Trojaner-Board - Kryptik und andere UNDINGER auf meinem nun leeren Rechner...

So erledigt:

Code:

OTL logfile created on: 10.02.2012 15:12:39 - Run 3

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Dokumente und Einstellungen\Sarah\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,49 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 68,40% Memory free

2,83 Gb Paging File | 2,36 Gb Available in Paging File | 83,27% Paging File free

Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 103,91 Gb Total Space | 81,50 Gb Free Space | 78,43% Space Free | Partition Type: NTFS

Drive D: | 30,38 Gb Total Space | 29,40 Gb Free Space | 96,77% Space Free | Partition Type: NTFS

 

Computer Name: IDEAPAD-S12 | User Name: Sarah | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.01.27 21:28:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sarah\Desktop\OTL.exe

PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.04.27 15:39:26 | 000,011,736 | -H-- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe

PRC - [2011.04.08 12:59:52 | 000,254,696 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

PRC - [2010.05.30 21:53:18 | 000,187,456 | -H-- | M] (DATA BECKER GmbH & Co KG) -- C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe

PRC - [2010.03.03 01:20:00 | 000,132,456 | -H-- | M] (Lenovo.) -- C:\Programme\ThinkPad\Utilities\DOZESVC.EXE

PRC - [2010.03.03 01:20:00 | 000,053,248 | -H-- | M] () -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe

PRC - [2009.06.12 10:55:48 | 000,028,672 | -H-- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\System Update\SUService.exe

PRC - [2009.03.26 10:20:40 | 000,315,392 | -H-- | M] (DeviceVM) -- C:\QSTART.SYS\config\DVMExportService.exe

PRC - [2009.02.11 04:13:52 | 000,532,480 | -H-- | M] (Vimicro) -- C:\Programme\USB Camera\VM331_STI.EXE

PRC - [2009.01.16 17:56:42 | 000,346,720 | -H-- | M] (Broadcom Corporation.) -- C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe

PRC - [2009.01.04 12:57:28 | 004,462,464 | -H-- | M] (Lenovo(Beijing)Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe

PRC - [2008.12.26 10:05:46 | 001,277,952 | -H-- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe

PRC - [2008.09.27 11:00:24 | 000,430,080 | -H-- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe

PRC - [2008.07.20 17:45:06 | 000,354,840 | -H-- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2008.07.20 17:45:06 | 000,182,808 | -H-- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2008.04.14 04:00:00 | 001,036,800 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008.03.04 10:34:20 | 000,487,424 | -H-- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe

PRC - [2008.03.04 10:34:12 | 001,122,304 | -H-- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe

PRC - [2007.09.26 17:34:46 | 000,644,408 | -H-- | M] (Lenovo Group Limited) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe

PRC - [2006.07.13 13:33:14 | 000,053,248 | -H-- | M] (Lexmark International, Inc.) -- C:\Programme\Lexmark 1200 Series\lxczbmon.exe

PRC - [2006.07.13 13:26:10 | 000,057,344 | -H-- | M] (Lexmark International, Inc.) -- C:\Programme\Lexmark 1200 Series\lxczbmgr.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.10.14 17:33:20 | 000,212,992 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll

MOD - [2011.10.14 17:28:48 | 005,450,752 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll

MOD - [2011.10.14 17:28:16 | 007,950,848 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll

MOD - [2011.10.14 17:27:36 | 011,490,816 | -H-- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll

MOD - [2010.04.21 17:48:30 | 000,315,392 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

MOD - [2010.04.21 17:48:24 | 000,040,960 | -H-- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll

MOD - [2010.03.03 01:20:00 | 000,053,248 | -H-- | M] () -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe

MOD - [2010.03.03 01:20:00 | 000,043,008 | -H-- | M] () -- C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL

MOD - [2009.02.27 16:41:26 | 000,311,296 | -H-- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU

MOD - [2008.05.21 17:33:22 | 000,045,056 | -H-- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll

MOD - [2008.01.03 19:23:06 | 000,167,936 | -H-- | M] () -- C:\Program Files\Lenovo\OneKey App\System Repair\LenovoAPI.dll

MOD - [2007.08.21 13:32:44 | 000,098,304 | -H-- | M] () -- C:\WINDOWS\system32\redmonnt.dll

MOD - [2006.01.19 12:33:38 | 000,078,336 | -H-- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXCZPP5C.DLL

MOD - [2005.06.24 03:05:02 | 000,045,056 | -H-- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] --  -- (HidServ)

SRV - File not found [On_Demand | Stopped] --  -- (gupdatem) Google Update-Dienst (gupdatem)

SRV - File not found [Auto | Stopped] --  -- (gupdate) Google Update Service (gupdate)

SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)

SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.04.27 15:39:26 | 000,011,736 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)

SRV - [2010.05.30 21:53:18 | 000,187,456 | -H-- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe -- (DBService)

SRV - [2010.03.03 01:20:00 | 000,132,456 | -H-- | M] (Lenovo.) [Auto | Running] -- C:\Programme\ThinkPad\Utilities\DOZESVC.EXE -- (DozeSvc)

SRV - [2010.03.03 01:20:00 | 000,053,248 | -H-- | M] () [Auto | Running] -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)

SRV - [2009.06.12 10:55:48 | 000,028,672 | -H-- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\System Update\SUService.exe -- (SUService)

SRV - [2009.03.26 10:20:40 | 000,315,392 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\QSTART.SYS\config\DVMExportService.exe -- (DvmMDES)

SRV - [2009.01.16 17:56:42 | 000,346,720 | -H-- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)

SRV - [2008.11.04 01:06:28 | 000,441,712 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2008.09.27 11:00:24 | 000,430,080 | -H-- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor)

SRV - [2008.07.20 17:45:06 | 000,354,840 | -H-- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)

SRV - [2008.03.04 10:34:12 | 001,122,304 | -H-- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe -- (TVT Scheduler)

SRV - [2007.09.26 17:34:46 | 000,644,408 | -H-- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)

SRV - [2006.10.26 14:03:08 | 000,145,184 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2010.03.03 01:20:00 | 000,024,304 | -H-- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\DozeHDD.sys -- (DozeHDD)

DRV - [2010.03.03 01:20:00 | 000,004,442 | -H-- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)

DRV - [2010.02.24 12:22:10 | 000,185,472 | -H-- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11)

DRV - [2009.05.08 03:06:10 | 000,203,312 | -H-- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)

DRV - [2009.03.02 08:57:22 | 000,995,328 | -H-- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vm331avs.sys -- (vm331avs)

DRV - [2009.02.03 07:42:32 | 000,162,816 | -H-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - [2009.01.07 23:19:00 | 000,991,784 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)

DRV - [2008.10.30 21:19:16 | 000,047,272 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)

DRV - [2008.09.10 19:14:48 | 001,386,624 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)

DRV - [2008.08.28 18:39:08 | 000,048,192 | -H-- | M] (Lenovo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tvtumon.sys -- (tvtumon)

DRV - [2008.07.24 10:37:12 | 000,156,816 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)

DRV - [2008.05.30 04:46:14 | 000,534,568 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)

DRV - [2008.04.02 08:00:02 | 005,056,000 | -H-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008.04.02 08:00:02 | 001,684,736 | -H-- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)

DRV - [2008.04.02 08:00:02 | 001,389,056 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)

DRV - [2008.02.04 09:57:46 | 000,037,160 | -H-- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)

DRV - [2008.01.11 14:58:42 | 000,009,472 | -H-- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV - [2008.01.10 10:59:08 | 000,081,192 | -H-- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSVD.sys -- (WSVD)

DRV - [2007.09.17 13:00:12 | 000,161,792 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)

DRV - [2007.05.23 16:33:58 | 000,128,104 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)

DRV - [2007.02.19 07:56:46 | 000,021,376 | -H-- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

 

 

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lenovo.com

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lenovo.com

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lenovo.com

 

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lenovo.com

 

IE - HKU\S-1-5-21-1048569259-3835621956-88264608-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-1048569259-3835621956-88264608-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-1048569259-3835621956-88264608-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKU\S-1-5-21-1048569259-3835621956-88264608-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKU\S-1-5-21-1048569259-3835621956-88264608-1008\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-1048569259-3835621956-88264608-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie

IE - HKU\S-1-5-21-1048569259-3835621956-88264608-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll File not found

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll File not found

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Programme\Google\Update\1.2.183.29\npGoogleOneClick8.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )

 

 

 

O1 HOSTS File: ([2012.01.31 22:52:06 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [331BigDog] C:\Programme\USB Camera\VM331_STI.EXE (Vimicro)

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(Beijing)Limited)

O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Programme\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited)

O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)

O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1048569259-3835621956-88264608-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1048569259-3835621956-88264608-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0

O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Senden an Bluetooth - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: LENOVO - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - hxxp://www.lenovo.com File not found

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271851683671 (MUWebControl Class)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84753FCB-80EF-4817-88AB-33A577F161E8}: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Sarah\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Sarah\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: 6to4 -  File not found

NetSvcs: AppMgmt -  File not found

NetSvcs: HidServ -  File not found

NetSvcs: Ias -  File not found

NetSvcs: Iprip -  File not found

NetSvcs: Irmon -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: WmdmPmSp -  File not found

 

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 0

 

SafeBootMin: AppMgmt -  File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: MsMpSvc - c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: sermouse.sys - Driver

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vga.sys - Driver

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

SafeBootNet: AppMgmt -  File not found

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: MsMpSvc - c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: sermouse.sys - Driver

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vga.sys - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7

ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - 

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.0

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

ActiveX: Microsoft Base Smart Card Crypto Provider Package - 

 

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)

Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)

Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.I420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)

Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

 

CREATERESTOREPOINT

Error creating restore point.

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.01.31 20:31:59 | 000,000,000 | ---D | C] -- C:\_OTL

[2012.01.27 22:35:18 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Sarah\Recent

[2012.01.27 21:28:00 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sarah\Desktop\OTL.exe

[2012.01.27 16:04:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Malwarebytes

[2012.01.27 16:03:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2012.01.27 16:03:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2012.01.27 16:03:42 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.01.27 16:03:42 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2012.01.27 15:42:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sarah\Desktop\hijack

[2012.01.27 15:41:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sarah\Startmenü\Programme\HiJackThis

[2012.01.27 15:41:10 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro

[2012.01.26 21:45:53 | 000,000,000 | ---D | C] -- C:\Programme\ESET

[2012.01.24 21:24:47 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Sarah\.thumbnails

[2012.01.15 21:33:49 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Sarah\Desktop\HOCHZEIT

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.02.10 15:24:30 | 000,000,382 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job

[2012.02.10 14:29:00 | 000,001,088 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012.02.10 14:27:08 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx

[2012.02.09 11:01:54 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo

[2012.02.09 11:01:15 | 000,001,084 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012.02.09 11:01:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012.01.31 22:56:38 | 000,000,660 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.01.31 20:19:08 | 000,001,158 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.01.29 21:06:38 | 000,146,589 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah\Desktop\Unbenannt.PNG

[2012.01.29 20:58:34 | 000,077,634 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah\Desktop\das ist alles.pdf

[2012.01.27 21:36:22 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah\Desktop\tjc3ltwv.exe

[2012.01.27 21:28:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sarah\Desktop\OTL.exe

[2012.01.27 21:27:38 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah\defogger_reenable

[2012.01.27 21:26:12 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\Sarah\Desktop\Defogger.exe

[2012.01.26 09:46:08 | 003,610,120 | -H-- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.01.22 11:45:22 | 000,036,877 | -H-- | M] () -- C:\Dokumente und Einstellungen\Sarah\Desktop\Bild 049.jpg

 
 ========== Files Created - No Company Name ==========

 

[2012.01.31 23:03:10 | 000,000,177 | -H-- | C] () -- C:\dvmexp.idx

[2012.01.31 22:57:48 | 000,000,382 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job

[2012.01.29 21:06:36 | 000,146,589 | ---- | C] () -- C:\Dokumente und Einstellungen\Sarah\Desktop\Unbenannt.PNG

[2012.01.29 20:58:31 | 000,077,634 | ---- | C] () -- C:\Dokumente und Einstellungen\Sarah\Desktop\das ist alles.pdf

[2012.01.27 21:36:06 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Sarah\Desktop\tjc3ltwv.exe

[2012.01.27 21:27:36 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Sarah\defogger_reenable

[2012.01.27 21:26:16 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Sarah\Desktop\Defogger.exe

[2012.01.27 16:03:56 | 000,000,660 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.01.22 11:45:20 | 000,036,877 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sarah\Desktop\Bild 049.jpg

[2011.04.11 21:17:31 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2011.03.06 15:14:49 | 000,027,648 | -H-- | C] () -- C:\WINDOWS\System32\AVSredirect.dll

[2010.11.27 17:20:12 | 000,098,304 | -H-- | C] () -- C:\WINDOWS\System32\redmonnt.dll

[2010.08.15 16:50:41 | 000,014,336 | -H-- | C] () -- C:\Dokumente und Einstellungen\Sarah\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.07.05 11:15:29 | 000,000,076 | -H-- | C] () -- C:\WINDOWS\dellstat.ini

[2010.07.05 11:13:51 | 000,000,393 | -H-- | C] () -- C:\WINDOWS\lexstat.ini

[2010.07.05 11:12:07 | 000,155,648 | -H-- | C] () -- C:\WINDOWS\System32\LEXPING.EXE

[2010.07.05 11:12:07 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\lxczvs.dll

[2010.07.05 11:12:07 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\INSTMON.EXE

[2010.07.05 11:10:46 | 000,000,270 | -H-- | C] () -- C:\WINDOWS\System32\lxczcoin.ini

[2010.06.09 14:53:24 | 001,126,560 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat

[2010.04.23 04:31:02 | 000,065,308 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2010.04.21 15:36:44 | 000,196,608 | -H-- | C] () -- C:\WINDOWS\PWMBTHLP.EXE

[2010.04.21 15:36:43 | 000,004,442 | -H-- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS

[2010.04.21 13:13:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat

[2009.06.21 21:52:10 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini

[2009.06.21 17:03:16 | 000,036,864 | -H-- | C] () -- C:\WINDOWS\setbt.exe

[2009.06.21 16:20:14 | 009,338,880 | -H-- | C] () -- C:\WINDOWS\System32\Facev.dll

[2009.06.21 16:20:14 | 000,495,616 | -H-- | C] () -- C:\WINDOWS\System32\picn.dll

[2009.06.21 16:20:14 | 000,208,896 | -H-- | C] () -- C:\WINDOWS\System32\image.dll

[2009.06.21 16:20:13 | 001,564,672 | -H-- | C] () -- C:\WINDOWS\System32\MainOp.dll

[2009.06.21 16:20:13 | 000,655,360 | -H-- | C] () -- C:\WINDOWS\System32\EncIcons.dll

[2009.06.21 16:20:13 | 000,507,904 | -H-- | C] () -- C:\WINDOWS\System32\SimpleExt.dll

[2009.06.21 16:20:13 | 000,241,752 | -H-- | C] () -- C:\WINDOWS\System32\IcnOvrly.dll

[2009.06.21 16:20:13 | 000,221,184 | -H-- | C] () -- C:\WINDOWS\System32\SetDev.dll

[2009.06.21 16:20:13 | 000,126,976 | -H-- | C] () -- C:\WINDOWS\System32\VideoOp.dll

[2009.06.21 16:20:13 | 000,053,248 | -H-- | C] () -- C:\WINDOWS\System32\FunFrm.dll

[2009.06.21 16:20:12 | 009,502,720 | -H-- | C] () -- C:\WINDOWS\System32\FaceVerify.dll

[2009.06.21 16:20:12 | 001,974,272 | -H-- | C] () -- C:\WINDOWS\System32\Imagereog.dll

[2009.06.21 16:20:12 | 001,167,360 | -H-- | C] () -- C:\WINDOWS\System32\PicNotify.dll

[2009.06.21 16:20:12 | 000,974,848 | -H-- | C] () -- C:\WINDOWS\System32\Apblend.dll

[2009.06.21 16:20:12 | 000,094,208 | -H-- | C] () -- C:\WINDOWS\System32\Momo.dll

[2009.06.21 16:20:12 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\System32\DevFilt.dll

[2009.06.21 16:20:10 | 000,241,664 | -H-- | C] () -- C:\WINDOWS\System32\3DImageRenderer.dll

[2009.06.21 15:57:32 | 000,001,282 | -H-- | C] () -- C:\WINDOWS\vm331Rmv.ini

[2009.06.21 15:46:32 | 000,147,456 | -H-- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll

[2009.01.16 17:55:38 | 002,854,976 | -H-- | C] () -- C:\WINDOWS\System32\btwicons.dll

[2008.11.07 18:08:20 | 000,362,029 | -H-- | C] () -- C:\WINDOWS\System32\sqlite3.dll

[2008.07.21 18:30:37 | 000,001,650 | -H-- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2008.07.03 01:34:14 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI

[2008.07.03 01:33:08 | 003,610,120 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008.07.03 00:44:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2008.07.03 00:39:50 | 000,021,740 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2008.05.26 22:23:36 | 000,016,834 | -H-- | C] () -- C:\WINDOWS\System32\gthrctr.ini

[2008.05.26 22:23:34 | 000,024,188 | -H-- | C] () -- C:\WINDOWS\System32\idxcntrs.ini

[2008.05.26 22:23:32 | 000,016,568 | -H-- | C] () -- C:\WINDOWS\System32\gsrvctr.ini

[2008.05.26 21:59:42 | 000,018,904 | -H-- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin

[2008.05.26 21:59:40 | 000,106,605 | -H-- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin

[2008.04.14 04:00:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat

[2008.04.14 04:00:00 | 000,535,426 | -H-- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2008.04.14 04:00:00 | 000,483,380 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2008.04.14 04:00:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2008.04.14 04:00:00 | 000,269,480 | -H-- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2008.04.14 04:00:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat

[2008.04.14 04:00:00 | 000,115,726 | -H-- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2008.04.14 04:00:00 | 000,087,090 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2008.04.14 04:00:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin

[2008.04.14 04:00:00 | 000,034,478 | -H-- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2008.04.14 04:00:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2008.04.14 04:00:00 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat

[2008.04.14 04:00:00 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2008.04.14 04:00:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat

[2001.11.14 12:56:00 | 001,802,240 | -H-- | C] () -- C:\WINDOWS\System32\lcppn21.dll

[2001.10.09 23:36:22 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin

[2001.10.09 23:35:30 | 000,004,492 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat

 
 ========== LOP Check ==========

 

[2010.04.22 00:32:52 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Azureus

[2010.05.30 21:53:16 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DATA BECKER Downloads

[2011.01.19 21:07:16 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular

[2010.04.23 10:46:18 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ

[2010.04.22 01:09:50 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Laplink

[2010.08.27 12:07:56 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MySQL

[2010.04.21 15:29:54 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCDr

[2011.12.24 08:17:10 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RavensburgerTipToi

[2010.04.22 01:10:10 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spearit

[2010.06.12 13:30:22 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software

[2010.04.29 09:30:22 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2010.06.12 13:30:14 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

[2010.04.22 01:10:10 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\Spearit

[2010.05.31 07:56:12 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\mresreg

[2010.08.21 08:25:08 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\OCS

[2010.05.30 21:52:40 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\ProtectDisc

[2011.12.24 08:17:10 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\RavensburgerTipToi

[2010.06.10 13:50:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\SmartTools

[2010.04.22 01:10:10 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Spearit

[2010.06.12 13:30:48 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\TuneUp Software

[2010.06.01 21:41:38 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\VSO

[2010.04.21 14:48:02 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Windows Desktop Search

[2010.04.21 15:01:48 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Windows Search

[2012.02.10 15:24:30 | 000,000,382 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2010.04.21 12:21:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Adobe

[2010.04.23 06:15:38 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Help

[2008.07.03 00:45:32 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Identities

[2009.06.21 15:43:06 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\InstallShield

[2010.04.21 15:25:00 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Macromedia

[2012.01.27 16:04:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Malwarebytes

[2008.07.03 00:52:08 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Microsoft

[2010.05.31 07:56:12 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\mresreg

[2010.08.21 08:25:08 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\OCS

[2010.05.30 21:52:40 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\ProtectDisc

[2011.12.24 08:17:10 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\RavensburgerTipToi

[2010.06.10 13:50:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\SmartTools

[2010.04.22 01:10:10 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Spearit

[2010.09.08 22:24:36 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Sun

[2010.06.12 13:30:48 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\TuneUp Software

[2011.05.02 18:55:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\vlc

[2010.06.01 21:41:38 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\VSO

[2010.04.21 14:48:02 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Windows Desktop Search

[2010.04.21 15:01:48 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Windows Search

 
 < %APPDATA%\*.exe /s >

[2012.01.27 15:41:16 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

[2010.08.21 08:25:08 | 000,106,496 | -H-- | M] (OCS) -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe

[2010.08.21 08:25:08 | 000,040,960 | -H-- | M] () -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe

[2009.07.22 17:28:36 | 000,477,976 | -H-- | M] (Protect GmbH) -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\ProtectDisc\License Helper v2\PDLicenseHelperBroker.exe

[2010.05.30 21:52:44 | 000,059,043 | -H-- | M] () -- C:\Dokumente und Einstellungen\Sarah\Anwendungsdaten\ProtectDisc\License Helper v2\uninst.exe

 
 < %SYSTEMDRIVE%\*.exe >

 

 
 < MD5 for: AGP440.SYS  >

[2008.04.14 04:00:00 | 020,108,202 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2008.04.13 14:06:40 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys

[2008.04.13 14:06:40 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS

 
 < MD5 for: ATAPI.SYS  >

[2008.04.14 04:00:00 | 020,108,202 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008.04.14 00:10:32 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys

[2008.04.14 00:10:32 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2008.04.13 14:10:32 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

 
 < MD5 for: EVENTLOG.DLL  >

[2008.04.14 04:00:00 | 000,056,320 | -H-- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\dllcache\eventlog.dll

[2008.04.14 04:00:00 | 000,056,320 | -H-- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll

 
 < MD5 for: IASTOR.SYS  >

[2008.07.20 17:44:44 | 000,324,120 | -H-- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

[2008.07.20 17:44:44 | 000,324,120 | -H-- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\WINDOWS\system32\drivers\iaStor.sys

[2008.07.20 17:44:44 | 000,324,120 | -H-- | M] (Intel Corporation) MD5=707C1692214B1C290271067197F075F6 -- C:\WINDOWS\system32\DRVSTORE\iaAHCI_80FADF59B996DEF517513B0713A4AB06CE0D38E2\iaStor.sys

[2008.07.20 17:44:54 | 000,402,456 | -H-- | M] (Intel Corporation) MD5=FC28E90F2204D8FD147FA9BFA8A51C01 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

 
 < MD5 for: NETLOGON.DLL  >

[2008.04.14 04:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\dllcache\netlogon.dll

[2008.04.14 04:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll

 
 < MD5 for: SCECLI.DLL  >

[2008.04.14 04:00:00 | 000,187,904 | -H-- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\dllcache\scecli.dll

[2008.04.14 04:00:00 | 000,187,904 | -H-- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2008.04.14 04:00:00 | 000,580,096 | -H-- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\dllcache\user32.dll

[2008.04.14 04:00:00 | 000,580,096 | -H-- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.04.14 04:00:00 | 000,026,624 | -H-- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\dllcache\userinit.exe

[2008.04.14 04:00:00 | 000,026,624 | -H-- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008.04.14 04:00:00 | 000,513,024 | -H-- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\dllcache\winlogon.exe

[2008.04.14 04:00:00 | 000,513,024 | -H-- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.04.14 04:00:00 | 000,012,032 | -H-- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys

[2008.04.14 04:00:00 | 000,012,032 | -H-- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2008.07.03 02:32:28 | 000,094,208 | -H-- | M] () -- C:\WINDOWS\System32\config\default.sav

[2008.07.03 02:32:28 | 001,069,056 | -H-- | M] () -- C:\WINDOWS\System32\config\software.sav

[2008.07.03 02:32:26 | 000,471,040 | -H-- | M] () -- C:\WINDOWS\System32\config\system.sav

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >
 

< End of report >

Ok, es wurde was gefunden, ich habe es aber abgebrochen...

Unhide ausgeführt, allerdings noch nicht immer alles da!

So hier das LOG:

Code:

17:58:21.0968 1188        TDSS rootkit removing tool 2.7.11.0 Feb  9 2012 10:12:57

17:58:22.0156 1188        ============================================================

17:58:22.0156 1188        Current date / time: 2012/02/10 17:58:22.0156

17:58:22.0156 1188        SystemInfo:

17:58:22.0156 1188        

17:58:22.0156 1188        OS Version: 5.1.2600 ServicePack: 3.0

17:58:22.0156 1188        Product type: Workstation

17:58:22.0156 1188        ComputerName: IDEAPAD-S12

17:58:22.0156 1188        UserName: Sarah

17:58:22.0156 1188        Windows directory: C:\WINDOWS

17:58:22.0156 1188        System windows directory: C:\WINDOWS

17:58:22.0156 1188        Processor architecture: Intel x86

17:58:22.0156 1188        Number of processors: 2

17:58:22.0156 1188        Page size: 0x1000

17:58:22.0156 1188        Boot type: Normal boot

17:58:22.0156 1188        ============================================================

17:58:23.0406 1188        Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

17:58:23.0468 1188        \Device\Harddisk0\DR0:

17:58:23.0468 1188        MBR used

17:58:23.0468 1188        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCFD387E

17:58:23.0484 1188        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xCFD4800, BlocksNum 0x3CC3000

17:58:23.0578 1188        Initialize success

17:58:23.0578 1188        ============================================================

17:59:39.0812 3748        ============================================================

17:59:39.0812 3748        Scan started

17:59:39.0812 3748        Mode: Manual; SigCheck; TDLFS; 

17:59:39.0812 3748        ============================================================

17:59:40.0515 3748        Abiosdsk - ok

17:59:40.0609 3748        abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

17:59:41.0437 3748        abp480n5 - ok

17:59:41.0609 3748        acedrv11        (e6f53d6c0dea3d375362265e175ca638) C:\WINDOWS\system32\drivers\acedrv11.sys

17:59:42.0640 3748        acedrv11 - ok

17:59:42.0765 3748        ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys

17:59:43.0093 3748        ACPI - ok

17:59:43.0281 3748        ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

17:59:43.0625 3748        ACPIEC - ok

17:59:43.0687 3748        ACPIVPC         (5508e9f55799c6551d54dfbc4a068b68) C:\WINDOWS\system32\DRIVERS\AcpiVpc.sys

17:59:43.0828 3748        ACPIVPC - ok

17:59:43.0890 3748        adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

17:59:44.0281 3748        adpu160m - ok

17:59:44.0359 3748        aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

17:59:44.0671 3748        aec - ok

17:59:44.0703 3748        AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

17:59:44.0812 3748        AFD - ok

17:59:44.0859 3748        agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

17:59:45.0171 3748        agp440 - ok

17:59:45.0187 3748        agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

17:59:45.0500 3748        agpCPQ - ok

17:59:45.0531 3748        Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

17:59:45.0656 3748        Aha154x - ok

17:59:45.0671 3748        aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

17:59:45.0921 3748        aic78u2 - ok

17:59:45.0937 3748        aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

17:59:46.0234 3748        aic78xx - ok

17:59:46.0265 3748        AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

17:59:46.0484 3748        AliIde - ok

17:59:46.0500 3748        alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

17:59:46.0781 3748        alim1541 - ok

17:59:46.0875 3748        Ambfilt         (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys

17:59:47.0109 3748        Ambfilt - ok

17:59:47.0156 3748        amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

17:59:47.0437 3748        amdagp - ok

17:59:47.0484 3748        amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

17:59:47.0640 3748        amsint - ok

17:59:47.0703 3748        ApfiltrService  (83c822899ffba5e6b733dba9eebc7e32) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys

17:59:47.0765 3748        ApfiltrService - ok

17:59:47.0828 3748        Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

17:59:48.0156 3748        Arp1394 - ok

17:59:48.0234 3748        asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

17:59:48.0484 3748        asc - ok

17:59:48.0515 3748        asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

17:59:48.0640 3748        asc3350p - ok

17:59:48.0656 3748        asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

17:59:48.0890 3748        asc3550 - ok

17:59:48.0921 3748        AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

17:59:49.0171 3748        AsyncMac - ok

17:59:49.0218 3748        atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

17:59:49.0531 3748        atapi - ok

17:59:49.0546 3748        Atdisk - ok

17:59:49.0625 3748        Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

17:59:49.0921 3748        Atmarpc - ok

17:59:49.0984 3748        audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

17:59:50.0187 3748        audstub - ok

17:59:50.0234 3748        b57w2k          (e470738b601a7fbb1e1c34cec8355f5d) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

17:59:50.0390 3748        b57w2k - ok

17:59:50.0484 3748        BCM43XX         (cc03987ee5d0f956706b40d2f91f9e4f) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

17:59:50.0640 3748        BCM43XX - ok

17:59:50.0687 3748        Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

17:59:50.0953 3748        Beep - ok

17:59:51.0046 3748        btaudio         (4b43dfe1c1fbb305a1dc5504ef9bb34e) C:\WINDOWS\system32\drivers\btaudio.sys

17:59:51.0109 3748        btaudio - ok

17:59:51.0171 3748        BTDriver        (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys

17:59:51.0234 3748        BTDriver - ok

17:59:51.0296 3748        BTKRNL          (cf47c53d294abcb5159b02b68b37ba89) C:\WINDOWS\system32\DRIVERS\btkrnl.sys

17:59:51.0406 3748        BTKRNL - ok

17:59:51.0468 3748        BTWDNDIS        (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys

17:59:51.0578 3748        BTWDNDIS - ok

17:59:51.0625 3748        BTWUSB          (6b622612fe21b59faee2ca4385959778) C:\WINDOWS\system32\Drivers\btwusb.sys

17:59:51.0734 3748        BTWUSB - ok

17:59:51.0765 3748        cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

17:59:52.0062 3748        cbidf - ok

17:59:52.0109 3748        cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

17:59:52.0343 3748        cbidf2k - ok

17:59:52.0406 3748        CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

17:59:52.0656 3748        CCDECODE - ok

17:59:52.0687 3748        cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

17:59:52.0765 3748        cd20xrnt - ok

17:59:52.0828 3748        Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

17:59:53.0078 3748        Cdaudio - ok

17:59:53.0140 3748        Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

17:59:53.0437 3748        Cdfs - ok

17:59:53.0500 3748        Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

17:59:53.0796 3748        Cdrom - ok

17:59:53.0828 3748        Changer - ok

17:59:53.0890 3748        CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

17:59:54.0140 3748        CmBatt - ok

17:59:54.0187 3748        CmdIde          (c687f81290303d90099b027a6474f99f) C:\WINDOWS\system32\DRIVERS\cmdide.sys

17:59:54.0406 3748        CmdIde - ok

17:59:54.0421 3748        Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

17:59:54.0671 3748        Compbatt - ok

17:59:54.0703 3748        Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

17:59:54.0953 3748        Cpqarray - ok

17:59:54.0984 3748        dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

17:59:55.0265 3748        dac2w2k - ok

17:59:55.0281 3748        dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

17:59:55.0515 3748        dac960nt - ok

17:59:55.0578 3748        Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

17:59:55.0828 3748        Disk - ok

17:59:55.0890 3748        dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys

17:59:56.0203 3748        dmboot - ok

17:59:56.0250 3748        dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys

17:59:56.0531 3748        dmio - ok

17:59:56.0546 3748        dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

17:59:56.0781 3748        dmload - ok

17:59:56.0843 3748        DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

17:59:57.0125 3748        DMusic - ok

17:59:57.0171 3748        DozeHDD         (e00b3ce273b17aee1259c105df5524ca) C:\WINDOWS\system32\DRIVERS\DozeHDD.sys

17:59:57.0234 3748        DozeHDD - ok

17:59:57.0265 3748        dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

17:59:57.0500 3748        dpti2o - ok

17:59:57.0562 3748        drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

17:59:57.0765 3748        drmkaud - ok

17:59:57.0796 3748        ebwmjnis - ok

17:59:57.0843 3748        Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

17:59:58.0109 3748        Fastfat - ok

17:59:58.0156 3748        Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

17:59:58.0421 3748        Fdc - ok

17:59:58.0468 3748        Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys

17:59:58.0734 3748        Fips - ok

17:59:58.0765 3748        Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

17:59:59.0031 3748        Flpydisk - ok

17:59:59.0078 3748        FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

17:59:59.0343 3748        FltMgr - ok

17:59:59.0375 3748        Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:59:59.0578 3748        Fs_Rec - ok

17:59:59.0609 3748        Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

17:59:59.0859 3748        Ftdisk - ok

17:59:59.0906 3748        GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

17:59:59.0984 3748        GEARAspiWDM - ok

18:00:00.0031 3748        Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:00:00.0296 3748        Gpc - ok

18:00:00.0359 3748        HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

18:00:00.0656 3748        HDAudBus - ok

18:00:00.0718 3748        HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:00:00.0968 3748        HidUsb - ok

18:00:01.0015 3748        hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

18:00:01.0265 3748        hpn - ok

18:00:01.0312 3748        HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

18:00:01.0390 3748        HTTP - ok

18:00:01.0421 3748        i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

18:00:01.0671 3748        i2omgmt - ok

18:00:01.0703 3748        i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

18:00:01.0953 3748        i2omp - ok

18:00:02.0015 3748        i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

18:00:02.0296 3748        i8042prt - ok

18:00:02.0531 3748        ialm            (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

18:00:02.0921 3748        ialm - ok

18:00:03.0015 3748        iaStor          (707c1692214b1c290271067197f075f6) C:\WINDOWS\system32\DRIVERS\iaStor.sys

18:00:03.0156 3748        iaStor - ok

18:00:03.0218 3748        Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

18:00:03.0500 3748        Imapi - ok

18:00:03.0531 3748        ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

18:00:03.0765 3748        ini910u - ok

18:00:03.0984 3748        IntcAzAudAddService (e304748137d6cd6e1cf98bddea20bfa2) C:\WINDOWS\system32\drivers\RtkHDAud.sys

18:00:04.0328 3748        IntcAzAudAddService - ok

18:00:04.0343 3748        IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys

18:00:04.0562 3748        IntelIde - ok

18:00:04.0609 3748        intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys

18:00:04.0875 3748        intelppm - ok

18:00:04.0921 3748        Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

18:00:05.0218 3748        Ip6Fw - ok

18:00:05.0234 3748        IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:00:05.0500 3748        IpFilterDriver - ok

18:00:05.0515 3748        IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:00:05.0765 3748        IpInIp - ok

18:00:05.0812 3748        IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:00:06.0093 3748        IpNat - ok

18:00:06.0125 3748        IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:00:06.0421 3748        IPSec - ok

18:00:06.0500 3748        IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

18:00:06.0625 3748        IRENUM - ok

18:00:06.0703 3748        isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:00:06.0984 3748        isapnp - ok

18:00:07.0015 3748        Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:00:07.0281 3748        Kbdclass - ok

18:00:07.0343 3748        kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

18:00:07.0562 3748        kmixer - ok

18:00:07.0609 3748        KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

18:00:07.0765 3748        KSecDD - ok

18:00:07.0796 3748        lbrtfdc - ok

18:00:07.0859 3748        MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys

18:00:07.0921 3748        MBAMProtector - ok

18:00:07.0984 3748        mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

18:00:08.0218 3748        mnmdd - ok

18:00:08.0265 3748        Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys

18:00:08.0546 3748        Modem - ok

18:00:08.0625 3748        Monfilt         (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys

18:00:08.0812 3748        Monfilt - ok

18:00:08.0859 3748        Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:00:09.0125 3748        Mouclass - ok

18:00:09.0171 3748        mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:00:09.0406 3748        mouhid - ok

18:00:09.0453 3748        MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

18:00:09.0750 3748        MountMgr - ok

18:00:09.0781 3748        MpFilter        (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys

18:00:09.0875 3748        MpFilter - ok

18:00:10.0031 3748        MpKsl287915b9   (a69630d039c38018689190234f866d77) c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{47835004-CCC4-45CE-8F63-CEA76B0EFF46}\MpKsl287915b9.sys

18:00:10.0109 3748        MpKsl287915b9 - ok

18:00:10.0218 3748        mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

18:00:10.0468 3748        mraid35x - ok

18:00:10.0546 3748        MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:00:10.0796 3748        MRxDAV - ok

18:00:10.0890 3748        MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:00:11.0046 3748        MRxSmb - ok

18:00:11.0109 3748        Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

18:00:11.0375 3748        Msfs - ok

18:00:11.0406 3748        MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:00:11.0625 3748        MSKSSRV - ok

18:00:11.0671 3748        MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:00:11.0890 3748        MSPCLOCK - ok

18:00:11.0937 3748        MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

18:00:12.0156 3748        MSPQM - ok

18:00:12.0203 3748        mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:00:12.0437 3748        mssmbios - ok

18:00:12.0484 3748        MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

18:00:12.0734 3748        MSTEE - ok

18:00:12.0796 3748        Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

18:00:12.0921 3748        Mup - ok

18:00:13.0031 3748        NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

18:00:13.0296 3748        NABTSFEC - ok

18:00:13.0375 3748        NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

18:00:13.0703 3748        NDIS - ok

18:00:13.0750 3748        NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

18:00:14.0000 3748        NdisIP - ok

18:00:14.0031 3748        NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:00:14.0140 3748        NdisTapi - ok

18:00:14.0203 3748        Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:00:14.0468 3748        Ndisuio - ok

18:00:14.0500 3748        NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:00:14.0843 3748        NdisWan - ok

18:00:14.0906 3748        NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

18:00:15.0015 3748        NDProxy - ok

18:00:15.0078 3748        NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

18:00:15.0359 3748        NetBIOS - ok

18:00:15.0406 3748        NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

18:00:15.0718 3748        NetBT - ok

18:00:15.0796 3748        NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

18:00:16.0125 3748        NIC1394 - ok

18:00:16.0187 3748        Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

18:00:16.0468 3748        Npfs - ok

18:00:16.0531 3748        Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

18:00:16.0796 3748        Ntfs - ok

18:00:16.0890 3748        Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

18:00:17.0093 3748        Null - ok

18:00:17.0125 3748        NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:00:17.0390 3748        NwlnkFlt - ok

18:00:17.0406 3748        NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:00:17.0687 3748        NwlnkFwd - ok

18:00:17.0718 3748        ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

18:00:18.0015 3748        ohci1394 - ok

18:00:18.0062 3748        Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys

18:00:18.0359 3748        Parport - ok

18:00:18.0375 3748        PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

18:00:18.0640 3748        PartMgr - ok

18:00:18.0687 3748        ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys

18:00:18.0890 3748        ParVdm - ok

18:00:18.0937 3748        PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys

18:00:19.0234 3748        PCI - ok

18:00:19.0250 3748        PCIDump - ok

18:00:19.0281 3748        PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys

18:00:19.0484 3748        PCIIde - ok

18:00:19.0515 3748        Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys

18:00:19.0781 3748        Pcmcia - ok

18:00:19.0812 3748        PDCOMP - ok

18:00:19.0843 3748        PDFRAME - ok

18:00:19.0859 3748        PDRELI - ok

18:00:19.0890 3748        PDRFRAME - ok

18:00:19.0906 3748        perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

18:00:20.0171 3748        perc2 - ok

18:00:20.0187 3748        perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

18:00:20.0406 3748        perc2hib - ok

18:00:20.0484 3748        PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:00:20.0734 3748        PptpMiniport - ok

18:00:20.0781 3748        psadd           (651d3abc1d82d61b6cfb40cb947b3db3) C:\WINDOWS\system32\DRIVERS\psadd.sys

18:00:20.0859 3748        psadd - ok

18:00:20.0890 3748        PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

18:00:21.0187 3748        PSched - ok

18:00:21.0203 3748        Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:00:21.0468 3748        Ptilink - ok

18:00:21.0515 3748        ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

18:00:21.0750 3748        ql1080 - ok

18:00:21.0765 3748        Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

18:00:22.0015 3748        Ql10wnt - ok

18:00:22.0046 3748        ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

18:00:22.0296 3748        ql12160 - ok

18:00:22.0312 3748        ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

18:00:22.0562 3748        ql1240 - ok

18:00:22.0578 3748        ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

18:00:22.0812 3748        ql1280 - ok

18:00:22.0843 3748        RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:00:23.0093 3748        RasAcd - ok

18:00:23.0140 3748        Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:00:23.0453 3748        Rasl2tp - ok

18:00:23.0468 3748        RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:00:23.0734 3748        RasPppoe - ok

18:00:23.0781 3748        Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

18:00:24.0031 3748        Raspti - ok

18:00:24.0078 3748        Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:00:24.0390 3748        Rdbss - ok

18:00:24.0437 3748        RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:00:24.0687 3748        RDPCDD - ok

18:00:24.0734 3748        rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

18:00:25.0078 3748        rdpdr - ok

18:00:25.0140 3748        RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

18:00:25.0296 3748        RDPWD - ok

18:00:25.0343 3748        redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys

18:00:25.0625 3748        redbook - ok

18:00:25.0687 3748        RSUSBSTOR       (7ffa9821b1c5e0e0667e0a2685cfb89f) C:\WINDOWS\system32\Drivers\RtsUStor.sys

18:00:25.0781 3748        RSUSBSTOR - ok

18:00:25.0812 3748        Rts516xIR - ok

18:00:25.0875 3748        sdbus           (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

18:00:26.0125 3748        sdbus - ok

18:00:26.0140 3748        Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:00:26.0281 3748        Secdrv - ok

18:00:26.0312 3748        serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

18:00:26.0562 3748        serenum - ok

18:00:26.0609 3748        Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys

18:00:26.0937 3748        Serial - ok

18:00:27.0031 3748        Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

18:00:27.0265 3748        Sfloppy - ok

18:00:27.0296 3748        Simbad - ok

18:00:27.0359 3748        sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

18:00:27.0625 3748        sisagp - ok

18:00:27.0671 3748        SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

18:00:27.0906 3748        SLIP - ok

18:00:27.0937 3748        Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

18:00:28.0078 3748        Sparrow - ok

18:00:28.0109 3748        splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

18:00:28.0312 3748        splitter - ok

18:00:28.0359 3748        sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys

18:00:28.0546 3748        sr - ok

18:00:28.0578 3748        Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

18:00:28.0718 3748        Srv - ok

18:00:28.0812 3748        streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

18:00:29.0062 3748        streamip - ok

18:00:29.0109 3748        swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

18:00:29.0375 3748        swenum - ok

18:00:29.0406 3748        swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

18:00:29.0687 3748        swmidi - ok

18:00:29.0781 3748        symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

18:00:30.0062 3748        symc810 - ok

18:00:30.0093 3748        symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

18:00:30.0343 3748        symc8xx - ok

18:00:30.0375 3748        sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

18:00:30.0609 3748        sym_hi - ok

18:00:30.0640 3748        sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

18:00:30.0890 3748        sym_u3 - ok

18:00:30.0937 3748        sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

18:00:31.0234 3748        sysaudio - ok

18:00:31.0296 3748        Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:00:31.0484 3748        Tcpip - ok

18:00:31.0531 3748        TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

18:00:31.0781 3748        TDPIPE - ok

18:00:31.0796 3748        TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

18:00:32.0062 3748        TDTCP - ok

18:00:32.0125 3748        TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

18:00:32.0406 3748        TermDD - ok

18:00:32.0468 3748        TosIde          (d213a9247dc347f305a2d4cc9b951487) C:\WINDOWS\system32\DRIVERS\toside.sys

18:00:32.0671 3748        TosIde - ok

18:00:32.0718 3748        TPPWRIF         (44672de6cea9569c21c4b7a8d2560750) C:\WINDOWS\system32\drivers\Tppwrif.sys

18:00:32.0781 3748        TPPWRIF ( UnsignedFile.Multi.Generic ) - warning

18:00:32.0781 3748        TPPWRIF - detected UnsignedFile.Multi.Generic (1)

18:00:32.0859 3748        tvtumon         (3385d48304443d0ee42af5dbf89634b6) C:\WINDOWS\system32\DRIVERS\tvtumon.sys

18:00:32.0953 3748        tvtumon - ok

18:00:33.0000 3748        Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

18:00:33.0296 3748        Udfs - ok

18:00:33.0359 3748        ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

18:00:33.0484 3748        ultra - ok

18:00:33.0531 3748        Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

18:00:33.0781 3748        Update - ok

18:00:33.0812 3748        USBAAPL - ok

18:00:33.0859 3748        usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:00:34.0125 3748        usbccgp - ok

18:00:34.0156 3748        USBCCID - ok

18:00:34.0203 3748        usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:00:34.0437 3748        usbehci - ok

18:00:34.0515 3748        usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:00:34.0781 3748        usbhub - ok

18:00:34.0828 3748        usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:00:35.0109 3748        usbprint - ok

18:00:35.0140 3748        usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:00:35.0390 3748        usbscan - ok

18:00:35.0453 3748        USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:00:35.0718 3748        USBSTOR - ok

18:00:35.0781 3748        usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

18:00:36.0015 3748        usbuhci - ok

18:00:36.0078 3748        usbvideo        (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

18:00:36.0343 3748        usbvideo - ok

18:00:36.0375 3748        VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

18:00:36.0640 3748        VgaSave - ok

18:00:36.0703 3748        viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

18:00:36.0984 3748        viaagp - ok

18:00:37.0000 3748        ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

18:00:37.0250 3748        ViaIde - ok

18:00:37.0343 3748        vm331avs        (0f24dd656b030fae4372bf4904e4b0a3) C:\WINDOWS\system32\Drivers\vm331avs.sys

18:00:37.0500 3748        vm331avs - ok

18:00:37.0515 3748        VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys

18:00:37.0812 3748        VolSnap - ok

18:00:37.0890 3748        Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:00:38.0187 3748        Wanarp - ok

18:00:38.0250 3748        Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

18:00:38.0343 3748        Wdf01000 - ok

18:00:38.0359 3748        WDICA - ok

18:00:38.0421 3748        wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

18:00:38.0734 3748        wdmaud - ok

18:00:38.0781 3748        WimFltr         (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\WINDOWS\system32\DRIVERS\wimfltr.sys

18:00:38.0906 3748        WimFltr - ok

18:00:38.0984 3748        WmiAcpi         (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

18:00:39.0218 3748        WmiAcpi - ok

18:00:39.0281 3748        WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

18:00:39.0562 3748        WSTCODEC - ok

18:00:39.0609 3748        WSVD            (5d0a08ebf9660e07865907fb1ab022b5) C:\WINDOWS\system32\drivers\WSVD.sys

18:00:39.0703 3748        WSVD - ok

18:00:39.0750 3748        WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:00:39.0875 3748        WudfPf - ok

18:00:39.0906 3748        WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:00:40.0031 3748        WudfRd - ok

18:00:40.0078 3748        MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

18:00:40.0234 3748        \Device\Harddisk0\DR0 - ok

18:00:40.0234 3748        Boot (0x1200)   (9656a52cafdd75cfec2d0c7a15cd8802) \Device\Harddisk0\DR0\Partition0

18:00:40.0234 3748        \Device\Harddisk0\DR0\Partition0 - ok

18:00:40.0265 3748        Boot (0x1200)   (d355d3602cdcbd1931487087dce288a0) \Device\Harddisk0\DR0\Partition1

18:00:40.0265 3748        \Device\Harddisk0\DR0\Partition1 - ok

18:00:40.0265 3748        ============================================================

18:00:40.0265 3748        Scan finished

18:00:40.0265 3748        ============================================================

18:00:40.0390 0944        Detected object count: 1

18:00:40.0390 0944        Actual detected object count: 1

18:00:51.0187 0944        TPPWRIF ( UnsignedFile.Multi.Generic ) - skipped by user

18:00:51.0187 0944        TPPWRIF ( UnsignedFile.Multi.Generic ) - User select action: Skip