992        WinUSB          (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\WinUSB.sys

14:48:17.0625 1992        WinUSB - ok

14:48:17.0640 1992        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

14:48:17.0671 1992        WmdmPmSN - ok

14:48:17.0703 1992        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe

14:48:17.0859 1992        WmiApSrv - ok

14:48:17.0937 1992        WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe

14:48:17.0984 1992        WMPNetworkSvc - ok

14:48:18.0015 1992        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

14:48:18.0031 1992        WpdUsb - ok

14:48:18.0062 1992        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll

14:48:18.0203 1992        wscsvc - ok

14:48:18.0218 1992        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll

14:48:18.0359 1992        wuauserv - ok

14:48:18.0375 1992        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

14:48:18.0406 1992        WudfPf - ok

14:48:18.0421 1992        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

14:48:18.0468 1992        WudfRd - ok

14:48:18.0468 1992        WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

14:48:18.0500 1992        WudfSvc - ok

14:48:18.0531 1992        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll

14:48:18.0656 1992        WZCSVC - ok

14:48:18.0671 1992        XDva394 - ok

14:48:18.0687 1992        xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll

14:48:18.0812 1992        xmlprov - ok

14:48:18.0812 1992        ZD1211BU(ZyDAS) - ok

14:48:18.0828 1992        ZD1211U(ZyDAS) - ok

14:48:18.0843 1992        ZDPSp50 - ok

14:48:18.0875 1992        MBR (0x1B8)     (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0

14:48:21.0765 1992        \Device\Harddisk0\DR0 - ok

14:48:21.0796 1992        Boot (0x1200)   (333c6e6fde65f3fefacef0a674749c87) \Device\Harddisk0\DR0\Partition0

14:48:21.0796 1992        \Device\Harddisk0\DR0\Partition0 - ok

14:48:21.0812 1992        Boot (0x1200)   (83047847fabad226b373ccec927ef9ef) \Device\Harddisk0\DR0\Partition1

14:48:21.0812 1992        \Device\Harddisk0\DR0\Partition1 - ok

14:48:21.0812 1992        ============================================================

14:48:21.0812 1992        Scan finished

14:48:21.0812 1992        ============================================================

14:48:21.0937 0576        Detected object count: 17

14:48:21.0937 0576        Actual detected object count: 17

14:49:57.0843 0576        Acer Media Server ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0843 0576        Acer Media Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0843 0576        AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0843 0576        AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0859 0576        Afc ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0859 0576        Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0859 0576        Akamai ( HiddenFile.Multi.Generic ) - skipped by user

14:49:57.0859 0576        Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 

14:49:57.0859 0576        ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0859 0576        ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0875 0576        ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0875 0576        ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0875 0576        ATITool ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0875 0576        ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0890 0576        AWINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0890 0576        AWINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0890 0576        BCM43XX ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0890 0576        BCM43XX ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0890 0576        CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0890 0576        CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0890 0576        CLSched ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0890 0576        CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0890 0576        CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0890 0576        CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0890 0576        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0890 0576        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0906 0576        int15.sys ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0906 0576        int15.sys ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0906 0576        NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0906 0576        NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0906 0576        SpyroService ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0906 0576        SpyroService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:49:57.0921 0576        UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user

14:49:57.0921 0576        UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:04.0171 0448        ============================================================

14:50:04.0171 0448        Scan started

14:50:04.0171 0448        Mode: Manual; SigCheck; TDLFS; 

14:50:04.0171 0448        ============================================================

14:50:04.0500 0448        Abiosdsk - ok

14:50:04.0515 0448        abp480n5 - ok

14:50:04.0578 0448        Acer Media Server (ba875aa88898cdf5ecdd8213020c75c6) C:\Programme\Acer\Acer eConsole\MediaServerService.exe

14:50:04.0640 0448        Acer Media Server ( UnsignedFile.Multi.Generic ) - warning

14:50:04.0640 0448        Acer Media Server - detected UnsignedFile.Multi.Generic (1)

14:50:04.0687 0448        AcerMemUsageCheckService (3caabc2d0f87413eb1e0c7e0b3245e67) C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

14:50:04.0703 0448        AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - warning

14:50:04.0703 0448        AcerMemUsageCheckService - detected UnsignedFile.Multi.Generic (1)

14:50:04.0718 0448        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

14:50:04.0859 0448        ACPI - ok

14:50:04.0890 0448        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys

14:50:05.0015 0448        ACPIEC - ok

14:50:05.0062 0448        AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

14:50:05.0093 0448        AdobeFlashPlayerUpdateSvc - ok

14:50:05.0093 0448        adpu160m - ok

14:50:05.0125 0448        aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

14:50:05.0296 0448        aec - ok

14:50:05.0312 0448        Afc             (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys

14:50:05.0328 0448        Afc ( UnsignedFile.Multi.Generic ) - warning

14:50:05.0328 0448        Afc - detected UnsignedFile.Multi.Generic (1)

14:50:05.0343 0448        AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

14:50:05.0406 0448        AFD - ok

14:50:05.0406 0448        Aha154x - ok

14:50:05.0421 0448        aic78u2 - ok

14:50:05.0437 0448        aic78xx - ok

14:50:05.0671 0448        Akamai          (c775d704feb2b600a5bf7b0b088546af) c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll

14:50:05.0671 0448        Suspicious file (Hidden): c:\programme\gemeinsame dateien\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af

14:50:05.0687 0448        Akamai ( HiddenFile.Multi.Generic ) - warning

14:50:05.0687 0448        Akamai - detected HiddenFile.Multi.Generic (1)

14:50:06.0015 0448        ALCXWDM         (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

14:50:06.0187 0448        ALCXWDM - ok

14:50:06.0265 0448        Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll

14:50:06.0437 0448        Alerter - ok

14:50:06.0468 0448        ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe

14:50:06.0531 0448        ALG - ok

14:50:06.0546 0448        AliIde - ok

14:50:06.0578 0448        AmdK8           (769844eb65df6a62aa51b886290fe51d) C:\WINDOWS\system32\DRIVERS\AmdK8.sys

14:50:06.0593 0448        AmdK8 - ok

14:50:06.0593 0448        amsint - ok

14:50:06.0640 0448        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe

14:50:06.0656 0448        AntiVirSchedulerService - ok

14:50:06.0703 0448        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe

14:50:06.0718 0448        AntiVirService - ok

14:50:06.0718 0448        AppMgmt - ok

14:50:06.0750 0448        Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

14:50:06.0906 0448        Arp1394 - ok

14:50:06.0906 0448        asc - ok

14:50:06.0921 0448        asc3350p - ok

14:50:06.0937 0448        asc3550 - ok

14:50:06.0968 0448        ASCTRM          (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

14:50:06.0984 0448        ASCTRM ( UnsignedFile.Multi.Generic ) - warning

14:50:06.0984 0448        ASCTRM - detected UnsignedFile.Multi.Generic (1)

14:50:07.0062 0448        aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

14:50:07.0078 0448        aspnet_state - ok

14:50:07.0078 0448        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

14:50:07.0203 0448        AsyncMac - ok

14:50:07.0234 0448        atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

14:50:07.0343 0448        atapi - ok

14:50:07.0359 0448        Atdisk - ok

14:50:07.0390 0448        Ati HotKey Poller (42e4e2cf0406394bbce7eb358ae4e208) C:\WINDOWS\system32\Ati2evxx.exe

14:50:07.0453 0448        Ati HotKey Poller - ok

14:50:07.0500 0448        ATI Smart       (460741befbfc91c88934620bc546d172) C:\WINDOWS\system32\ati2sgag.exe

14:50:07.0515 0448        ATI Smart ( UnsignedFile.Multi.Generic ) - warning

14:50:07.0515 0448        ATI Smart - detected UnsignedFile.Multi.Generic (1)

14:50:07.0718 0448        ati2mtag        (81c3e6674d0609aa84c07681bca252de) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

14:50:07.0875 0448        ati2mtag - ok

14:50:08.0031 0448        AtiHdmiService  (d9bc8892b9440a2551b8148c57aa039e) C:\WINDOWS\system32\drivers\AtiHdmi.sys

14:50:08.0046 0448        AtiHdmiService - ok

14:50:08.0078 0448        ATITool         (d4ed96ac2fafee2c697436b9a2871cd3) C:\WINDOWS\system32\DRIVERS\ATITool.sys

14:50:08.0093 0448        ATITool ( UnsignedFile.Multi.Generic ) - warning

14:50:08.0093 0448        ATITool - detected UnsignedFile.Multi.Generic (1)

14:50:08.0109 0448        Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

14:50:08.0281 0448        Atmarpc - ok

14:50:08.0296 0448        AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll

14:50:08.0421 0448        AudioSrv - ok

14:50:08.0437 0448        audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

14:50:08.0546 0448        audstub - ok

14:50:08.0578 0448        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

14:50:08.0593 0448        avgntflt - ok

14:50:08.0609 0448        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys

14:50:08.0625 0448        avipbb - ok

14:50:08.0640 0448        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys

14:50:08.0656 0448        avkmgr - ok

14:50:08.0671 0448        AWINDIS5        (f62b70d3209e38a6c19a03109a25b903) C:\WINDOWS\system32\AWINDIS5.SYS

14:50:08.0671 0448        AWINDIS5 ( UnsignedFile.Multi.Generic ) - warning

14:50:08.0671 0448        AWINDIS5 - detected UnsignedFile.Multi.Generic (1)

14:50:08.0734 0448        BCM43XX         (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\wn311b.sys

14:50:08.0765 0448        BCM43XX ( UnsignedFile.Multi.Generic ) - warning

14:50:08.0765 0448        BCM43XX - detected UnsignedFile.Multi.Generic (1)

14:50:08.0781 0448        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

14:50:08.0921 0448        Beep - ok

14:50:08.0953 0448        BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll

14:50:09.0109 0448        BITS - ok

14:50:09.0140 0448        Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll

14:50:09.0328 0448        Browser - ok

14:50:09.0343 0448        cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

14:50:09.0468 0448        cbidf2k - ok

14:50:09.0484 0448        cd20xrnt - ok

14:50:09.0500 0448        Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

14:50:09.0640 0448        Cdaudio - ok

14:50:09.0656 0448        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

14:50:09.0765 0448        Cdfs - ok

14:50:09.0781 0448        Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

14:50:09.0906 0448        Cdrom - ok

14:50:09.0906 0448        Changer - ok

14:50:09.0937 0448        CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe

14:50:10.0031 0448        CiSvc - ok

14:50:10.0093 0448        CLCapSvc        (cfbcf1def8779481e6695f4739621dde) C:\Program Files\Acer TV-FM\Kernel\TV\CLCapSvc.exe

14:50:10.0109 0448        CLCapSvc ( UnsignedFile.Multi.Generic ) - warning

14:50:10.0109 0448        CLCapSvc - detected UnsignedFile.Multi.Generic (1)

14:50:10.0125 0448        ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe

14:50:10.0250 0448        ClipSrv - ok

14:50:10.0312 0448        clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:50:10.0312 0448        clr_optimization_v2.0.50727_32 - ok

14:50:10.0343 0448        CLSched         (418b3bf615cb329ef208055cad1108fc) C:\Program Files\Acer TV-FM\Kernel\TV\CLSched.exe

14:50:10.0375 0448        CLSched ( UnsignedFile.Multi.Generic ) - warning

14:50:10.0375 0448        CLSched - detected UnsignedFile.Multi.Generic (1)

14:50:10.0390 0448        CmdIde - ok

14:50:10.0390 0448        COMSysApp - ok

14:50:10.0421 0448        Cpqarray - ok

14:50:10.0453 0448        CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll

14:50:10.0562 0448        CryptSvc - ok

14:50:10.0625 0448        CyberLink Media Library Service (1cfdcb99812c62e19c47896a5857d342) C:\Program Files\Acer TV-FM\Kernel\CLML_NTService\CLMLServer.exe

14:50:10.0671 0448        CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - warning

14:50:10.0671 0448        CyberLink Media Library Service - detected UnsignedFile.Multi.Generic (1)

14:50:10.0671 0448        dac2w2k - ok

14:50:10.0687 0448        dac960nt - ok

14:50:10.0750 0448        DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

14:50:10.0765 0448        DcomLaunch - ok

14:50:10.0796 0448        Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll

14:50:10.0953 0448        Dhcp - ok

14:50:10.0968 0448        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

14:50:11.0078 0448        Disk - ok

14:50:11.0093 0448        dmadmin - ok

14:50:11.0156 0448        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys

14:50:11.0281 0448        dmboot - ok

14:50:11.0312 0448        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys

14:50:11.0437 0448        dmio - ok

14:50:11.0453 0448        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

14:50:11.0562 0448        dmload - ok

14:50:11.0578 0448        dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll

14:50:11.0703 0448        dmserver - ok

14:50:11.0718 0448        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

14:50:11.0843 0448        DMusic - ok

14:50:11.0859 0448        Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll

14:50:11.0875 0448        Dnscache - ok

14:50:11.0906 0448        Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll

14:50:12.0031 0448        Dot3svc - ok

14:50:12.0046 0448        dpti2o - ok

14:50:12.0062 0448        drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

14:50:12.0203 0448        drmkaud - ok

14:50:12.0203 0448        EagleNT - ok

14:50:12.0218 0448        EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll

14:50:12.0328 0448        EapHost - ok

14:50:12.0343 0448        ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll

14:50:12.0484 0448        ERSvc - ok

14:50:12.0500 0448        Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

14:50:12.0515 0448        Eventlog - ok

14:50:12.0546 0448        EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll

14:50:12.0578 0448        EventSystem - ok

14:50:12.0609 0448        Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

14:50:12.0734 0448        Fastfat - ok

14:50:12.0765 0448        FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

14:50:12.0781 0448        FastUserSwitchingCompatibility - ok

14:50:12.0796 0448        Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

14:50:12.0937 0448        Fdc - ok

14:50:12.0968 0448        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys

14:50:13.0078 0448        Fips - ok

14:50:13.0078 0448        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

14:50:13.0203 0448        Flpydisk - ok

14:50:13.0234 0448        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

14:50:13.0343 0448        FltMgr - ok

14:50:13.0406 0448        FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

14:50:13.0421 0448        FontCache3.0.0.0 - ok

14:50:13.0437 0448        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

14:50:13.0578 0448        Fs_Rec - ok

14:50:13.0593 0448        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

14:50:13.0718 0448        Ftdisk - ok

14:50:13.0718 0448        Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

14:50:13.0843 0448        Gpc - ok

14:50:13.0875 0448        gusvc - ok

14:50:13.0906 0448        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

14:50:14.0046 0448        HDAudBus - ok

14:50:14.0078 0448        helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

14:50:14.0203 0448        helpsvc - ok

14:50:14.0234 0448        HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll

14:50:14.0343 0448        HidServ - ok

14:50:14.0359 0448        hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

14:50:14.0468 0448        hidusb - ok

14:50:14.0500 0448        hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll

14:50:14.0593 0448        hkmsvc - ok

14:50:14.0593 0448        hpn - ok

14:50:14.0640 0448        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

14:50:14.0687 0448        HTTP - ok

14:50:14.0718 0448        HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll

14:50:14.0828 0448        HTTPFilter - ok

14:50:14.0843 0448        i2omgmt - ok

14:50:14.0843 0448        i2omp - ok

14:50:14.0859 0448        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

14:50:14.0984 0448        i8042prt - ok

14:50:15.0187 0448        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe

14:50:15.0187 0448        IDriverT ( UnsignedFile.Multi.Generic ) - warning

14:50:15.0187 0448        IDriverT - detected UnsignedFile.Multi.Generic (1)

14:50:15.0265 0448        idsvc           (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

14:50:15.0296 0448        idsvc - ok

14:50:15.0312 0448        Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

14:50:15.0437 0448        Imapi - ok

14:50:15.0468 0448        ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe

14:50:15.0625 0448        ImapiService - ok

14:50:15.0625 0448        ini910u - ok

14:50:15.0687 0448        int15.sys       (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys

14:50:15.0703 0448        int15.sys ( UnsignedFile.Multi.Generic ) - warning

14:50:15.0703 0448        int15.sys - detected UnsignedFile.Multi.Generic (1)

14:50:15.0703 0448        IntelIde - ok

14:50:15.0750 0448        Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

14:50:15.0875 0448        Ip6Fw - ok

14:50:15.0906 0448        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

14:50:16.0015 0448        IpFilterDriver - ok

14:50:16.0031 0448        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

14:50:16.0140 0448        IpInIp - ok

14:50:16.0171 0448        IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

14:50:16.0312 0448        IpNat - ok

14:50:16.0328 0448        IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

14:50:16.0437 0448        IPSec - ok

14:50:16.0453 0448        irda            (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys

14:50:16.0515 0448        irda - ok

14:50:16.0531 0448        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

14:50:16.0593 0448        IRENUM - ok

14:50:16.0609 0448        Irmon           (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll

14:50:16.0671 0448        Irmon - ok

14:50:16.0703 0448        irsir           (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys

14:50:16.0765 0448        irsir - ok

14:50:16.0781 0448        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys

14:50:16.0890 0448        isapnp - ok

14:50:16.0968 0448        JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe

14:50:16.0984 0448        JavaQuickStarterService - ok

14:50:17.0000 0448        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

14:50:17.0125 0448        Kbdclass - ok

14:50:17.0140 0448        kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

14:50:17.0250 0448        kbdhid - ok

14:50:17.0281 0448        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

14:50:17.0406 0448        kmixer - ok

14:50:17.0421 0448        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

14:50:17.0453 0448        KSecDD - ok

14:50:17.0484 0448        lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll

14:50:17.0500 0448        lanmanserver - ok

14:50:17.0531 0448        lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll

14:50:17.0546 0448        lanmanworkstation - ok

14:50:17.0687 0448        Lavasoft Ad-Aware Service (4d99fca201b72e0f2ca996e357baa170) C:\Programme\Lavasoft\Ad-Aware\AAWService.exe

14:50:17.0765 0448        Lavasoft Ad-Aware Service - ok

14:50:17.0796 0448        Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Programme\Lavasoft\Ad-Aware\KernExplorer.sys

14:50:17.0812 0448        Lavasoft Kernexplorer - ok

14:50:18.0000 0448        Lbd             (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys

14:50:18.0015 0448        Lbd - ok

14:50:18.0031 0448        lbrtfdc - ok

14:50:18.0062 0448        LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll

14:50:18.0265 0448        LmHosts - ok

14:50:18.0312 0448        mbr - ok

14:50:18.0390 0448        MDM             (11f714f85530a2bd134074dc30e99fca) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe

14:50:18.0406 0448        MDM - ok

14:50:18.0421 0448        Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll

14:50:18.0562 0448        Messenger - ok

14:50:18.0593 0448        mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

14:50:18.0703 0448        mnmdd - ok

14:50:18.0718 0448        mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe

14:50:18.0859 0448        mnmsrvc - ok

14:50:18.0890 0448        Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys

14:50:19.0015 0448        Modem - ok

14:50:19.0015 0448        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys

14:50:19.0140 0448        Mouclass - ok

14:50:19.0156 0448        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys

14:50:19.0265 0448        mouhid - ok

14:50:19.0281 0448        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

14:50:19.0390 0448        MountMgr - ok

14:50:19.0421 0448        MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe

14:50:19.0437 0448        MozillaMaintenance - ok

14:50:19.0437 0448        mraid35x - ok

14:50:19.0468 0448        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

14:50:19.0609 0448        MRxDAV - ok

14:50:19.0656 0448        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

14:50:19.0703 0448        MRxSmb - ok

14:50:19.0734 0448        MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe

14:50:19.0843 0448        MSDTC - ok

14:50:19.0859 0448        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

14:50:19.0968 0448        Msfs - ok

14:50:19.0984 0448        MSIServer - ok

14:50:20.0000 0448        MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

14:50:20.0125 0448        MSKSSRV - ok

14:50:20.0140 0448        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

14:50:20.0234 0448        MSPCLOCK - ok

14:50:20.0265 0448        MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

14:50:20.0359 0448        MSPQM - ok

14:50:20.0390 0448        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

14:50:20.0484 0448        mssmbios - ok

14:50:20.0515 0448        Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

14:50:20.0515 0448        Mup - ok

14:50:20.0546 0448        napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll

14:50:20.0656 0448        napagent - ok

14:50:20.0687 0448        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

14:50:20.0828 0448        NDIS - ok

14:50:20.0843 0448        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

14:50:20.0859 0448        NdisTapi - ok

14:50:20.0890 0448        Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

14:50:20.0984 0448        Ndisuio - ok

14:50:21.0000 0448        NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

14:50:21.0125 0448        NdisWan - ok

14:50:21.0140 0448        NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

14:50:21.0140 0448        NDProxy - ok

14:50:21.0156 0448        NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

14:50:21.0281 0448        NetBIOS - ok

14:50:21.0296 0448        NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

14:50:21.0390 0448        NetBT - ok

14:50:21.0421 0448        NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

14:50:21.0562 0448        NetDDE - ok

14:50:21.0562 0448        NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe

14:50:21.0687 0448        NetDDEdsdm - ok

14:50:21.0703 0448        Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:50:21.0796 0448        Netlogon - ok

14:50:21.0828 0448        Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll

14:50:21.0937 0448        Netman - ok

14:50:22.0000 0448        NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:50:22.0015 0448        NetTcpPortSharing - ok

14:50:22.0046 0448        NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

14:50:22.0156 0448        NIC1394 - ok

14:50:22.0187 0448        Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll

14:50:22.0234 0448        Nla - ok

14:50:22.0250 0448        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

14:50:22.0375 0448        Npfs - ok

14:50:22.0406 0448        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

14:50:22.0546 0448        Ntfs - ok

14:50:22.0562 0448        NTIDrvr         (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys

14:50:22.0578 0448        NTIDrvr ( UnsignedFile.Multi.Generic ) - warning

14:50:22.0578 0448        NTIDrvr - detected UnsignedFile.Multi.Generic (1)

14:50:22.0578 0448        NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:50:22.0687 0448        NtLmSsp - ok

14:50:22.0734 0448        NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll

14:50:22.0843 0448        NtmsSvc - ok

14:50:22.0875 0448        NuidFltr        (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys

14:50:22.0875 0448        NuidFltr - ok

14:50:22.0890 0448        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

14:50:22.0984 0448        Null - ok

14:50:23.0000 0448        nvatabus        (11d1ad7e946538e02f9ef6a6e1792061) C:\WINDOWS\system32\drivers\nvatabus.sys

14:50:23.0062 0448        nvatabus - ok

14:50:23.0078 0448        NVENETFD        (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

14:50:23.0093 0448        NVENETFD - ok

14:50:23.0093 0448        nvnetbus        (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

14:50:23.0109 0448        nvnetbus - ok

14:50:23.0125 0448        nvraid          (3bc8b9d8a744df75698fe35d52f18a0a) C:\WINDOWS\system32\drivers\nvraid.sys

14:50:23.0171 0448        nvraid - ok

14:50:23.0187 0448        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

14:50:23.0296 0448        NwlnkFlt - ok

14:50:23.0312 0448        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

14:50:23.0406 0448        NwlnkFwd - ok

14:50:23.0437 0448        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

14:50:23.0562 0448        ohci1394 - ok

14:50:23.0593 0448        Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys

14:50:23.0703 0448        Parport - ok

14:50:23.0718 0448        PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

14:50:23.0828 0448        PartMgr - ok

14:50:23.0843 0448        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys

14:50:23.0937 0448        ParVdm - ok

14:50:23.0953 0448        PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys

14:50:24.0078 0448        PCI - ok

14:50:24.0078 0448        PCIDump - ok

14:50:24.0093 0448        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys

14:50:24.0203 0448        PCIIde - ok

14:50:24.0218 0448        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys

14:50:24.0328 0448        Pcmcia - ok

14:50:24.0328 0448        PDCOMP - ok

14:50:24.0343 0448        PDFRAME - ok

14:50:24.0359 0448        PDRELI - ok

14:50:24.0359 0448        PDRFRAME - ok

14:50:24.0375 0448        perc2 - ok

14:50:24.0390 0448        perc2hib - ok

14:50:24.0453 0448        PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe

14:50:24.0468 0448        PlugPlay - ok

14:50:24.0484 0448        PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:50:24.0593 0448        PolicyAgent - ok

14:50:24.0609 0448        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

14:50:24.0718 0448        PptpMiniport - ok

14:50:24.0734 0448        Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys

14:50:24.0859 0448        Processor - ok

14:50:24.0859 0448        ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:50:24.0968 0448        ProtectedStorage - ok

14:50:25.0062 0448        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

14:50:25.0171 0448        PSched - ok

14:50:25.0218 0448        Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

14:50:25.0312 0448        Ptilink - ok

14:50:25.0312 0448        ql1080 - ok

14:50:25.0328 0448        Ql10wnt - ok

14:50:25.0343 0448        ql12160 - ok

14:50:25.0359 0448        ql1240 - ok

14:50:25.0359 0448        ql1280 - ok

14:50:25.0390 0448        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

14:50:25.0484 0448        RasAcd - ok

14:50:25.0515 0448        RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll

14:50:25.0609 0448        RasAuto - ok

14:50:25.0640 0448        Rasirda         (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

14:50:25.0687 0448        Rasirda - ok

14:50:25.0703 0448        Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

14:50:25.0812 0448        Rasl2tp - ok

14:50:25.0843 0448        RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll

14:50:26.0000 0448        RasMan - ok

14:50:26.0000 0448        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

14:50:26.0109 0448        RasPppoe - ok

14:50:26.0140 0448        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

14:50:26.0250 0448        Raspti - ok

14:50:26.0281 0448        Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

14:50:26.0406 0448        Rdbss - ok

14:50:26.0421 0448        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

14:50:26.0515 0448        RDPCDD - ok

14:50:26.0546 0448        RDPWD           (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

14:50:26.0562 0448        RDPWD - ok

14:50:26.0593 0448        RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe

14:50:26.0703 0448        RDSessMgr - ok

14:50:26.0718 0448        redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys

14:50:26.0843 0448        redbook - ok

14:50:26.0859 0448        RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll

14:50:26.0984 0448        RemoteAccess - ok

14:50:27.0000 0448        RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe

14:50:27.0156 0448        RpcLocator - ok

14:50:27.0187 0448        RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll

14:50:27.0203 0448        RpcSs - ok

14:50:27.0250 0448        RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe

14:50:27.0390 0448        RSVP - ok

14:50:27.0406 0448        SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe

14:50:27.0531 0448        SamSs - ok

14:50:27.0546 0448        SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe

14:50:27.0703 0448        SCardSvr - ok

14:50:27.0734 0448        Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll

14:50:27.0890 0448        Schedule - ok

14:50:27.0906 0448        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

14:50:27.0968 0448        Secdrv - ok

14:50:27.0968 0448        seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll

14:50:28.0093 0448        seclogon - ok

14:50:28.0109 0448        SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll

14:50:28.0218 0448        SENS - ok

14:50:28.0234 0448        serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

14:50:28.0343 0448        serenum - ok

14:50:28.0359 0448        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys

14:50:28.0468 0448        Serial - ok

14:50:28.0500 0448        Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

14:50:28.0609 0448        Sfloppy - ok

14:50:28.0640 0448        SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll

14:50:28.0812 0448        SharedAccess - ok

14:50:28.0843 0448        ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

14:50:28.0859 0448        ShellHWDetection - ok

14:50:28.0859 0448        Simbad - ok

14:50:28.0875 0448        Sparrow - ok

14:50:28.0890 0448        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

14:50:29.0000 0448        splitter - ok

14:50:29.0031 0448        Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

14:50:29.0046 0448        Spooler - ok

14:50:29.0078 0448        SpyroService    (bfae719594989d1f02b9e9cd86db293e) C:\Programme\FS\Spyro Portal\FlashPortal.exe

14:50:29.0093 0448        SpyroService ( UnsignedFile.Multi.Generic ) - warning

14:50:29.0093 0448        SpyroService - detected UnsignedFile.Multi.Generic (1)

14:50:29.0093 0448        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys

14:50:29.0156 0448        sr - ok

14:50:29.0187 0448        srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll

14:50:29.0250 0448        srservice - ok

14:50:29.0281 0448        Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

14:50:29.0296 0448        Srv - ok

14:50:29.0343 0448        SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll

14:50:29.0406 0448        SSDPSRV - ok

14:50:29.0421 0448        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

14:50:29.0437 0448        ssmdrv - ok

14:50:29.0468 0448        StillCam        (a2dbcc4c8860449df1ab758ea28b4de0) C:\WINDOWS\system32\DRIVERS\serscan.sys

14:50:29.0609 0448        StillCam - ok

14:50:29.0640 0448        stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll

14:50:29.0765 0448        stisvc - ok

14:50:29.0796 0448        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

14:50:29.0906 0448        swenum - ok

14:50:29.0906 0448        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

14:50:30.0031 0448        swmidi - ok

14:50:30.0031 0448        SwPrv - ok

14:50:30.0046 0448        symc810 - ok

14:50:30.0062 0448        symc8xx - ok

14:50:30.0062 0448        sym_hi - ok

14:50:30.0078 0448        sym_u3 - ok

14:50:30.0109 0448        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

14:50:30.0234 0448        sysaudio - ok

14:50:30.0250 0448        SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe

14:50:30.0375 0448        SysmonLog - ok

14:50:30.0390 0448        TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll

14:50:30.0531 0448        TapiSrv - ok

14:50:30.0562 0448        Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

14:50:30.0578 0448        Tcpip - ok

14:50:30.0609 0448        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

14:50:30.0734 0448        TDPIPE - ok

14:50:30.0750 0448        TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

14:50:30.0859 0448        TDTCP - ok

14:50:30.0875 0448        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

14:50:30.0984 0448        TermDD - ok

14:50:31.0015 0448        TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll

14:50:31.0140 0448        TermService - ok

14:50:31.0171 0448        Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll

14:50:31.0171 0448        Themes - ok

14:50:31.0187 0448        TosIde - ok

14:50:31.0218 0448        TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll

14:50:31.0359 0448        TrkWks - ok

14:50:31.0375 0448        UBHelper        (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys

14:50:31.0390 0448        UBHelper ( UnsignedFile.Multi.Generic ) - warning

14:50:31.0390 0448        UBHelper - detected UnsignedFile.Multi.Generic (1)

14:50:31.0406 0448        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

14:50:31.0515 0448        Udfs - ok

14:50:31.0531 0448        ultra - ok

14:50:31.0578 0448        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

14:50:31.0671 0448        Update - ok

14:50:31.0703 0448        upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll

14:50:31.0781 0448        upnphost - ok

14:50:31.0796 0448        UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe

14:50:31.0953 0448        UPS - ok

14:50:31.0984 0448        usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

14:50:32.0109 0448        usbccgp - ok

14:50:32.0125 0448        usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

14:50:32.0250 0448        usbehci - ok

14:50:32.0265 0448        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

14:50:32.0375 0448        usbhub - ok

14:50:32.0390 0448        usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

14:50:32.0500 0448        usbohci - ok

14:50:32.0515 0448        USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

14:50:32.0609 0448        USBSTOR - ok

14:50:32.0625 0448        VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

14:50:32.0765 0448        VgaSave - ok

14:50:32.0765 0448        ViaIde - ok

14:50:32.0796 0448        VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys

14:50:32.0906 0448        VolSnap - ok

14:50:32.0937 0448        VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe

14:50:33.0000 0448        VSS - ok

14:50:33.0015 0448        W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll

14:50:33.0125 0448        W32Time - ok

14:50:33.0140 0448        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

14:50:33.0265 0448        Wanarp - ok

14:50:33.0265 0448        wanatw - ok

14:50:33.0296 0448        Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

14:50:33.0328 0448        Wdf01000 - ok

14:50:33.0328 0448        WDICA - ok

14:50:33.0359 0448        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

14:50:33.0468 0448        wdmaud - ok

14:50:33.0484 0448        WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll

14:50:33.0640 0448        WebClient - ok

14:50:33.0703 0448        winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll

14:50:33.0812 0448        winmgmt - ok

14:50:33.0843 0448        WinUSB          (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\WinUSB.sys

14:50:33.0859 0448        WinUSB - ok

14:50:33.0890 0448        WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

14:50:33.0890 0448        WmdmPmSN - ok

14:50:33.0921 0448        WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe

14:50:34.0062 0448        WmiApSrv - ok

14:50:34.0156 0448        WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe

14:50:34.0187 0448        WMPNetworkSvc - ok

14:50:34.0218 0448        WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

14:50:34.0234 0448        WpdUsb - ok

14:50:34.0265 0448        wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll

14:50:34.0375 0448        wscsvc - ok

14:50:34.0390 0448        wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll

14:50:34.0500 0448        wuauserv - ok

14:50:34.0531 0448        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

14:50:34.0531 0448        WudfPf - ok

14:50:34.0562 0448        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

14:50:34.0609 0448        WudfRd - ok

14:50:34.0625 0448        WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

14:50:34.0640 0448        WudfSvc - ok

14:50:34.0687 0448        WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll

14:50:34.0796 0448        WZCSVC - ok

14:50:34.0812 0448        XDva394 - ok

14:50:34.0828 0448        xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll

14:50:34.0953 0448        xmlprov - ok

14:50:34.0953 0448        ZD1211BU(ZyDAS) - ok

14:50:34.0968 0448        ZD1211U(ZyDAS) - ok

14:50:34.0984 0448        ZDPSp50 - ok

14:50:35.0031 0448        MBR (0x1B8)     (99852d5c3a78447c3d6d82b6155fe848) \Device\Harddisk0\DR0

14:50:38.0125 0448        \Device\Harddisk0\DR0 - ok

14:50:38.0156 0448        Boot (0x1200)   (333c6e6fde65f3fefacef0a674749c87) \Device\Harddisk0\DR0\Partition0

14:50:38.0156 0448        \Device\Harddisk0\DR0\Partition0 - ok

14:50:38.0171 0448        Boot (0x1200)   (83047847fabad226b373ccec927ef9ef) \Device\Harddisk0\DR0\Partition1

14:50:38.0171 0448        \Device\Harddisk0\DR0\Partition1 - ok

14:50:38.0171 0448        ============================================================

14:50:38.0171 0448        Scan finished

14:50:38.0171 0448        ============================================================

14:50:38.0187 0760        Detected object count: 17

14:50:38.0187 0760        Actual detected object count: 17

14:50:52.0890 0760        Acer Media Server ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0890 0760        Acer Media Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0906 0760        AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0906 0760        AcerMemUsageCheckService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0906 0760        Afc ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0906 0760        Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0906 0760        Akamai ( HiddenFile.Multi.Generic ) - skipped by user

14:50:52.0906 0760        Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 

14:50:52.0906 0760        ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0906 0760        ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0921 0760        ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0921 0760        ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0921 0760        ATITool ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0921 0760        ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0921 0760        AWINDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0921 0760        AWINDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0937 0760        BCM43XX ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0937 0760        BCM43XX ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0937 0760        CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0937 0760        CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0953 0760        CLSched ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0953 0760        CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0953 0760        CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0953 0760        CyberLink Media Library Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0953 0760        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0953 0760        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0953 0760        int15.sys ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0953 0760        int15.sys ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0953 0760        NTIDrvr ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0953 0760        NTIDrvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0953 0760        SpyroService ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0953 0760        SpyroService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:52.0953 0760        UBHelper ( UnsignedFile.Multi.Generic ) - skipped by user

14:50:52.0953 0760        UBHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 

14:50:58.0484 1104        Deinitialize success

Gruß
Barbara

Wieso hast du da so zwei völlig verschiedene Logfiles von TDSS?
Und eigentlich solltest du erstmal nur alles skippen und nichts entfernen!