Trojaner-Board - avast! hat den Zugriff auf eine infizierte Webseite blockiert

Hi Markus,

erstmals Danke. Wie konntest du sehen, dass die Seite gehackt ist. Gibt es dafür ein Tool ?
Diese Seite wurde mal von Google webmastertools als korrumpierte Steie eingestuft, da hab ich ein Backup eingespielt und Passwörter geändert. Danach kam von Google keine fehlermeldung mehr. Würde gerne wissen wie du das überprüft hast. Ich habe auch die Datenback als backup, nun befürchte ich, dass die schon korrumpiert sind. Wie kann ich die Datenbank nach Viren, Trojanern etc. prüfen.

Hier deine gefoderten txt-dateien. Alle Programme waren aus, bis auf Avast Virenscanner (im Hintergrund)

otl.txt
OTL Logfile:

Code:

OTL logfile created on: 12.09.2012 15:31:26 - Run 1

OTL by OldTimer - Version 3.2.61.3     Folder = C:\Dokumente und Einstellungen\Admin\Desktop\arge

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,99 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 75,31% Memory free

3,84 Gb Paging File | 3,49 Gb Available in Paging File | 90,91% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 127,99 Gb Total Space | 113,83 Gb Free Space | 88,94% Space Free | Partition Type: NTFS

Drive D: | 104,89 Gb Total Space | 104,60 Gb Free Space | 99,72% Space Free | Partition Type: NTFS

 

Computer Name: BLA-3443EB72419 | User Name: Admin | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.09.12 15:20:26 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Admin\Desktop\arge\OTL.exe

PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe

PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe

PRC - [2012.08.20 22:21:47 | 000,218,624 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\ouc.exe

PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe

PRC - [2012.07.14 15:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe

PRC - [2012.07.11 20:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe

PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

PRC - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe

PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2004.08.04 14:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drwtsn32.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.09.12 09:49:17 | 001,809,408 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12091200\algo.dll

MOD - [2012.09.11 20:43:54 | 001,808,384 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12091101\algo.dll

MOD - [2012.08.20 22:21:50 | 002,415,104 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\QtCore4.dll

MOD - [2012.08.20 22:21:50 | 001,148,416 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\QtNetwork4.dll

MOD - [2012.08.20 22:21:49 | 000,011,362 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\mingwm10.dll

MOD - [2012.08.20 22:21:48 | 000,043,008 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll

MOD - [2012.08.20 22:21:47 | 000,218,624 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\ouc.exe

MOD - [2012.01.03 15:10:46 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU

MOD - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe

MOD - [2008.07.15 08:13:20 | 000,856,064 | ---- | M] () -- C:\Programme\Lenovo Fingerprint Software\SharedResources.dll

MOD - [2006.10.12 17:28:48 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll

 

 
 ========== Services (SafeList) ==========

 

SRV - File not found [Disabled | Unknown] -- C:\Programme\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)

SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2012.08.29 13:05:02 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2012.08.20 22:21:47 | 000,218,624 | ---- | M] () [Auto | Stopped] -- C:\Programme\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)

SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012.08.03 12:37:56 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)

SRV - [2012.07.14 15:59:32 | 000,497,320 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)

SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.07.11 20:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)

SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)

SRV - [2012.04.03 09:26:12 | 000,161,664 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)

SRV - [2008.07.15 08:13:28 | 000,106,496 | ---- | M] (AuthenTec,Inc) [Disabled | Stopped] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)

SRV - [2007.03.16 06:26:22 | 000,057,344 | ---- | M] (Lenovo) [Disabled | Stopped] -- C:\Programme\Lenovo\PM Driver\PMSveH.exe -- (PMSveH)

SRV - [2006.11.11 22:56:18 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins)

SRV - [2006.10.26 20:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2006.08.31 18:04:06 | 000,065,536 | ---- | M] (Broadcom Corp.) [Disabled | Stopped] -- C:\Programme\Broadcom\BACS\BPowMon.exe -- (BPowMon)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)

DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)

DRV - File not found [Kernel | System | Stopped] --  -- (Changer)

DRV - [2012.09.12 10:51:31 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)

DRV - [2012.08.21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2012.08.20 22:21:51 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)

DRV - [2012.08.20 22:21:51 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)

DRV - [2012.08.20 22:21:51 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)

DRV - [2012.08.20 22:21:51 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)

DRV - [2012.08.03 12:08:02 | 000,526,640 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)

DRV - [2012.07.14 15:59:44 | 000,027,056 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)

DRV - [2012.03.07 02:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)

DRV - [2012.02.09 11:48:24 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2008.06.05 21:21:52 | 000,146,944 | R--- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV)

DRV - [2008.05.12 19:04:04 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\smiif32.sys -- (lenovo.smi)

DRV - [2007.02.24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)

DRV - [2007.02.16 16:46:42 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)

DRV - [2007.01.30 19:57:00 | 004,474,368 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)

DRV - [2007.01.23 18:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)

DRV - [2007.01.23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2006.11.13 11:41:20 | 000,862,922 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)

DRV - [2006.11.08 14:49:42 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)

DRV - [2006.10.30 11:51:40 | 000,067,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)

DRV - [2006.08.30 15:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2006.05.24 12:48:14 | 000,010,240 | ---- | M] (Lenovo ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PMHler.sys -- (PMHler)

DRV - [2005.06.10 06:55:28 | 000,173,056 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\odysseyIM4.sys -- (odysseyIM4)

DRV - [2003.04.24 16:21:50 | 000,006,025 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Programme\Broadcom\BACS\BASFND.sys -- (BASFND)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

 

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 
 ========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Programme\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Programme\CheckPoint\ZAForceField\TrustChecker [2012.08.22 13:51:05 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.08.22 14:00:35 | 000,000,000 | ---D | M]

 

[2012.09.12 10:50:47 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Extensions

 

O1 HOSTS File: ([2012.03.30 13:26:52 | 000,441,496 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 15174 more lines...

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [FingerPrintSoftware] C:\Programme\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)

O4 - HKLM..\Run: [ISW]  File not found

O4 - HKLM..\Run: [PMHandler] C:\Programme\Lenovo\PM Driver\PMHandler.exe (Lenovo)

O4 - HKLM..\Run: [ZoneAlarm] C:\Programme\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)

O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe File not found

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)

O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\t-mobile - No CLSID value found

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\ATFUS: DllName - (C:\WINDOWS\system32\FpWinLogonNp.dll) - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012.03.24 10:48:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2012.08.21 18:20:53 | 000,000,100 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]

O33 - MountPoints2\{43275983-7728-11e1-9c32-001eec0b78cd}\Shell - "" = AutoRun

O33 - MountPoints2\{43275983-7728-11e1-9c32-001eec0b78cd}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{43275983-7728-11e1-9c32-001eec0b78cd}\Shell\AutoRun\command - "" = F:\OnSpcLCK.exe

O33 - MountPoints2\{9512a850-eb04-11e1-9c98-001eec0b78cd}\Shell - "" = AutoRun

O33 - MountPoints2\{9512a850-eb04-11e1-9c98-001eec0b78cd}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{9512a850-eb04-11e1-9c98-001eec0b78cd}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /HideWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

NetSvcs: 6to4 -  File not found

NetSvcs: Ias -  File not found

NetSvcs: Iprip -  File not found

NetSvcs: Irmon -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)

NetSvcs: WmdmPmSp -  File not found

 

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.09.12 10:51:31 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2012.09.12 10:50:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla

[2012.09.11 23:48:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2012.09.11 23:18:32 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll

[2012.09.11 16:50:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Desktop\arge

[2012.09.10 09:23:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Desktop\Firefox_Potable

[2012.09.09 23:24:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\SUPERAntiSpyware.com

[2012.09.09 23:23:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com

[2012.09.09 23:23:42 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware

[2012.09.09 22:34:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Malwarebytes

[2012.09.09 22:33:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2012.09.09 22:33:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2012.09.09 22:33:33 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.09.09 22:33:32 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2012.09.07 12:47:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Desktop\joomla-1.5.26

[2012.09.06 16:12:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SupportAppCB

[2012.09.05 16:06:24 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe

[2012.09.05 16:05:29 | 000,536,661 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbocx.ocx

[2012.09.05 16:05:15 | 000,000,000 | ---D | C] -- C:\Programme\OptionHSDPA

[2012.09.05 16:05:04 | 000,000,000 | ---D | C] -- C:\Programme\OptionPCCards

[2012.09.05 16:03:57 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\SWF Studio

[2012.09.04 13:54:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Mozilla

[2012.08.22 13:49:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Check Point

[2012.08.20 22:51:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\iMacros

[2012.08.20 22:22:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mobile Partner

[2012.08.20 22:22:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner

[2012.08.20 22:22:12 | 000,085,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcacm.sys

[2012.08.20 22:22:12 | 000,072,576 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jubusenum.sys

[2012.08.20 22:22:12 | 000,051,456 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcecm.sys

[2012.08.20 22:22:12 | 000,026,496 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_juextctrl.sys

[2012.08.20 22:22:11 | 000,860,928 | ---- | C] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys

[2012.08.20 22:22:11 | 000,117,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys

[2012.08.20 22:22:11 | 000,106,496 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys

[2012.08.20 22:22:11 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys

[2012.08.20 22:22:11 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys

[2012.08.20 22:22:10 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_hwusbdev.sys

[2012.08.20 22:21:39 | 000,000,000 | ---D | C] -- C:\Programme\Mobile Partner

[2012.08.20 22:21:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.09.12 15:30:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012.09.12 15:25:00 | 000,000,494 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 4884a6f4-c9f2-4499-8108-a3d71c7f3019.job

[2012.09.12 14:10:32 | 000,000,356 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2012.09.12 14:09:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.09.12 14:08:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2012.09.12 10:51:31 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2012.09.11 23:46:43 | 000,453,056 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2012.09.11 23:46:43 | 000,436,096 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012.09.11 23:46:43 | 000,082,012 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2012.09.11 23:46:43 | 000,068,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012.09.11 16:55:49 | 000,000,428 | ---- | M] () -- C:\WINDOWS\EasyCT.INI

[2012.09.11 10:25:30 | 000,004,608 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.09.10 10:47:29 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk

[2012.09.09 23:25:16 | 000,000,494 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 3c470f09-6a31-4896-8a7c-955648767612.job

[2012.09.09 23:23:56 | 000,001,642 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk

[2012.09.09 22:33:37 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.09.05 17:14:42 | 000,000,057 | ---- | M] () -- C:\WINDOWS\init.ini

[2012.09.05 16:06:09 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe

[2012.09.05 16:05:21 | 000,065,973 | ---- | M] () -- C:\WINDOWS\sem_GCXXUninstall.exe

[2012.09.05 16:05:18 | 000,089,716 | ---- | M] () -- C:\WINDOWS\OptionPluss_PCCardInstallerUninstall.exe

[2012.09.05 16:05:14 | 000,090,499 | ---- | M] () -- C:\WINDOWS\OptionPCCardInstallerUninstall.exe

[2012.08.25 10:32:45 | 000,217,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.08.24 12:33:33 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012.08.22 14:00:40 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2012.08.22 14:00:02 | 000,415,933 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml

[2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2012.08.21 11:13:14 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2012.08.21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2012.08.21 11:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2012.08.21 11:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2012.08.20 22:22:52 | 000,000,726 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mobile Partner.lnk

[2012.08.20 22:22:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

[2012.08.20 22:22:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

[2012.08.20 22:21:52 | 000,860,928 | ---- | M] (DiBcom SA) -- C:\WINDOWS\System32\drivers\mod7700.sys

[2012.08.20 22:21:52 | 000,051,456 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcecm.sys

[2012.08.20 22:21:52 | 000,026,496 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_juextctrl.sys

[2012.08.20 22:21:52 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys

[2012.08.20 22:21:51 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys

[2012.08.20 22:21:51 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys

[2012.08.20 22:21:51 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_hwusbdev.sys

[2012.08.20 22:21:51 | 000,085,248 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jucdcacm.sys

[2012.08.20 22:21:51 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\WINDOWS\System32\drivers\ew_jubusenum.sys

[2012.08.20 22:21:51 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.09.11 23:46:38 | 000,000,783 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Startmenü\Programme\Internet Explorer.lnk

[2012.09.11 10:25:29 | 000,004,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.09.09 23:25:18 | 000,000,494 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 4884a6f4-c9f2-4499-8108-a3d71c7f3019.job

[2012.09.09 23:25:15 | 000,000,494 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 3c470f09-6a31-4896-8a7c-955648767612.job

[2012.09.09 23:23:56 | 000,001,642 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk

[2012.09.09 22:44:16 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys

[2012.09.09 22:33:37 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.09.06 16:16:12 | 000,000,622 | ---- | C] () -- C:\NetworkCfg.xml

[2012.09.05 16:05:42 | 000,000,057 | ---- | C] () -- C:\WINDOWS\init.ini

[2012.09.05 16:05:21 | 000,065,973 | ---- | C] () -- C:\WINDOWS\sem_GCXXUninstall.exe

[2012.09.05 16:05:18 | 000,089,716 | ---- | C] () -- C:\WINDOWS\OptionPluss_PCCardInstallerUninstall.exe

[2012.09.05 16:05:14 | 000,090,499 | ---- | C] () -- C:\WINDOWS\OptionPCCardInstallerUninstall.exe

[2012.08.22 14:00:39 | 000,000,356 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job

[2012.08.20 22:22:52 | 000,000,726 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mobile Partner.lnk

[2012.08.20 22:22:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf

[2012.08.20 22:22:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

[2012.03.28 09:52:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012.03.26 12:17:13 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS50.DLL

[2012.03.25 10:56:12 | 000,000,428 | ---- | C] () -- C:\WINDOWS\EasyCT.INI

[2012.03.24 12:01:27 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe

[2012.03.24 11:58:38 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll

[2012.03.24 11:53:45 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll

[2012.03.24 11:53:44 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll

[2012.03.24 11:53:44 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE

[2012.03.24 11:40:31 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat

[2012.03.24 11:40:30 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2012.03.24 10:50:49 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2012.03.24 10:38:22 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2012.03.24 10:26:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2012.03.24 10:25:39 | 000,217,656 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

 
 ========== LOP Check ==========

 

[2012.05.28 11:35:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Canon

[2012.08.22 14:19:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\CheckPoint

[2012.03.25 10:27:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\HeidiSQL

[2012.04.07 11:19:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\MySEOSolution_DB_Dir

[2012.03.26 09:06:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Notepad++

[2012.03.26 10:20:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\OpenOffice.org

[2012.04.03 09:29:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Oracle

[2012.03.26 14:22:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\SharePod

[2012.03.26 09:14:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\StumbleUpon

[2012.03.26 12:54:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\TuneUp Software

[2012.09.08 11:21:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\VoipStunt

[2012.03.24 13:08:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software

[2012.03.26 12:17:23 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ

[2012.03.24 13:22:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint

[2012.08.11 07:52:18 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files

[2012.08.20 22:23:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService

[2012.03.25 10:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Easy CD-DA Extractor

[2012.05.03 14:01:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EasyCash&Tax

[2012.08.20 22:23:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner

[2012.03.25 10:53:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

[2012.03.25 11:51:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software

[2012.03.25 11:50:12 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}

[2012.09.12 14:10:32 | 000,000,356 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

[2012.09.09 23:25:16 | 000,000,494 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 3c470f09-6a31-4896-8a7c-955648767612.job

[2012.09.12 15:25:00 | 000,000,494 | ---- | M] () -- C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 4884a6f4-c9f2-4499-8108-a3d71c7f3019.job

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %SYSTEMDRIVE%\*. >

[2012.03.31 08:43:29 | 000,000,000 | ---D | M] -- C:\69372863ad9470103ee4

[2012.03.26 12:27:28 | 000,000,000 | -H-D | M] -- C:\CanoScan

[2012.09.12 00:16:40 | 000,000,000 | -HSD | M] -- C:\Config.Msi

[2012.09.06 10:50:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen

[2012.03.24 11:26:19 | 000,000,000 | ---D | M] -- C:\DRIVERS

[2012.03.24 11:43:01 | 000,000,000 | ---D | M] -- C:\Intel

[2012.03.24 12:50:58 | 000,000,000 | RH-D | M] -- C:\MSOCache

[2012.09.11 23:27:14 | 000,000,000 | R--D | M] -- C:\Programme

[2012.03.24 11:04:50 | 000,000,000 | -HSD | M] -- C:\RECYCLER

[2012.09.10 21:53:30 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2012.09.12 14:08:46 | 000,000,000 | ---D | M] -- C:\WINDOWS

 
 < %PROGRAMFILES%\*.exe >

Invalid Environment Variable: LOCALAPPDATA

 
 < %systemroot%\*. /mp /s >

 
 < C:\Windows\system32\*.tsp >

[2008.04.14 04:23:08 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\h323.tsp

[2008.04.14 04:23:08 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp

[2008.04.14 04:23:08 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipconf.tsp

[2008.04.14 04:23:08 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp

[2008.04.14 04:23:08 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp

[2008.04.14 04:23:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp

[2008.04.14 04:23:08 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp

[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

 
 < MD5 for: AGP440.SYS  >

[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2012.03.26 11:22:00 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2012.03.26 11:22:00 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

 
 < MD5 for: ATAPI.SYS  >

[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2012.03.26 11:22:00 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2012.03.26 11:22:00 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

 
 < MD5 for: EVENTLOG.DLL  >

[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll

 
 < MD5 for: EXPLORER.EXE  >

[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe

[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

[2008.04.29 17:42:08 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Programme\CheckPoint\ZAForceField\Heuristics\explorer.exe

 
 < MD5 for: NETLOGON.DLL  >

[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll

[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll

[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll

 
 < MD5 for: SCECLI.DLL  >

[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll

[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

[2008.07.01 15:17:12 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Programme\CheckPoint\ZAForceField\Heuristics\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys

[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

 
 < %systemroot%\System32\config\*.sav >

[2012.03.24 11:24:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2012.03.24 11:24:52 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2012.03.24 11:24:52 | 000,466,944 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

 
 < %systemroot%\system32\*.dll /lockedfiles >

[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 
 < %USERPROFILE%\*.* >

[2012.09.12 11:19:36 | 008,388,608 | -H-- | M] () -- C:\Dokumente und Einstellungen\Admin\NTUSER.DAT

[2012.09.12 15:39:24 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Admin\ntuser.dat.LOG

[2012.03.25 12:48:40 | 000,000,000 | -H-- | M] () -- C:\Dokumente und Einstellungen\Admin\NTUSER.DAT_tureg_new.LOG

[2012.04.03 17:43:09 | 006,815,744 | -H-- | M] () -- C:\Dokumente und Einstellungen\Admin\NTUSER.DAT_tureg_old

[2012.09.12 11:19:31 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Admin\ntuser.ini

[2012.03.25 12:15:07 | 000,002,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\voipstunt[0].log

 
 < %USERPROFILE%\Local Settings\Temp\*.exe >

 
 < %USERPROFILE%\Local Settings\Temp\*.dll >

 
 < %USERPROFILE%\Application Data\*.exe >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2012.07.03 20:25:08 | 001,866,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 

< End of report >

--- --- ---

extras.text
OTL Logfile:

Code:

OTL Extras logfile created on: 12.09.2012 15:31:26 - Run 1

OTL by OldTimer - Version 3.2.61.3     Folder = C:\Dokumente und Einstellungen\Admin\Desktop\arge

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,99 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 75,31% Memory free

3,84 Gb Paging File | 3,49 Gb Available in Paging File | 90,91% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 127,99 Gb Total Space | 113,83 Gb Free Space | 88,94% Space Free | Partition Type: NTFS

Drive D: | 104,89 Gb Total Space | 104,60 Gb Free Space | 99,72% Space Free | Partition Type: NTFS

 

Computer Name: BLA-3443EB72419 | User Name: Admin | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Dokumente und Einstellungen\Admin\Desktop\Firefox_Potable\FirefoxPortable\App\Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring" = 1

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"F:\backup-laptop-neu-wichtig\VoipStunt\voipstunt.exe" = F:\backup-laptop-neu-wichtig\VoipStunt\voipstunt.exe:*:Enabled:VoipStunt

"C:\Programme\VoipStunt\voipstunt.exe" = C:\Programme\VoipStunt\voipstunt.exe:*:Enabled:VoipStunt -- (VoipStunt)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime

"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3

"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{2222706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3 SDK

"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe

"{24C152B6-544C-4B64-A4CA-575843C0CFE6}" = Article Wizard

"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3

"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012

"{32A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java(TM) SE Development Kit 7 Update 3

"{334799B1-527F-475B-AF19-658124E2BE24}" = ZoneAlarm Security

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4D826618-59C6-11D4-976E-00C04F8EEB39}" = Macromedia FreeHand 10

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.32

"{62715632-A555-4D9E-9CEC-4F84EB55B07B}" = PM Driver

"{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM

"{77C1B8D7-1283-48A4-BD79-79FA37064A13}" = Lenovo Fingerprint Software

"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Lenovo Bluetooth with Enhanced Data Rate Software

"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr

"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU

"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM

"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML

"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver

"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A52A504E-18BE-4821-9A2A-BFB4542DA0BD}" = Lenovo PM Driver

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch

"{AD799836-6B74-419B-A869-C326CA86ECCF}" = ZoneAlarm Firewall

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{BCE46757-7674-4416-BEDB-68205A60409E}" = Canon CanoScan Toolbox 4.1

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller

"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Photoshop 7.0" = Adobe Photoshop 7.0

"Agere Systems Soft Modem" = Agere Systems HDA Modem

"avast" = avast! Free Antivirus

"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter

"Elster-Export Plugin für EasyCash&Tax_is1" = Elster-Export 1.10

"ENTERPRISE" = Microsoft Office Enterprise 2007

"HDMI" = Intel(R) Graphics Media Accelerator Driver

"ie8" = Windows Internet Explorer 8

"InstallShield_{62715632-A555-4D9E-9CEC-4F84EB55B07B}" = PM Driver

"LENOVO.SMIIF" = Lenovo System Interface Driver

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400

"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mobile Partner" = Mobile Partner

"nbi-nb-base-7.1.1.0.0" = NetBeans IDE 7.1.1

"Notepad++" = Notepad++

"OptionPCCardInstaller" = 'Option PC Cards driver package'

"OptionPluss_PCCardInstaller" = Option GT HSDPA driver suite

"ProInst" = Intel(R) PROSet/Wireless Software

"sem_GCXX" = Sony Ericsson GCXX (75/79/82/83/85/89)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TuneUp Utilities 2012" = TuneUp Utilities 2012

"VLC media player" = VLC media player 2.0.1

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"WinRAR archiver" = WinRAR 4.11 (32-Bit)

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 09.09.2012 17:46:29 | Computer Name = BLA-3443EB72419 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung SpywareTerminator.exe, Version 3.0.0.80,

 fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000141da.

 

Error - 09.09.2012 17:53:47 | Computer Name = BLA-3443EB72419 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung SpywareTerminator.exe, Version 3.0.0.80,

 fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000141da.

 

Error - 09.09.2012 17:54:37 | Computer Name = BLA-3443EB72419 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung SpywareTerminator.exe, Version 3.0.0.80,

 fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x000141da.

 

Error - 12.09.2012 03:02:42 | Computer Name = BLA-3443EB72419 | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung Shredder.exe, Version 12.0.3600.73, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 12.09.2012 03:02:58 | Computer Name = BLA-3443EB72419 | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung Shredder.exe, Version 12.0.3600.73, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 12.09.2012 05:03:04 | Computer Name = BLA-3443EB72419 | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung mbam.exe, Version 1.62.0.140, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 12.09.2012 09:30:09 | Computer Name = BLA-3443EB72419 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung notepad.exe, Version 5.1.2600.5512, fehlgeschlagenes

 Modul user32.dll, Version 5.1.2600.5512, Fehleradresse 0x00009de9.

 

Error - 12.09.2012 09:30:15 | Computer Name = BLA-3443EB72419 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung notepad.exe, Version 5.1.2600.5512, fehlgeschlagenes

 Modul user32.dll, Version 5.1.2600.5512, Fehleradresse 0x00009de9.

 

Error - 12.09.2012 09:30:35 | Computer Name = BLA-3443EB72419 | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung OTL.exe, Version 3.2.61.3, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 12.09.2012 09:30:40 | Computer Name = BLA-3443EB72419 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung notepad.exe, Version 5.1.2600.5512, fehlgeschlagenes

 Modul user32.dll, Version 5.1.2600.5512, Fehleradresse 0x00009de9.

 

[ System Events ]

Error - 11.09.2012 09:55:41 | Computer Name = BLA-3443EB72419 | Source = Service Control Manager | ID = 7009

Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Mobile

 Partner. OUC.

 

Error - 11.09.2012 09:55:41 | Computer Name = BLA-3443EB72419 | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers 

nicht gestartet:   %%1053

 

Error - 11.09.2012 09:58:15 | Computer Name = BLA-3443EB72419 | Source = sr | ID = 1

Description = Beim Verarbeiten der Datei "change.log" auf Volume "HarddiskVolume3"

 ist im Wiederherstellungsfilter der unerwartete Fehler "0xC0000010" aufgetreten.

 Die Volumeüberwachung wurde angehalten.

 

Error - 11.09.2012 13:21:16 | Computer Name = BLA-3443EB72419 | Source = Service Control Manager | ID = 7009

Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Mobile

 Partner. OUC.

 

Error - 11.09.2012 13:21:16 | Computer Name = BLA-3443EB72419 | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers 

nicht gestartet:   %%1053

 

Error - 11.09.2012 17:13:37 | Computer Name = BLA-3443EB72419 | Source = Service Control Manager | ID = 7009

Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Mobile

 Partner. OUC.

 

Error - 11.09.2012 17:13:37 | Computer Name = BLA-3443EB72419 | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers 

nicht gestartet:   %%1053

 

Error - 12.09.2012 01:52:31 | Computer Name = BLA-3443EB72419 | Source = Service Control Manager | ID = 7009

Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Mobile

 Partner. OUC.

 

Error - 12.09.2012 01:52:31 | Computer Name = BLA-3443EB72419 | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers 

nicht gestartet:   %%1053

 

Error - 12.09.2012 02:29:40 | Computer Name = BLA-3443EB72419 | Source = Service Control Manager | ID = 7034

Description = Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits 1 Mal

 passiert.

 

 

< End of report >

--- --- ---

[/code]

lg

ich sehe gerade, anstatt skip habe ich die in die Quarantäne gepackt, ist das schlimm ?

Edit: ich habe die ,,Warning" Dateien einzeln mit Avast und Malwarebytes geprüft - keine Infektion

Frage: Kann es sein, dass die seite ratenkauf-24.de immernoch infiziert ist. Obwohl ich bei urlvoid ein refresh gemacht habe, kommt die gleiche bedrohung

Code:

16:57:18.0171 2396  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

16:57:18.0687 2396  ============================================================

16:57:18.0687 2396  Current date / time: 2012/09/13 16:57:18.0687

16:57:18.0687 2396  SystemInfo:

16:57:18.0687 2396  

16:57:18.0687 2396  OS Version: 5.1.2600 ServicePack: 3.0

16:57:18.0687 2396  Product type: Workstation

16:57:18.0687 2396  ComputerName: BLA-3443EB72419

16:57:18.0687 2396  UserName: Admin

16:57:18.0687 2396  Windows directory: C:\WINDOWS

16:57:18.0687 2396  System windows directory: C:\WINDOWS

16:57:18.0687 2396  Processor architecture: Intel x86

16:57:18.0687 2396  Number of processors: 2

16:57:18.0687 2396  Page size: 0x1000

16:57:18.0687 2396  Boot type: Normal boot

16:57:18.0687 2396  ============================================================

16:57:19.0843 2396  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

16:57:19.0843 2396  ============================================================

16:57:19.0843 2396  \Device\Harddisk0\DR0:

16:57:19.0843 2396  MBR partitions:

16:57:19.0843 2396  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFFAC05

16:57:19.0859 2396  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFFFAC83, BlocksNum 0xD1C5A3D

16:57:19.0859 2396  ============================================================

16:57:19.0890 2396  C: <-> \Device\Harddisk0\DR0\Partition1

16:57:19.0906 2396  D: <-> \Device\Harddisk0\DR0\Partition2

16:57:19.0906 2396  ============================================================

16:57:19.0906 2396  Initialize success

16:57:19.0906 2396  ============================================================

16:57:46.0031 2464  ============================================================

16:57:46.0031 2464  Scan started

16:57:46.0031 2464  Mode: Manual; SigCheck; TDLFS; 

16:57:46.0031 2464  ============================================================

16:57:46.0500 2464  ================ Scan system memory ========================

16:57:46.0500 2464  System memory - ok

16:57:46.0500 2464  ================ Scan services =============================

16:57:46.0609 2464  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Programme\SUPERAntiSpyware\SASCORE.EXE

16:57:46.0640 2464  !SASCORE - ok

16:57:46.0750 2464  [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4        C:\WINDOWS\system32\drivers\Aavmker4.sys

16:57:46.0796 2464  Aavmker4 - ok

16:57:46.0796 2464  Abiosdsk - ok

16:57:46.0812 2464  abp480n5 - ok

16:57:46.0828 2464  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

16:57:46.0937 2464  ACPI - ok

16:57:46.0953 2464  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

16:57:47.0046 2464  ACPIEC - ok

16:57:47.0109 2464  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

16:57:47.0125 2464  AdobeFlashPlayerUpdateSvc - ok

16:57:47.0125 2464  adpu160m - ok

16:57:47.0140 2464  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys

16:57:47.0218 2464  aec - ok

16:57:47.0250 2464  [ 375EB0B97E3950ADEF3633C27A82438B ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys

16:57:47.0265 2464  AegisP ( UnsignedFile.Multi.Generic ) - warning

16:57:47.0265 2464  AegisP - detected UnsignedFile.Multi.Generic (1)

16:57:47.0312 2464  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

16:57:47.0328 2464  AFD - ok

16:57:47.0390 2464  [ 4E6294A06BE883C9BD685A8DFD9FCD4E ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys

16:57:47.0500 2464  AgereSoftModem - ok

16:57:47.0500 2464  Aha154x - ok

16:57:47.0500 2464  aic78u2 - ok

16:57:47.0500 2464  aic78xx - ok

16:57:47.0546 2464  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

16:57:47.0640 2464  Alerter - ok

16:57:47.0656 2464  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe

16:57:47.0750 2464  ALG - ok

16:57:47.0750 2464  AliIde - ok

16:57:47.0750 2464  amsint - ok

16:57:47.0781 2464  [ D45960BE52C3C610D361977057F98C54 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

16:57:47.0875 2464  AppMgmt - ok

16:57:47.0890 2464  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys

16:57:47.0968 2464  Arp1394 - ok

16:57:47.0984 2464  asc - ok

16:57:47.0984 2464  asc3350p - ok

16:57:47.0984 2464  asc3550 - ok

16:57:48.0046 2464  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

16:57:48.0062 2464  aspnet_state - ok

16:57:48.0093 2464  [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys

16:57:48.0093 2464  aswFsBlk - ok

16:57:48.0125 2464  [ 81E695913FEFD4E23360A69C0F151797 ] aswKbd          C:\WINDOWS\system32\drivers\aswKbd.sys

16:57:48.0140 2464  aswKbd - ok

16:57:48.0140 2464  [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2         C:\WINDOWS\system32\drivers\aswMon2.sys

16:57:48.0156 2464  aswMon2 - ok

16:57:48.0171 2464  [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr          C:\WINDOWS\system32\drivers\AswRdr.sys

16:57:48.0187 2464  AswRdr - ok

16:57:48.0203 2464  [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys

16:57:48.0250 2464  aswSnx - ok

16:57:48.0281 2464  [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys

16:57:48.0312 2464  aswSP - ok

16:57:48.0312 2464  [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys

16:57:48.0328 2464  aswTdi - ok

16:57:48.0359 2464  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

16:57:48.0453 2464  AsyncMac - ok

16:57:48.0453 2464  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

16:57:48.0546 2464  atapi - ok

16:57:48.0546 2464  Atdisk - ok

16:57:48.0578 2464  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

16:57:48.0671 2464  Atmarpc - ok

16:57:48.0687 2464  [ 73742099982CF514512E1941F2862C33 ] ATSWPDRV        C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys

16:57:48.0703 2464  ATSWPDRV - ok

16:57:48.0734 2464  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

16:57:48.0828 2464  AudioSrv - ok

16:57:48.0859 2464  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

16:57:48.0937 2464  audstub - ok

16:57:48.0984 2464  [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Programme\AVAST Software\Avast\AvastSvc.exe

16:57:49.0000 2464  avast! Antivirus - ok

16:57:49.0000 2464  avast! Firewall - ok

16:57:49.0046 2464  [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys

16:57:49.0078 2464  b57w2k - ok

16:57:49.0109 2464  [ 3D87B0484BE1093C6614062701F375C5 ] BASFND          C:\Programme\Broadcom\BACS\BASFND.sys

16:57:49.0109 2464  BASFND ( UnsignedFile.Multi.Generic ) - warning

16:57:49.0109 2464  BASFND - detected UnsignedFile.Multi.Generic (1)

16:57:49.0140 2464  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

16:57:49.0234 2464  Beep - ok

16:57:49.0265 2464  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll

16:57:49.0375 2464  BITS - ok

16:57:49.0390 2464  [ A357E499771E5DB0D29051FABF2BB866 ] BPowMon         C:\Programme\Broadcom\BACS\BPowMon.exe

16:57:49.0421 2464  BPowMon ( UnsignedFile.Multi.Generic ) - warning

16:57:49.0421 2464  BPowMon - detected UnsignedFile.Multi.Generic (1)

16:57:49.0468 2464  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll

16:57:49.0500 2464  Browser - ok

16:57:49.0546 2464  [ D84166D41A05F66D9084039427E5025B ] BTKRNL          C:\WINDOWS\system32\DRIVERS\btkrnl.sys

16:57:49.0625 2464  BTKRNL - ok

16:57:49.0703 2464  [ B1E5C0065102FCB92E1F0231AF0AE7C3 ] btwdins         C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe

16:57:49.0734 2464  btwdins ( UnsignedFile.Multi.Generic ) - warning

16:57:49.0734 2464  btwdins - detected UnsignedFile.Multi.Generic (1)

16:57:49.0734 2464  [ A01FD9851406DE0870C23759E2F7B6EA ] BTWUSB          C:\WINDOWS\system32\Drivers\btwusb.sys

16:57:49.0765 2464  BTWUSB - ok

16:57:49.0828 2464  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

16:57:49.0921 2464  cbidf2k - ok

16:57:49.0937 2464  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

16:57:50.0046 2464  CCDECODE - ok

16:57:50.0046 2464  cd20xrnt - ok

16:57:50.0062 2464  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

16:57:50.0140 2464  Cdaudio - ok

16:57:50.0156 2464  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

16:57:50.0250 2464  Cdfs - ok

16:57:50.0265 2464  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

16:57:50.0359 2464  Cdrom - ok

16:57:50.0359 2464  Changer - ok

16:57:50.0390 2464  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe

16:57:50.0484 2464  CiSvc - ok

16:57:50.0500 2464  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

16:57:50.0578 2464  ClipSrv - ok

16:57:50.0609 2464  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:57:50.0625 2464  clr_optimization_v2.0.50727_32 - ok

16:57:50.0640 2464  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys

16:57:50.0734 2464  CmBatt - ok

16:57:50.0734 2464  CmdIde - ok

16:57:50.0750 2464  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys

16:57:50.0828 2464  Compbatt - ok

16:57:50.0828 2464  COMSysApp - ok

16:57:50.0843 2464  Cpqarray - ok

16:57:50.0875 2464  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

16:57:50.0968 2464  CryptSvc - ok

16:57:50.0968 2464  dac2w2k - ok

16:57:50.0984 2464  dac960nt - ok

16:57:51.0015 2464  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

16:57:51.0109 2464  DcomLaunch - ok

16:57:51.0125 2464  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

16:57:51.0218 2464  Dhcp - ok

16:57:51.0250 2464  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

16:57:51.0328 2464  Disk - ok

16:57:51.0328 2464  dmadmin - ok

16:57:51.0375 2464  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

16:57:51.0515 2464  dmboot - ok

16:57:51.0515 2464  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

16:57:51.0625 2464  dmio - ok

16:57:51.0625 2464  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

16:57:51.0718 2464  dmload - ok

16:57:51.0765 2464  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll

16:57:51.0843 2464  dmserver - ok

16:57:51.0859 2464  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

16:57:51.0953 2464  DMusic - ok

16:57:51.0984 2464  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

16:57:52.0046 2464  Dnscache - ok

16:57:52.0062 2464  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

16:57:52.0171 2464  Dot3svc - ok

16:57:52.0171 2464  dpti2o - ok

16:57:52.0171 2464  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

16:57:52.0265 2464  drmkaud - ok

16:57:52.0265 2464  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll

16:57:52.0375 2464  EapHost - ok

16:57:52.0406 2464  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll

16:57:52.0484 2464  ERSvc - ok

16:57:52.0531 2464  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe

16:57:52.0578 2464  Eventlog - ok

16:57:52.0593 2464  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll

16:57:52.0609 2464  EventSystem - ok

16:57:52.0656 2464  [ 4432179A475DEEB0EB0F1BEE11831A89 ] EvtEng          C:\Programme\Intel\Wireless\Bin\EvtEng.exe

16:57:52.0687 2464  EvtEng ( UnsignedFile.Multi.Generic ) - warning

16:57:52.0687 2464  EvtEng - detected UnsignedFile.Multi.Generic (1)

16:57:52.0750 2464  [ A52794C010C6DF5B4BC70C4AB5E04088 ] ewusbnet        C:\WINDOWS\system32\DRIVERS\ewusbnet.sys

16:57:52.0921 2464  ewusbnet - ok

16:57:52.0953 2464  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev     C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys

16:57:53.0000 2464  ew_hwusbdev - ok

16:57:53.0031 2464  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

16:57:53.0125 2464  Fastfat - ok

16:57:53.0171 2464  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

16:57:53.0203 2464  FastUserSwitchingCompatibility - ok

16:57:53.0218 2464  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys

16:57:53.0296 2464  Fdc - ok

16:57:53.0328 2464  [ 1DDBFC6C4D837A7D82FD0DF56A54D9F6 ] FingerprintServer C:\WINDOWS\system32\FpLogonServ.exe

16:57:53.0343 2464  FingerprintServer ( UnsignedFile.Multi.Generic ) - warning

16:57:53.0343 2464  FingerprintServer - detected UnsignedFile.Multi.Generic (1)

16:57:53.0375 2464  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

16:57:53.0468 2464  Fips - ok

16:57:53.0468 2464  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

16:57:53.0546 2464  Flpydisk - ok

16:57:53.0593 2464  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

16:57:53.0687 2464  FltMgr - ok

16:57:53.0734 2464  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

16:57:53.0750 2464  FontCache3.0.0.0 - ok

16:57:53.0750 2464  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

16:57:53.0843 2464  Fs_Rec - ok

16:57:53.0859 2464  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

16:57:53.0953 2464  Ftdisk - ok

16:57:53.0968 2464  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

16:57:54.0046 2464  Gpc - ok

16:57:54.0062 2464  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

16:57:54.0156 2464  HDAudBus - ok

16:57:54.0187 2464  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

16:57:54.0281 2464  helpsvc - ok

16:57:54.0312 2464  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ         C:\WINDOWS\System32\hidserv.dll

16:57:54.0390 2464  HidServ - ok

16:57:54.0421 2464  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

16:57:54.0515 2464  hidusb - ok

16:57:54.0546 2464  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

16:57:54.0625 2464  hkmsvc - ok

16:57:54.0625 2464  hpn - ok

16:57:54.0671 2464  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

16:57:54.0703 2464  HTTP - ok

16:57:54.0734 2464  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

16:57:54.0828 2464  HTTPFilter - ok

16:57:54.0875 2464  [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys

16:57:54.0921 2464  huawei_enumerator - ok

16:57:54.0953 2464  [ 1F40368DC40B17DE3FA0FBE8A9D82F9E ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys

16:57:55.0000 2464  hwdatacard - ok

16:57:55.0046 2464  HWDeviceService.exe - ok

16:57:55.0062 2464  i2omgmt - ok

16:57:55.0062 2464  i2omp - ok

16:57:55.0093 2464  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

16:57:55.0171 2464  i8042prt - ok

16:57:55.0343 2464  [ 28423512370705AEDA6A652FEDB25468 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

16:57:55.0640 2464  ialm - ok

16:57:55.0703 2464  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

16:57:55.0765 2464  idsvc - ok

16:57:55.0781 2464  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

16:57:55.0859 2464  Imapi - ok

16:57:55.0890 2464  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe

16:57:55.0968 2464  ImapiService - ok

16:57:55.0984 2464  ini910u - ok

16:57:56.0125 2464  [ B29781B9A90CD55FC5D859C0B1C243BC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

16:57:56.0406 2464  IntcAzAudAddService - ok

16:57:56.0406 2464  IntelIde - ok

16:57:56.0453 2464  [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

16:57:56.0531 2464  intelppm - ok

16:57:56.0546 2464  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

16:57:56.0640 2464  Ip6Fw - ok

16:57:56.0656 2464  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

16:57:56.0750 2464  IpFilterDriver - ok

16:57:56.0765 2464  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

16:57:56.0843 2464  IpInIp - ok

16:57:56.0859 2464  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

16:57:56.0937 2464  IpNat - ok

16:57:56.0968 2464  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

16:57:57.0062 2464  IPSec - ok

16:57:57.0078 2464  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

16:57:57.0171 2464  IRENUM - ok

16:57:57.0187 2464  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

16:57:57.0265 2464  isapnp - ok

16:57:57.0343 2464  [ A195C4FC49492928E8296B8C4AB00517 ] ISWKL           C:\Programme\CheckPoint\ZAForceField\ISWKL.sys

16:57:57.0359 2464  ISWKL - ok

16:57:57.0390 2464  [ E78EACA70B4E0C260E4B32972B7086AC ] IswSvc          C:\Programme\CheckPoint\ZAForceField\IswSvc.exe

16:57:57.0421 2464  IswSvc - ok

16:57:57.0437 2464  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

16:57:57.0515 2464  Kbdclass - ok

16:57:57.0531 2464  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

16:57:57.0625 2464  kbdhid - ok

16:57:57.0640 2464  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

16:57:57.0718 2464  kmixer - ok

16:57:57.0734 2464  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

16:57:57.0781 2464  KSecDD - ok

16:57:57.0812 2464  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

16:57:57.0843 2464  lanmanserver - ok

16:57:57.0875 2464  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

16:57:57.0906 2464  lanmanworkstation - ok

16:57:57.0906 2464  lbrtfdc - ok

16:57:57.0937 2464  [ 3C3F7F424E324C6971632C5DE5FF458F ] lenovo.smi      C:\WINDOWS\system32\DRIVERS\smiif32.sys

16:57:57.0953 2464  lenovo.smi - ok

16:57:57.0984 2464  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

16:57:58.0078 2464  LmHosts - ok

16:57:58.0078 2464  massfilter - ok

16:57:58.0125 2464  [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys

16:57:58.0140 2464  MBAMProtector - ok

16:57:58.0187 2464  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe

16:57:58.0203 2464  MBAMScheduler - ok

16:57:58.0250 2464  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe

16:57:58.0296 2464  MBAMService - ok

16:57:58.0312 2464  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

16:57:58.0390 2464  Messenger - ok

16:57:58.0421 2464  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

16:57:58.0500 2464  mnmdd - ok

16:57:58.0546 2464  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

16:57:58.0640 2464  mnmsrvc - ok

16:57:58.0687 2464  [ 38106C7BD34EAE89D2769AC0BA2E846B ] Mobile Partner. RunOuc C:\Programme\Mobile Partner\UpdateDog\ouc.exe

16:57:58.0687 2464  Mobile Partner. RunOuc ( UnsignedFile.Multi.Generic ) - warning

16:57:58.0687 2464  Mobile Partner. RunOuc - detected UnsignedFile.Multi.Generic (1)

16:57:58.0718 2464  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

16:57:58.0812 2464  Modem - ok

16:57:58.0828 2464  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

16:57:58.0906 2464  Mouclass - ok

16:57:58.0921 2464  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

16:57:59.0015 2464  mouhid - ok

16:57:59.0015 2464  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

16:57:59.0109 2464  MountMgr - ok

16:57:59.0109 2464  mraid35x - ok

16:57:59.0140 2464  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

16:57:59.0234 2464  MRxDAV - ok

16:57:59.0265 2464  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

16:57:59.0328 2464  MRxSmb - ok

16:57:59.0375 2464  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

16:57:59.0468 2464  MSDTC - ok

16:57:59.0484 2464  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

16:57:59.0578 2464  Msfs - ok

16:57:59.0578 2464  MSIServer - ok

16:57:59.0593 2464  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

16:57:59.0687 2464  MSKSSRV - ok

16:57:59.0687 2464  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

16:57:59.0781 2464  MSPCLOCK - ok

16:57:59.0781 2464  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

16:57:59.0875 2464  MSPQM - ok

16:57:59.0906 2464  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

16:57:59.0984 2464  mssmbios - ok

16:57:59.0984 2464  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

16:58:00.0078 2464  MSTEE - ok

16:58:00.0093 2464  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

16:58:00.0125 2464  Mup - ok

16:58:00.0140 2464  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

16:58:00.0234 2464  NABTSFEC - ok

16:58:00.0250 2464  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll

16:58:00.0343 2464  napagent - ok

16:58:00.0359 2464  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

16:58:00.0453 2464  NDIS - ok

16:58:00.0453 2464  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys

16:58:00.0531 2464  NdisIP - ok

16:58:00.0562 2464  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

16:58:00.0593 2464  NdisTapi - ok

16:58:00.0640 2464  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

16:58:00.0718 2464  Ndisuio - ok

16:58:00.0718 2464  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

16:58:00.0812 2464  NdisWan - ok

16:58:00.0843 2464  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

16:58:00.0859 2464  NDProxy - ok

16:58:00.0890 2464  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

16:58:00.0968 2464  NetBIOS - ok

16:58:01.0000 2464  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

16:58:01.0078 2464  NetBT - ok

16:58:01.0109 2464  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe

16:58:01.0203 2464  NetDDE - ok

16:58:01.0203 2464  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

16:58:01.0296 2464  NetDDEdsdm - ok

16:58:01.0328 2464  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe

16:58:01.0421 2464  Netlogon - ok

16:58:01.0421 2464  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll

16:58:01.0515 2464  Netman - ok

16:58:01.0562 2464  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:58:01.0578 2464  NetTcpPortSharing - ok

16:58:01.0640 2464  [ F43DA6B7E26FFF9AC4D3210F2F9B5D8C ] NETw3x32        C:\WINDOWS\system32\DRIVERS\NETw3x32.sys

16:58:01.0781 2464  NETw3x32 - ok

16:58:01.0812 2464  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys

16:58:01.0906 2464  NIC1394 - ok

16:58:01.0921 2464  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll

16:58:01.0968 2464  Nla - ok

16:58:01.0968 2464  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

16:58:02.0046 2464  Npfs - ok

16:58:02.0078 2464  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

16:58:02.0203 2464  Ntfs - ok

16:58:02.0218 2464  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

16:58:02.0296 2464  NtLmSsp - ok

16:58:02.0343 2464  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

16:58:02.0468 2464  NtmsSvc - ok

16:58:02.0500 2464  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys

16:58:02.0578 2464  Null - ok

16:58:02.0578 2464  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

16:58:02.0671 2464  NwlnkFlt - ok

16:58:02.0687 2464  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

16:58:02.0765 2464  NwlnkFwd - ok

16:58:02.0843 2464  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE

16:58:02.0859 2464  odserv - ok

16:58:02.0906 2464  [ 7AF6EC0EA4261ECF7DA084103BE31EA8 ] odysseyIM4      C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys

16:58:02.0937 2464  odysseyIM4 - ok

16:58:02.0968 2464  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys

16:58:03.0062 2464  ohci1394 - ok

16:58:03.0093 2464  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE

16:58:03.0109 2464  ose - ok

16:58:03.0140 2464  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys

16:58:03.0218 2464  Parport - ok

16:58:03.0218 2464  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

16:58:03.0296 2464  PartMgr - ok

16:58:03.0328 2464  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

16:58:03.0437 2464  ParVdm - ok

16:58:03.0437 2464  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

16:58:03.0515 2464  PCI - ok

16:58:03.0531 2464  PCIDump - ok

16:58:03.0546 2464  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

16:58:03.0640 2464  PCIIde - ok

16:58:03.0656 2464  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

16:58:03.0734 2464  Pcmcia - ok

16:58:03.0734 2464  PDCOMP - ok

16:58:03.0734 2464  PDFRAME - ok

16:58:03.0734 2464  PDRELI - ok

16:58:03.0750 2464  PDRFRAME - ok

16:58:03.0750 2464  perc2 - ok

16:58:03.0750 2464  perc2hib - ok

16:58:03.0796 2464  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe

16:58:03.0828 2464  PlugPlay - ok

16:58:03.0859 2464  [ C6114CCD63DB3925A0450B1089ECE503 ] PMHler          C:\WINDOWS\system32\drivers\PMHler.sys

16:58:03.0875 2464  PMHler - ok

16:58:03.0906 2464  [ 29A26236447E5B5E3FCE5E33168C43E0 ] PMSveH          C:\Programme\Lenovo\PM Driver\PMSveH.exe

16:58:03.0921 2464  PMSveH ( UnsignedFile.Multi.Generic ) - warning

16:58:03.0921 2464  PMSveH - detected UnsignedFile.Multi.Generic (1)

16:58:03.0937 2464  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

16:58:04.0015 2464  PolicyAgent - ok

16:58:04.0046 2464  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

16:58:04.0140 2464  PptpMiniport - ok

16:58:04.0140 2464  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

16:58:04.0218 2464  ProtectedStorage - ok

16:58:04.0234 2464  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

16:58:04.0312 2464  PSched - ok

16:58:04.0328 2464  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

16:58:04.0421 2464  Ptilink - ok

16:58:04.0421 2464  ql1080 - ok

16:58:04.0437 2464  Ql10wnt - ok

16:58:04.0437 2464  ql12160 - ok

16:58:04.0437 2464  ql1240 - ok

16:58:04.0437 2464  ql1280 - ok

16:58:04.0453 2464  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

16:58:04.0546 2464  RasAcd - ok

16:58:04.0578 2464  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

16:58:04.0671 2464  RasAuto - ok

16:58:04.0703 2464  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

16:58:04.0781 2464  Rasl2tp - ok

16:58:04.0828 2464  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll

16:58:04.0906 2464  RasMan - ok

16:58:04.0921 2464  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

16:58:05.0000 2464  RasPppoe - ok

16:58:05.0015 2464  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

16:58:05.0093 2464  Raspti - ok

16:58:05.0109 2464  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

16:58:05.0203 2464  Rdbss - ok

16:58:05.0203 2464  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

16:58:05.0296 2464  RDPCDD - ok

16:58:05.0328 2464  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

16:58:05.0421 2464  rdpdr - ok

16:58:05.0453 2464  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

16:58:05.0500 2464  RDPWD - ok

16:58:05.0531 2464  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

16:58:05.0640 2464  RDSessMgr - ok

16:58:05.0656 2464  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

16:58:05.0734 2464  redbook - ok

16:58:05.0765 2464  [ 38E771154092ED59BF1149E24E2A7DC3 ] RegSrvc         C:\Programme\Intel\Wireless\Bin\RegSrvc.exe

16:58:05.0796 2464  RegSrvc ( UnsignedFile.Multi.Generic ) - warning

16:58:05.0796 2464  RegSrvc - detected UnsignedFile.Multi.Generic (1)

16:58:05.0828 2464  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

16:58:05.0921 2464  RemoteAccess - ok

16:58:05.0953 2464  [ E4CD1F3D84E1C2CA0B8CF7501E201593 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

16:58:06.0046 2464  RemoteRegistry - ok

16:58:06.0078 2464  [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk        C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

16:58:06.0093 2464  rimmptsk - ok

16:58:06.0109 2464  [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk        C:\WINDOWS\system32\DRIVERS\rimsptsk.sys

16:58:06.0125 2464  rimsptsk - ok

16:58:06.0125 2464  [ C663AF77E2F4EABF8EB08B388D2F1F36 ] rismxdp         C:\WINDOWS\system32\DRIVERS\rixdptsk.sys

16:58:06.0140 2464  rismxdp - ok

16:58:06.0171 2464  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe

16:58:06.0265 2464  RpcLocator - ok

16:58:06.0312 2464  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll

16:58:06.0343 2464  RpcSs - ok

16:58:06.0375 2464  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe

16:58:06.0468 2464  RSVP - ok

16:58:06.0515 2464  [ A6B39F6B755F118927CE7D17FB8FC1E2 ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe

16:58:06.0593 2464  S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning

16:58:06.0593 2464  S24EventMonitor - detected UnsignedFile.Multi.Generic (1)

16:58:06.0609 2464  [ DECEE0D67D032B57C1F5EF649A67A967 ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys

16:58:06.0609 2464  s24trans ( UnsignedFile.Multi.Generic ) - warning

16:58:06.0609 2464  s24trans - detected UnsignedFile.Multi.Generic (1)

16:58:06.0625 2464  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe

16:58:06.0703 2464  SamSs - ok

16:58:06.0750 2464  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS

16:58:06.0765 2464  SASDIFSV - ok

16:58:06.0781 2464  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS

16:58:06.0796 2464  SASKUTIL - ok

16:58:06.0828 2464  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

16:58:06.0906 2464  SCardSvr - ok

16:58:06.0953 2464  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll

16:58:07.0046 2464  Schedule - ok

16:58:07.0078 2464  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys

16:58:07.0156 2464  sdbus - ok

16:58:07.0171 2464  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

16:58:07.0250 2464  Secdrv - ok

16:58:07.0250 2464  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll

16:58:07.0343 2464  seclogon - ok

16:58:07.0343 2464  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll

16:58:07.0437 2464  SENS - ok

16:58:07.0453 2464  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\drivers\Serial.sys

16:58:07.0546 2464  Serial - ok

16:58:07.0562 2464  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

16:58:07.0656 2464  Sfloppy - ok

16:58:07.0703 2464  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

16:58:07.0796 2464  SharedAccess - ok

16:58:07.0812 2464  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

16:58:07.0843 2464  ShellHWDetection - ok

16:58:07.0843 2464  Simbad - ok

16:58:08.0000 2464  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe

16:58:08.0203 2464  Skype C2C Service - ok

16:58:08.0250 2464  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe

16:58:08.0250 2464  SkypeUpdate - ok

16:58:08.0281 2464  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys

16:58:08.0359 2464  SLIP - ok

16:58:08.0375 2464  Sparrow - ok

16:58:08.0406 2464  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

16:58:08.0484 2464  splitter - ok

16:58:08.0515 2464  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

16:58:08.0578 2464  Spooler - ok

16:58:08.0593 2464  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

16:58:08.0687 2464  sr - ok

16:58:08.0718 2464  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll

16:58:08.0812 2464  srservice - ok

16:58:08.0859 2464  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

16:58:08.0906 2464  Srv - ok

16:58:08.0937 2464  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

16:58:09.0031 2464  SSDPSRV - ok

16:58:09.0046 2464  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

16:58:09.0171 2464  stisvc - ok

16:58:09.0203 2464  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys

16:58:09.0296 2464  streamip - ok

16:58:09.0312 2464  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

16:58:09.0390 2464  swenum - ok

16:58:09.0406 2464  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

16:58:09.0484 2464  swmidi - ok

16:58:09.0484 2464  SwPrv - ok

16:58:09.0484 2464  symc810 - ok

16:58:09.0484 2464  symc8xx - ok

16:58:09.0500 2464  sym_hi - ok

16:58:09.0500 2464  sym_u3 - ok

16:58:09.0546 2464  [ AE4052FC36BD4C390CEE45A38EC1199A ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys

16:58:09.0578 2464  SynTP - ok

16:58:09.0578 2464  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

16:58:09.0671 2464  sysaudio - ok

16:58:09.0687 2464  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

16:58:09.0781 2464  SysmonLog - ok

16:58:09.0828 2464  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

16:58:09.0921 2464  TapiSrv - ok

16:58:09.0968 2464  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

16:58:10.0015 2464  Tcpip - ok

16:58:10.0046 2464  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

16:58:10.0125 2464  TDPIPE - ok

16:58:10.0125 2464  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

16:58:10.0234 2464  TDTCP - ok

16:58:10.0234 2464  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

16:58:10.0343 2464  TermDD - ok

16:58:10.0343 2464  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll

16:58:10.0453 2464  TermService - ok

16:58:10.0468 2464  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll

16:58:10.0484 2464  Themes - ok

16:58:10.0515 2464  [ 03681A1CE77F51586903869A5AB1DEAB ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe

16:58:10.0609 2464  TlntSvr - ok

16:58:10.0625 2464  TosIde - ok

16:58:10.0640 2464  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll

16:58:10.0734 2464  TrkWks - ok

16:58:10.0859 2464  [ AF5F31156EE89D35AD6EC3179A805D23 ] TuneUp.UtilitiesSvc C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

16:58:10.0906 2464  TuneUp.UtilitiesSvc - ok

16:58:10.0953 2464  [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys

16:58:10.0968 2464  TuneUpUtilitiesDrv - ok

16:58:11.0000 2464  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

16:58:11.0093 2464  Udfs - ok

16:58:11.0093 2464  ultra - ok

16:58:11.0140 2464  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

16:58:11.0234 2464  Update - ok

16:58:11.0265 2464  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll

16:58:11.0359 2464  upnphost - ok

16:58:11.0390 2464  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe

16:58:11.0484 2464  UPS - ok

16:58:11.0515 2464  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

16:58:11.0609 2464  usbccgp - ok

16:58:11.0609 2464  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

16:58:11.0703 2464  usbehci - ok

16:58:11.0703 2464  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

16:58:11.0781 2464  usbhub - ok

16:58:11.0812 2464  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

16:58:11.0890 2464  usbprint - ok

16:58:11.0937 2464  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

16:58:12.0015 2464  usbscan - ok

16:58:12.0046 2464  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

16:58:12.0140 2464  USBSTOR - ok

16:58:12.0171 2464  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

16:58:12.0250 2464  usbuhci - ok

16:58:12.0265 2464  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys

16:58:12.0359 2464  usbvideo - ok

16:58:12.0375 2464  [ 6275822AC454A8A831D063841A4DBB5D ] UxTuneUp        C:\WINDOWS\System32\uxtuneup.dll

16:58:12.0390 2464  UxTuneUp - ok

16:58:12.0421 2464  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

16:58:12.0500 2464  VgaSave - ok

16:58:12.0515 2464  ViaIde - ok

16:58:12.0515 2464  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

16:58:12.0593 2464  VolSnap - ok

16:58:12.0640 2464  [ 9D889B338356B1BD1242B8841E0744A4 ] Vsdatant        C:\WINDOWS\system32\vsdatant.sys

16:58:12.0687 2464  Vsdatant - ok

16:58:12.0718 2464  vsmon - ok

16:58:12.0750 2464  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe

16:58:12.0859 2464  VSS - ok

16:58:12.0875 2464  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll

16:58:12.0968 2464  W32Time - ok

16:58:13.0000 2464  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

16:58:13.0093 2464  Wanarp - ok

16:58:13.0140 2464  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys

16:58:13.0187 2464  Wdf01000 - ok

16:58:13.0187 2464  WDICA - ok

16:58:13.0187 2464  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

16:58:13.0281 2464  wdmaud - ok

16:58:13.0296 2464  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll

16:58:13.0390 2464  WebClient - ok

16:58:13.0468 2464  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

16:58:13.0562 2464  winmgmt - ok

16:58:13.0562 2464  wltrysvc - ok

16:58:13.0593 2464  [ 6E18978B749F0696A774DE3F2CB142DD ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll

16:58:13.0671 2464  WmdmPmSN - ok

16:58:13.0703 2464  [ FFA4D901D46D07A5BAB2D8307FBB51A6 ] Wmi             C:\WINDOWS\System32\advapi32.dll

16:58:13.0765 2464  Wmi - ok

16:58:13.0796 2464  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

16:58:13.0875 2464  WmiAcpi - ok

16:58:13.0890 2464  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

16:58:13.0984 2464  WmiApSrv - ok

16:58:14.0015 2464  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

16:58:14.0109 2464  wscsvc - ok

16:58:14.0125 2464  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

16:58:14.0203 2464  WSTCODEC - ok

16:58:14.0203 2464  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

16:58:14.0296 2464  wuauserv - ok

16:58:14.0343 2464  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

16:58:14.0453 2464  WZCSVC - ok

16:58:14.0468 2464  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

16:58:14.0546 2464  xmlprov - ok

16:58:14.0562 2464  ZTEusbmdm6k - ok

16:58:14.0562 2464  ZTEusbnmea - ok

16:58:14.0562 2464  ZTEusbser6k - ok

16:58:14.0578 2464  ================ Scan global ===============================

16:58:14.0593 2464  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll

16:58:14.0640 2464  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll

16:58:14.0656 2464  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll

16:58:14.0687 2464  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe

16:58:14.0687 2464  [Global] - ok

16:58:14.0687 2464  ================ Scan MBR ==================================

16:58:14.0703 2464  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0

16:58:15.0000 2464  \Device\Harddisk0\DR0 - ok

16:58:15.0000 2464  ================ Scan VBR ==================================

16:58:15.0015 2464  [ 728B359927AC7F16427987B2587A1008 ] \Device\Harddisk0\DR0\Partition1

16:58:15.0015 2464  \Device\Harddisk0\DR0\Partition1 - ok

16:58:15.0031 2464  [ 9157A432AF5D13FBB04FCA9245C93161 ] \Device\Harddisk0\DR0\Partition2

16:58:15.0031 2464  \Device\Harddisk0\DR0\Partition2 - ok

16:58:15.0031 2464  ============================================================

16:58:15.0031 2464  Scan finished

16:58:15.0031 2464  ============================================================

16:58:15.0140 2844  Detected object count: 11

16:58:15.0140 2844  Actual detected object count: 11

16:58:43.0484 2844  C:\WINDOWS\system32\DRIVERS\AegisP.sys - copied to quarantine

16:58:43.0562 2844  AegisP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

16:58:43.0625 2844  C:\Programme\Broadcom\BACS\BASFND.sys - copied to quarantine

16:58:43.0640 2844  BASFND ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

16:58:43.0671 2844  C:\Programme\Broadcom\BACS\BPowMon.exe - copied to quarantine

16:58:43.0687 2844  BPowMon ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

16:58:43.0750 2844  C:\Programme\Lenovo\Bluetooth Software\bin\btwdins.exe - copied to quarantine

16:58:43.0765 2844  btwdins ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

16:58:43.0796 2844  C:\Programme\Intel\Wireless\Bin\EvtEng.exe - copied to quarantine

16:58:43.0859 2844  EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

16:58:43.0937 2844  C:\WINDOWS\system32\FpLogonServ.exe - copied to quarantine

16:58:43.0984 2844  FingerprintServer ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

16:58:44.0000 2844  C:\Programme\Mobile Partner\UpdateDog\ouc.exe - copied to quarantine

16:58:44.0046 2844  Mobile Partner. RunOuc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

16:58:44.0125 2844  C:\Programme\Lenovo\PM Driver\PMSveH.exe - copied to quarantine

16:58:44.0171 2844  PMSveH ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

16:58:44.0203 2844  C:\Programme\Intel\Wireless\Bin\RegSrvc.exe - copied to quarantine

16:58:44.0234 2844  RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

16:58:44.0375 2844  C:\Programme\Intel\Wireless\Bin\S24EvMon.exe - copied to quarantine

16:58:44.0437 2844  S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

16:58:44.0453 2844  C:\WINDOWS\system32\DRIVERS\s24trans.sys - copied to quarantine

16:58:44.0453 2844  s24trans ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 

17:08:11.0921 3744  Deinitialize successa