Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 20.07.2010, 09:59   #1
Joe007
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Ausrufezeichen

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Hallo Forum, hallo Helfer,

ich habe mal wieder ein Problem...

Mein System:
Windows XP
AntiVir
Sygate Personal Firewall
Internetzugang über einen Router (Arcor DSL WLAN-Modem 200)

Am besten schildere ich erstmal die Symptome:
- Maus: nicht mehr weiß mit schwarzem Rand sondern zusätzlich mit schwarzen Strichen im weißen Bereich, auch bei der Sanduhr analog
- Probleme beim anzeigen von Videos, es können keine Videos abgespielt werden
- Probleme bei der Anzeige bestimmter Programme/Emails: Z.B. dauert die Anzeige von AntiVir Personal sehr lange, sprich es scheint sehr lange zu laden, beim Starten oder wenn man einen Menüpunkt anklickt usw.; selbiges bei Emails in Outlook Express, und zwar dann, wenn eine Email Daten/Bilder aus dem Internet nachladen will (obwohl Outlook diese blockiert) - das Laden dieser Emails dauert ebenfalls sehr sehr lange
- der Antivir Guard ließ sich nicht mehr aktivieren, habe anschließend AntiVir deinstalliert und Antivir 10 installiert (drüberinstallieren ging nicht), der Guard ist nun wieder aktiviert
- beim Starten/Booten zeigt der Bildschirm nichts mehr an
- gelegentlich stürzt der PC ab, wenn er e. Video laden will o.ä.

Diese Probleme sind sukzessive aufgetreten. Ich habe zunächst auf Probleme mit der Grafikkarte (nvidia Geforce 7650 GS) getippt und einen neuen Treiber installiert. Danach gings vorübergehend wieder.
Dann habe ich den PC mal komplett vom Stromnetz getrennt, und nach einigen Stunden wieder angesteckt - danach gings (vorrübergehend) wieder, jetzt hilft es jedoch nichts mehr. (das hatte ich vor ein paar Monaten schon mal gemacht, als der Bildschirm etwa alle 5-7 Sekunden für 2-3 Sekunden schwarz geworden war, damals hat das geholfen).

Viren-/Malware-Fund von Antivir:
Code:
ATTFilter
Die Datei 'C:\System Volume Information\_restore{BDB02021-8C9D-4BD9-BAB5-977838CC146D}\RP111\A0039550.dll'
enthielt einen Virus oder unerwünschtes Programm 'TR/Spy.Browse.A' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e0ad2f7.qua' verschoben!
         
Adaware hat auch mal was gefunden: Win32.Backdoor.Papras/A
Der Guard/Ad-Watch hat angeschlagen und versucht, das zu entfernen, hat auch gescannt, jedoch bin ich mir nicht sicher, ob das geklappt hat, ich hatte den Eindruck, er würde immer wieder von vorne beginnen.
log:
Code:
ATTFilter
Logfile created: 14.07.2010 11:24:51
Lavasoft Ad-Aware version: 8.1.4
Extended engine: 329338072
Extended engine version: 
User performing scan: ***

*********************** Definitions database information ***********************
Lavasoft definition file: 149.317
Genotype definition file version: 2010/07/02 07:55:37

******************************** Scan results: *********************************
Scan profile name: Intelligenter Scan  (ID: smart)
Objects scanned: 25190
Objects detected: 1


Type              Detected
==========================
Processes.......:        1
Registry entries:        0
Hostfile entries:        0
Files...........:        0
Folders.........:        0
LSPs............:        0
Cookies.........:        0
Browser hijacks.:        0
MRU objects.....:        0



Quarantined items:
Description: c:\windows\system32\diskshta.dll Family Name: Win32.Backdoor.Papras/A Engine: 1 Clean status: Reboot required Item ID: 0 Family ID: 0

Scan and cleaning complete: Finished correctly after 128 seconds

*********************************** Settings ***********************************

Scan profile:
ID: smart, enabled:1, value: Intelligenter Scan
  ID: folderstoscan, enabled:1, value: 
  ID: useantivirus, enabled:1, value: true
  ID: sections, enabled:1
    ID: scancriticalareas, enabled:1, value: true
    ID: scanrunningapps, enabled:1, value: true
    ID: scanregistry, enabled:1, value: true
    ID: scanlsp, enabled:1, value: true
    ID: scanads, enabled:1, value: false
    ID: scanhostsfile, enabled:1, value: false
    ID: scanmru, enabled:1, value: false
    ID: scanbrowserhijacks, enabled:1, value: true
    ID: scantrackingcookies, enabled:1, value: true
      ID: closebrowsers, enabled:1, value: false
  ID: filescanningoptions, enabled:1
    ID: archives, enabled:1, value: false
    ID: onlyexecutables, enabled:1, value: true
    ID: skiplargerthan, enabled:1, value: 20480
    ID: scanrootkits, enabled:1, value: true
      ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
    ID: usespywareheuristics, enabled:1, value: true

Scan global:
ID: global, enabled:1
  ID: addtocontextmenu, enabled:1, value: true
  ID: playsoundoninfection, enabled:1, value: false
    ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav

Scheduled scan settings:
<Empty>

Update settings:
ID: updates, enabled:1
  ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
  ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
  ID: schedules, enabled:1, value: true
    ID: updatedaily1, enabled:1, value: Daily 1
      ID: time, enabled:1, value: Tue Nov 10 12:22:00 2009
      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
      ID: weekdays, enabled:1
        ID: monday, enabled:1, value: false
        ID: tuesday, enabled:1, value: false
        ID: wednesday, enabled:1, value: false
        ID: thursday, enabled:1, value: false
        ID: friday, enabled:1, value: false
        ID: saturday, enabled:1, value: false
        ID: sunday, enabled:1, value: false
      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
      ID: scanprofile, enabled:1, value: 
      ID: auto_deal_with_infections, enabled:1, value: false
    ID: updatedaily2, enabled:1, value: Daily 2
      ID: time, enabled:1, value: Tue Nov 10 18:22:00 2009
      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
      ID: weekdays, enabled:1
        ID: monday, enabled:1, value: false
        ID: tuesday, enabled:1, value: false
        ID: wednesday, enabled:1, value: false
        ID: thursday, enabled:1, value: false
        ID: friday, enabled:1, value: false
        ID: saturday, enabled:1, value: false
        ID: sunday, enabled:1, value: false
      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
      ID: scanprofile, enabled:1, value: 
      ID: auto_deal_with_infections, enabled:1, value: false
    ID: updatedaily3, enabled:1, value: Daily 3
      ID: time, enabled:1, value: Tue Nov 10 00:22:00 2009
      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
      ID: weekdays, enabled:1
        ID: monday, enabled:1, value: false
        ID: tuesday, enabled:1, value: false
        ID: wednesday, enabled:1, value: false
        ID: thursday, enabled:1, value: false
        ID: friday, enabled:1, value: false
        ID: saturday, enabled:1, value: false
        ID: sunday, enabled:1, value: false
      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
      ID: scanprofile, enabled:1, value: 
      ID: auto_deal_with_infections, enabled:1, value: false
    ID: updatedaily4, enabled:1, value: Daily 4
      ID: time, enabled:1, value: Tue Nov 10 06:22:00 2009
      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
      ID: weekdays, enabled:1
        ID: monday, enabled:1, value: false
        ID: tuesday, enabled:1, value: false
        ID: wednesday, enabled:1, value: false
        ID: thursday, enabled:1, value: false
        ID: friday, enabled:1, value: false
        ID: saturday, enabled:1, value: false
        ID: sunday, enabled:1, value: false
      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
      ID: scanprofile, enabled:1, value: 
      ID: auto_deal_with_infections, enabled:1, value: false
    ID: updateweekly1, enabled:1, value: Weekly
      ID: time, enabled:1, value: Tue Nov 10 12:22:00 2009
      ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
      ID: weekdays, enabled:1
        ID: monday, enabled:1, value: false
        ID: tuesday, enabled:1, value: true
        ID: wednesday, enabled:1, value: false
        ID: thursday, enabled:1, value: false
        ID: friday, enabled:1, value: true
        ID: saturday, enabled:1, value: false
        ID: sunday, enabled:1, value: false
      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
      ID: scanprofile, enabled:1, value: 
      ID: auto_deal_with_infections, enabled:1, value: false
  ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall

Appearance settings:
ID: appearance, enabled:1
  ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
  ID: showtrayicon, enabled:1, value: true
  ID: language, enabled:1, value: de, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
  ID: autoentertainmentmode, enabled:1, value: true
  ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple

Realtime protection settings:
ID: realtime, enabled:1
  ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
  ID: modules, enabled:1
    ID: processprotection, enabled:1, value: true
    ID: registryprotection, enabled:1, value: true
    ID: networkprotection, enabled:1, value: true
  ID: layers, enabled:1
    ID: useantivirus, enabled:1, value: true
    ID: usespywareheuristics, enabled:1, value: true


****************************** System information ******************************
Computer name: MD8818
Processor name: Intel(R) Core(TM)2 CPU          6300  @ 1.86GHz
Processor identifier: x86 Family 6 Model 15 Stepping 6
Processor speed: ~1861MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 3846, number of processors 2, processor features: [MMX,SSE,SSE2]
Physical memory available: 466587648 bytes
Physical memory total: 1072082944 bytes
Virtual memory available: 1884852224 bytes
Virtual memory total: 2147352576 bytes
Memory load: 56%
Microsoft Windows XP Professional Service Pack 3 (build 2600)
Windows startup mode:

Running processes:
PID: 464 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 536 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 560 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 604 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 616 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 804 name: C:\WINDOWS\system32\nvsvc32.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 872 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 920 name: C:\WINDOWS\system32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 988 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1036 name: C:\Programme\Sygate\SPF\smc.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1152 name: C:\WINDOWS\system32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 1432 name: C:\WINDOWS\system32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1576 name: C:\Programme\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1664 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1748 name: C:\Programme\Avira\AntiVir Desktop\sched.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1792 name: C:\WINDOWS\system32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 2012 name: C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2028 name: C:\Programme\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 176 name: C:\WINDOWS\eHome\ehRecvr.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 192 name: C:\WINDOWS\eHome\ehSched.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 352 name: C:\Programme\Java\jre6\bin\jqs.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 424 name: C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 328 name: C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE owner: SYSTEM domain: NT-AUTORITÄT
PID: 524 name: C:\Programme\CyberLink\Shared Files\RichVideo.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1128 name: C:\WINDOWS\system32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1348 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2056 name: C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2144 name: C:\WINDOWS\ehome\mcrdsvc.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 2916 name: C:\WINDOWS\system32\dllhost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2980 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 3128 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 3276 name: C:\WINDOWS\system32\wbem\wmiapsrv.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 3308 name: C:\WINDOWS\System32\alg.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 3504 name: C:\WINDOWS\ehome\ehtray.exe owner: *** domain: MD8818
PID: 3512 name: C:\WINDOWS\RTHDCPL.EXE owner: *** domain: MD8818
PID: 3528 name: C:\Programme\SMSC\SetIcon.exe owner: *** domain: MD8818
PID: 3544 name: C:\Programme\QuickTime\qttask.exe owner: *** domain: MD8818
PID: 3608 name: C:\Programme\ScanSoft\PaperPort\pptd40nt.exe owner: *** domain: MD8818
PID: 3628 name: C:\WINDOWS\eHome\ehmsas.exe owner: *** domain: MD8818
PID: 3852 name: C:\Programme\Brother\ControlCenter2\brctrcen.exe owner: *** domain: MD8818
PID: 3864 name: C:\Programme\Avira\AntiVir Desktop\avgnt.exe owner: *** domain: MD8818
PID: 3980 name: C:\Programme\Java\jre6\bin\jusched.exe owner: *** domain: MD8818
PID: 4000 name: C:\WINDOWS\system32\RUNDLL32.EXE owner: *** domain: MD8818
PID: 4056 name: C:\WINDOWS\system32\ctfmon.exe owner: *** domain: MD8818
PID: 520 name: C:\Programme\OpenOffice.org 2.4\program\soffice.exe owner: *** domain: MD8818
PID: 1216 name: C:\Programme\OpenOffice.org 2.4\program\soffice.BIN owner: *** domain: MD8818
PID: 3176 name: C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe owner: *** domain: MD8818
PID: 3772 name: C:\Programme\Lavasoft\Ad-Aware\Ad-Aware.exe owner: *** domain: MD8818
PID: 2084 name: C:\WINDOWS\system32\wuauclt.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2716 name: C:\WINDOWS\explorer.exe owner: *** domain: MD8818
PID: 3808 name: C:\WINDOWS\system32\imapi.exe owner: SYSTEM domain: NT-AUTORITÄT

Startup items:
Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
          imagepath: Browseui preloader
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
          imagepath: Component Categories cache daemon
Name: PostBootReminder
          imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
Name: CDBurn
          imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Name: WebCheck
          imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: SysTray
          imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Name: CTFMON.EXE
          imagepath: C:\WINDOWS\system32\CTFMON.EXE
Name: ehTray
          imagepath: C:\WINDOWS\ehome\ehtray.exe
Name: RTHDCPL
          imagepath: RTHDCPL.EXE
Name: NeroFilterCheck
          imagepath: C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
Name: SetIcon
          imagepath: \Programme\SMSC\SetIcon.exe
Name: LanguageShortcut
          imagepath: "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe"
Name: InstantOn
          imagepath: "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c "
Name: QuickTime Task
          imagepath: "C:\Programme\QuickTime\qttask.exe" -atboottime
Name: SmcService
          imagepath: C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
Name: SSBkgdUpdate
          imagepath: "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
Name: PaperPort PTD
          imagepath: C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
Name: IndexSearch
          imagepath: C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
Name: SetDefPrt
          imagepath: C:\Programme\Brother\Brmfl04g\BrStDvPt.exe
Name: ControlCenter2.0
          imagepath: C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun
Name: avgnt
          imagepath: "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
Name: SunJavaUpdateSched
          imagepath: "C:\Programme\Java\jre6\bin\jusched.exe"
Name: nwiz
          imagepath: C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet
Name: NvCplDaemon
          imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
Name: NvMediaCenter
          imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
Name: 
          imagepath: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini

Bootexecute items:
Name: 
          imagepath: autocheck autochk *
Name: 
          imagepath: lsdelete

Running services:
Name: accsvc
          displayname: AccSys WiFi Component
Name: ALG
          displayname: Gatewaydienst auf Anwendungsebene
Name: AntiVirSchedulerService
          displayname: Avira AntiVir Planer
Name: AntiVirService
          displayname: Avira AntiVir Guard
Name: AudioSrv
          displayname: Windows Audio
Name: Browser
          displayname: Computerbrowser
Name: COMSysApp
          displayname: COM+-Systemanwendung
Name: CryptSvc
          displayname: CryptSvc
Name: DcomLaunch
          displayname: DCOM-Server-Prozessstart
Name: Dhcp
          displayname: DHCP-Client
Name: dmserver
          displayname: Verwaltung logischer Datenträger
Name: Dnscache
          displayname: DNS-Client
Name: ehRecvr
          displayname: Media Center Receiver Service
Name: ehSched
          displayname: Media Center-Planerdienst
Name: ERSvc
          displayname: Fehlerberichterstattungsdienst
Name: Eventlog
          displayname: Ereignisprotokoll
Name: EventSystem
          displayname: COM+-Ereignissystem
Name: FastUserSwitchingCompatibility
          displayname: Kompatibilität für schnelle Benutzerumschaltung
Name: helpsvc
          displayname: Hilfe und Support
Name: HidServ
          displayname: HID Input Service
Name: JavaQuickStarterService
          displayname: Java Quick Starter
Name: lanmanserver
          displayname: Server
Name: lanmanworkstation
          displayname: Arbeitsstationsdienst
Name: Lavasoft Ad-Aware Service
          displayname: Lavasoft Ad-Aware Service
Name: LightScribeService
          displayname: LightScribeService Direct Disc Labeling Service
Name: LmHosts
          displayname: TCP/IP-NetBIOS-Hilfsprogramm
Name: McrdSvc
          displayname: Media Center Extender Service
Name: MDM
          displayname: Machine Debug Manager
Name: Netman
          displayname: Netzwerkverbindungen
Name: Nla
          displayname: NLA (Network Location Awareness)
Name: NVSvc
          displayname: NVIDIA Display Driver Service
Name: PlugPlay
          displayname: Plug & Play
Name: PolicyAgent
          displayname: IPSEC-Dienste
Name: ProtectedStorage
          displayname: Geschützter Speicher
Name: RasMan
          displayname: RAS-Verbindungsverwaltung
Name: RemoteRegistry
          displayname: Remote-Registrierung
Name: RichVideo
          displayname: Cyberlink RichVideo Service(CRVS)
Name: RpcSs
          displayname: Remoteprozeduraufruf (RPC)
Name: SamSs
          displayname: Sicherheitskontenverwaltung
Name: Schedule
          displayname: Taskplaner
Name: seclogon
          displayname: Secondary Logon
Name: SENS
          displayname: Systemereignisbenachrichtigung
Name: SharedAccess
          displayname: Windows-Firewall/Gemeinsame Nutzung der Internetverbindung
Name: ShellHWDetection
          displayname: Shellhardwareerkennung
Name: SmcService
          displayname: Sygate Personal Firewall
Name: Spooler
          displayname: Druckwarteschlange
Name: srservice
          displayname: Systemwiederherstellungsdienst
Name: SSDPSRV
          displayname: SSDP Discovery Service
Name: stisvc
          displayname: Windows-Bilderfassung (WIA)
Name: TapiSrv
          displayname: Telefonie
Name: TermService
          displayname: Terminaldienste
Name: Themes
          displayname: Designs
Name: TrkWks
          displayname: Überwachung verteilter Verknüpfungen (Client)
Name: W32Time
          displayname: Windows-Zeitgeber
Name: WebClient
          displayname: WebClient
Name: winmgmt
          displayname: Windows-Verwaltungsinstrumentation
Name: WmiApSrv
          displayname: WMI-Leistungsadapter
Name: wscsvc
          displayname: Sicherheitscenter
Name: wuauserv
          displayname: Automatische Updates
Name: WZCSVC
          displayname: Konfigurationsfreie drahtlose Verbindung
Name: x10nets
          displayname: X10 Device Network Service
         
Ich denke, es ist jetzt zwangsläufig an der Zeit, den PC mal neu aufzusetzen. Vorher muss ich natürlich aber erst noch alle aktuellen Daten und Einstellungen sichern. Daher wäre es wohl wichtig, dass der PC vorher viren-/malwarefrei ist.

Daher wäre es prima, wenn ihr mir nochmal helfen könnt. Werde im Anschluss nacher noch die logs posten.

Danke,
Joe

Geändert von Joe007 (20.07.2010 um 10:03 Uhr) Grund: Code eingefügt

Alt 20.07.2010, 10:07   #2
Joe007
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Avira AntiRootkit log:

Code:
ATTFilter
Avira AntiRootkit Tool (1.1.0.1)

========================================================================================================
 - Scan started Sonntag, 18. Juli 2010 - 17:36:21
========================================================================================================

--------------------------------------------------------------------------------------------------------
   Configuration:
--------------------------------------------------------------------------------------------------------
 - [X] Scan files
 - [X] Scan registry
 - [X] Scan processes
 - [ ] Fast scan
 - Working disk total size : 278.55 GB
 - Working disk free size : 49.24 GB (17 %)
--------------------------------------------------------------------------------------------------------

Scan task finished. No hidden objects detected!

--------------------------------------------------------------------------------------------------------
Files: 0/255370
Registry items: 0/400154
Processes: 0/50
Scan time: 00:10:35
--------------------------------------------------------------------------------------------------------
Active processes:
  - bgyjfaoc.exe     (PID 3444) (Avira AntiRootkit Tool)
  - System           (PID 4)
  - smss.exe         (PID 460)
  - csrss.exe        (PID 532)
  - winlogon.exe     (PID 556)
  - services.exe     (PID 600)
  - lsass.exe        (PID 612)
  - nvsvc32.exe      (PID 800)
  - svchost.exe      (PID 868)
  - svchost.exe      (PID 916)
  - svchost.exe      (PID 984)
  - Smc.exe          (PID 1036)
  - svchost.exe      (PID 1148)
  - svchost.exe      (PID 1284)
  - explorer.exe     (PID 1432)
  - AAWService.exe   (PID 1488)
  - spoolsv.exe      (PID 1636)
  - sched.exe        (PID 1704)
  - svchost.exe      (PID 1748)
  - accsvc.exe       (PID 1832)
  - ehrecvr.exe      (PID 1880)
  - ehSched.exe      (PID 1908)
  - jqs.exe          (PID 2000)
  - LSSrvc.exe       (PID 2044)
  - MDM.EXE          (PID 340)
  - RichVideo.exe    (PID 520)
  - svchost.exe      (PID 1008)
  - svchost.exe      (PID 1192)
  - X10nets.exe      (PID 1556)
  - mcrdsvc.exe      (PID 2144)
  - dllhost.exe      (PID 2752)
  - wmiapsrv.exe     (PID 2796)
  - unsecapp.exe     (PID 2844)
  - wmiprvse.exe     (PID 2952)
  - alg.exe          (PID 3016)
  - ehtray.exe       (PID 3508)
  - RTHDCPL.exe      (PID 3524)
  - ehmsas.exe       (PID 3580)
  - SetIcon.exe      (PID 3592)
  - qttask.exe       (PID 3616)
  - pptd40nt.exe     (PID 3668)
  - brctrcen.exe     (PID 3780)
  - avgnt.exe        (PID 3856)
  - jusched.exe      (PID 3944)
  - rundll32.exe     (PID 3984)
  - ctfmon.exe       (PID 4008)
  - soffice.exe      (PID 516)
  - soffice.bin      (PID 500)
  - AAWTray.exe      (PID 2676)
  - avirarkd.exe     (PID 3876)
========================================================================================================
 - Scan finished  Sonntag, 18. Juli 2010 - 17:46:57
========================================================================================================
         

MAM hat auch nichts gefunden:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
w*w.malwarebytes.org

Datenbank Version: 4288

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

19.07.2010 02:28:34
mbam-log-2010-07-19 (02-28-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 375180
Laufzeit: 2 Stunde(n), 3 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
__________________


Alt 20.07.2010, 10:33   #3
Joe007
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



RSIT log.txt:

Code:
ATTFilter
Logfile of random's system information tool 1.08 (written by random/random)
Run by *** at 2010-07-20 11:29:34
Microsoft Windows XP Professional Service Pack 3
System drive C: has 54 GB (19%) free of 285 GB
Total RAM: 1022 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:29:51, on 20.07.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\SMSC\SetIcon.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
C:\Programme\Brother\ControlCenter2\brctrcen.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\OpenOffice.org 2.4\program\soffice.exe
C:\Programme\OpenOffice.org 2.4\program\soffice.BIN
C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
C:\Dokumente und Einstellungen\***\Desktop\RSIT.exe
C:\Programme\trend micro\***.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdmcks.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SetIcon] \Programme\SMSC\SetIcon.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [InstantOn] "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Programme\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Programme\Internet Radio\Radio.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=h**p://w*w.aldi.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160402350437
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RGZES - Unknown owner - C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9364 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-10 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Programme\Free Download Manager\iefdmcks.dll [2006-08-20 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-11-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Programme\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-09 16236032]
"NeroFilterCheck"=C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SetIcon"=\Programme\SMSC\SetIcon.exe [2004-04-28 42496]
"LanguageShortcut"=C:\Programme\Home Cinema\PowerDVD\Language\Language.exe [2006-05-18 49152]
"InstantOn"=C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe [2006-06-21 93640]
"QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2006-10-25 282624]
"SmcService"=C:\PROGRA~1\Sygate\SPF\smc.exe [2004-02-24 2372760]
"SSBkgdUpdate"=C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD"=C:\Programme\ScanSoft\PaperPort\pptd40nt.exe [2004-03-09 57393]
"IndexSearch"=C:\Programme\ScanSoft\PaperPort\IndexSearch.exe [2004-03-09 40960]
"SetDefPrt"=C:\Programme\Brother\Brmfl04g\BrStDvPt.exe [2004-11-11 49152]
"ControlCenter2.0"=C:\Programme\Brother\ControlCenter2\brctrcen.exe [2004-11-11 864256]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-11-14 149280]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BullGuard]
C:\Programme\BullGuard Software\BullGuard\bullguard.exe -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Programme\iTunes\iTunesHelper.exe [2006-10-30 256576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVBroadcast]
C:\Programme\Sceneo\Bonavista\SERVICES\ODSBC\ODSBCApp.exe [2006-10-20 814080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]
C:\Programme\Home Cinema\TV Enhance\TVEService.exe [2006-10-19 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wlconfig]
C:\Programme\WLAN Monitor\wlconfig.exe [2006-03-06 1347584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3
"TVTABRDZ"=3
"TVESched"=2
"TVECapSvc"=2
"gupdate"=2
"srvcPVR"=2

C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart
OpenOffice.org 2.4.lnk - C:\Programme\OpenOffice.org 2.4\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax"
"C:\Programme\NetMeeting\Conf.exe"="C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programme\Trillian\trillian.exe"="C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen"
"C:\Programme\WS_FTP\WS_FTP95.exe"="C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\TmNationsForever\TmForever.exe"="C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax"
"C:\Programme\NetMeeting\Conf.exe"="C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-07-18 21:47:57 ----D---- C:\WINDOWS\system32\NtmsData
2010-07-18 21:42:49 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Avira
2010-07-18 21:06:13 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2010-07-08 16:03:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-07-08 16:03:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-07-08 16:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-07-08 16:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979904$
2010-07-08 16:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-07-08 16:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-07-08 16:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-07-08 16:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-07-08 16:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-07-08 16:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-07-08 16:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-07-08 16:00:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-07-08 15:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-07-08 15:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-07-08 15:56:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-07-08 15:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-07-08 15:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-07-08 15:55:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-07-08 15:55:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-07-08 15:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-08 15:45:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-08 15:45:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-07-08 15:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-07-08 15:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-07-08 15:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-07-08 15:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-08 15:44:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-07-08 15:44:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-08 15:44:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-08 15:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-08 15:29:44 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-07-07 19:29:31 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation
2010-07-07 19:29:04 ----D---- C:\Programme\NVIDIA Corporation
2010-07-07 19:28:13 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-07-07 19:28:13 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-07-07 19:28:13 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-07-07 19:28:10 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-07-07 19:28:10 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-07-07 19:28:01 ----D---- C:\NVIDIA

======List of files/folders modified in the last 1 months======

2010-07-20 11:29:51 ----D---- C:\Programme\Trend Micro
2010-07-20 11:29:21 ----D---- C:\WINDOWS\Prefetch
2010-07-20 11:21:31 ----D---- C:\WINDOWS\Debug
2010-07-20 11:21:31 ----D---- C:\WINDOWS
2010-07-20 11:21:30 ----D---- C:\WINDOWS\Temp
2010-07-20 11:21:30 ----D---- C:\WINDOWS\Minidump
2010-07-20 11:18:33 ----D---- C:\Programme\CCleaner
2010-07-20 10:50:45 ----SD---- C:\WINDOWS\Tasks
2010-07-20 10:21:15 ----A---- C:\WINDOWS\NeroDigital.ini
2010-07-20 10:20:59 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenOffice.org2
2010-07-20 10:19:33 ----D---- C:\WINDOWS\Registration
2010-07-20 10:19:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-19 15:05:48 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-07-19 08:00:40 ----D---- C:\WINDOWS\system32
2010-07-18 23:36:58 ----SHD---- C:\System Volume Information
2010-07-18 21:48:21 ----HD---- C:\WINDOWS\inf
2010-07-18 21:47:56 ----D---- C:\WINDOWS\repair
2010-07-18 21:07:34 ----D---- C:\WINDOWS\system32\config
2010-07-18 21:07:14 ----D---- C:\WINDOWS\system32\wbem
2010-07-18 21:06:42 ----D---- C:\Programme\Biet-O-Matic
2010-07-18 21:06:38 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\BOM
2010-07-18 21:06:21 ----D---- C:\WINDOWS\system32\drivers
2010-07-18 21:02:44 ----D---- C:\Programme\Avira
2010-07-18 17:16:12 ----D---- C:\Programme\Google
2010-07-16 23:23:24 ----SHD---- C:\WINDOWS\Installer
2010-07-15 14:35:30 ----D---- C:\Programme\Trillian
2010-07-14 00:25:28 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Free Download Manager
2010-07-13 14:17:34 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FileZilla
2010-07-08 20:03:58 ----D---- C:\WINDOWS\AppPatch
2010-07-08 20:03:58 ----D---- C:\Config.Msi
2010-07-08 16:03:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-08 16:03:43 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-08 16:03:42 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-08 16:03:39 ----RSD---- C:\WINDOWS\assembly
2010-07-08 16:03:07 ----D---- C:\WINDOWS\ie8updates
2010-07-08 15:58:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-08 15:58:19 ----D---- C:\WINDOWS\WinSxS
2010-07-08 15:56:28 ----D---- C:\Programme\Movie Maker
2010-07-08 15:55:31 ----D---- C:\Programme\Internet Explorer
2010-07-08 15:44:49 ----D---- C:\Programme\Outlook Express
2010-07-07 19:30:52 ----D---- C:\WINDOWS\Help
2010-07-07 19:29:04 ----RD---- C:\Programme
2010-07-07 19:29:02 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-07-05 09:55:15 ----D---- C:\Programme\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2009-09-23 64288]
R0 ohci1394;VIA OHCI-konformer IEEE 1394-Hostcontroller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-06-04 20576]
R0 Teefer;Teefer for NT; C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys [2004-02-02 55891]
R0 uagp35;Microsoft AGPv3.5-Filter; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-09-07 9728]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-09-07 11264]
R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 wpsdrvnt;wpsdrvnt; \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-10-23 21275]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 wg3n;SyGate for NT, wg3n; C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [2004-02-02 11914]
R3 3xHybrid;Philips SAA713x PCI Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-10-10 1105664]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-03-15 43008]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-10-09 4381696]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040]
R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 catchme;catchme; \??\C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys []
S3 FETNDIS;VIA PCI 10/100-MBit/s-Fast Ethernetadapter-NT-Treiber; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\4.tmp []
S3 MHNDRV;MHN-Treiber; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-06-08 344064]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accsvc;AccSys WiFi Component; C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe [2006-01-11 147456]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center-Planerdienst; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-11-14 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Programme\Lavasoft\Ad-Aware\AAWService.exe [2010-05-19 1181328]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [2006-04-24 73728]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Programme\CyberLink\Shared Files\RichVideo.exe [2006-10-19 262247]
R2 SmcService;Sygate Personal Firewall; C:\Programme\Sygate\SPF\smc.exe [2004-02-24 2372760]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Programme\iPod\bin\iPodService.exe [2006-10-30 492608]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 RGZES;RGZES; C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe []
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]
S3 usnsvc;Messenger Sharing USN Journal Reader-Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMConnectCDS;Windows Media Connect-Dienst; C:\Programme\Windows Media Connect 2\wmccds.exe [2005-10-06 856064]
S4 gupdate;Google Update Service (gupdate); C:\Programme\Google\Update\GoogleUpdate.exe [2010-04-15 136176]
S4 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-10 182768]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 srvcPVR;Sceneo PVR Service; C:\Programme\Sceneo\Bonavista\Services\PVR\PVRService.exe [2006-10-24 1441280]
S4 TVECapSvc;TVEnhance Background Capture Service (TBCS); C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [2006-10-19 282709]
S4 TVESched;TVEnhance Task Scheduler (TTS)); C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [2006-10-19 122971]
S4 TVTABRDZ;TVTABRDZ; C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe []

-----------------EOF-----------------
         
__________________

Alt 20.07.2010, 10:37   #4
Joe007
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



RSIT info.txt:

[CODE]info.txtRSIT Logfile:
Code:
ATTFilter
logfile of random's system information tool 1.06 2009-11-13 13:15:17

======Uninstall list======

-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Programme\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.65-->"C:\Programme\7-Zip\Uninstall.exe"
Ad-Aware-->"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.8 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A70800000002}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
ALDI Online Druck Service (Sued)-->C:\PROGRA~1\ALDION~1\ALDI_ODS\UNWISE.EXE C:\PROGRA~1\ALDION~1\ALDI_ODS\INSTALL.LOG
ALDI Sued Foto Manager (D)-->C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Manager\instslct.exe
ALDI Sued Foto Service (D)-->C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Service\instslct.exe
Atlantis - Sky Patrol (remove only)-->C:\Programme\Games\Atlantis - Sky Patrol\Uninstall.exe
Audacity 1.3.7-->"C:\Programme\Audacity 1.3 Beta\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Biet-O-Matic v2.6.1-->C:\PROGRA~1\BIET-O~1\UNWISE.EXE C:\PROGRA~1\BIET-O~1\Install.log
Big Fish Games Center (remove only)-->C:\Programme\Games\Uninstall.exe
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}\Setup.exe" -l0x7 Brunin03.dllBrunin03.dll
Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon Utilities Easy-PhotoPrint-->C:\Programme\Canon\Easy-PhotoPrint\uninst.exe C:\Programme\Canon\Easy-PhotoPrint\uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Programme\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Pro-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC
EA SPORTS online 2004-->C:\Programme\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
Easy-WebPrint-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\Canon\Easy-WebPrint\Uninst.isu
Europa Raser-->C:\PROGRA~1\Davilex\EUROPA~1\UNINST32.EXE C:\PROGRA~1\Davilex\EUROPA~1\INSTALL.LOG
Fairies EU (remove only)-->C:\Programme\Games\Fairies EU\Uninstall.exe
ffdshow [rev 1473] [2007-09-10]-->"C:\Programme\ffdshow\unins000.exe"
FIFA 2004-->C:\Programme\EA SPORTS\FIFA 2004\EAUninstall.exe
FIFA RTWC 98-->C:\WINDOWS\unin0407.exe -f"C:\Program Files\EA SPORTS\FIFA RTWC 98\DeIsL1.isu"
Fish Tycoon (remove only)-->C:\Programme\Games\Fish Tycoon\Uninstall.exe
Free Download Manager 2.1-->"C:\Programme\Free Download Manager\unins000.exe"
GemMaster Mystic-->"C:\Programme\GemMasterGerman\uninstallgemmaster.exe"
GetRight-->"C:\Programme\GetRight\unins000.exe"
GIMP 2.6.7-->"C:\Programme\GIMP-2.0\setup\unins000.exe"
Google Earth-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x7  -removeonly
Google Toolbar for Internet Explorer-->"C:\Programme\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Hidden Expedition Titanic (remove only)-->C:\Programme\Games\Hidden Expedition Titanic\Uninstall.exe
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Internet Radio-->"C:\WINDOWS\lsb_un20.exe" /C=UC /N=Internet Radio
iTunes-->MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
KompoZer 0.77-->"C:\Programme\KompoZer\unins000.exe"
LAME v3.98.2 for Audacity-->"C:\Programme\Lame for Audacity\unins000.exe"
LetsTrade Komponenten-->C:\WINDOWS\fpuninst.exe -uninstall:"c:\programme\letstrade\uninst\uninst.ini"
MagicDirector 1.2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe"  -uninstall
Mah-Jomino (remove only)-->C:\Programme\Games\Mah-Jomino\Uninstall.exe
MakeDisc-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe"  -uninstall
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
MCE Software Encoder 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\setup.exe"  -uninstall
MediaShow 3.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe"  -uninstall
MEDION Fotos auf CD Sued (D)-->C:\Programme\ALDI Sued Foto Service\MEDION_Fotos_auf_CD\instslct.exe
Mein Geld Professional-->MsiExec.exe /I{08E4F3CE-A34E-4667-8DE9-147249FAE468}
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Windows-Journal-Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Microsoft Works-->MsiExec.exe /I{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}
Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Mozilla Firefox (3.5.5)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Mystery Case Files - Huntsville (remove only)-->C:\Programme\Games\Mystery Case Files - Huntsville\Uninstall.exe
Mystery Case Files - Prime Suspects (remove only)-->C:\Programme\Games\Mystery Case Files - Prime Suspects\Uninstall.exe
Mystic Inn (remove only)-->C:\Programme\Games\Mystic Inn\Uninstall.exe
Need For Speed Hot Pursuit 2-->C:\Programme\EA Games\Need For Speed Hot Pursuit 2\EAUninstall.exe
Need For Speed II SE-->C:\WINDOWS\unin0407.exe -f"C:\Programme\Electronic Arts\Need For Speed II SE\DeIsL1.isu"
Nero 7 Essentials-->MsiExec.exe /I{5B8072B3-A576-4C0B-99BC-FAA7145A1031}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Office 2003 Trial Assistant-->MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
OpenOffice.org 2.4-->MsiExec.exe /I{50E21B3A-FF06-412D-879B-DEA30815736E}
Otto-->"C:\Programme\GermanOtto\uninstallotto.exe"
PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
PDFCreator-->C:\Programme\PDFCreator\unins000.exe
PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe"  -uninstall
Poker Superstars II (remove only)-->C:\Programme\Games\Poker Superstars II\Uninstall.exe
PowerCinema Linux 5.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}\Setup.exe"  -uninstall
PowerDirector-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe"  -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe"  -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe"  -uninstall
QuickTime-->MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
Ralink Wireless LAN-Karte-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x7  -removeonly
RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7  -removeonly
Sceneo Bonavista-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}\Setup.exe" 
SDFormatter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{5A347920-4AFC-11D5-9FB0-800649886934}\setup.exe" 
Security Update für Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Sicherheitsupdate für Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Sicherheitsupdate für Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Sygate Personal Firewall-->MsiExec.exe /X{F860F390-78F4-4B45-8C1A-0489618E315B}
Trillian-->C:\Programme\Trillian\trillian.exe /uninstall
Turbo Lister 2-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548} 
TV Enhance-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E4C891D6-6844-41B8-86E8-633CACCC644F}\setup.exe"  -uninstall
TVsweeper-->MsiExec.exe /I{D0CC1431-915D-4454-A045-232155BFD498}
Update für Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update für Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update Rollup 2 für Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
USB2.0 CARD READER-->MsiExec.exe /I{247A11CA-F5CE-4DD6-85E2-64850E64E064}
VIA Platform Device Manager-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} 
VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VideoLAN VLC media player 0.8.6-->C:\Programme\VideoLAN\VLC\uninstall.exe
Virtual Villagers (remove only)-->C:\Programme\Games\Virtual Villagers\Uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VRally3-->C:\Programme\Atari\VRally3\unins000.exe
Windows Live Messenger-->MsiExec.exe /I{8DCBD4B1-DD30-4A9A-ADF7-FA3162B596C4}
Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Messenger 5.1-->MsiExec.exe /I{9D1C26BD-E792-4159-9D16-07EA222D8EF0}
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Windows-Sicherungsprogramm-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
WLAN Monitor-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2808E975-BD01-47DD-9852-54E3C622BDDC}\setup.exe" -l0x7 
WLAN Quick-Starter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E40268F4-7E9F-4E07-B773-7FF64971F42E}\setup.exe" -l0x7 
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log

======Security center information======

AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (outdated)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: AntiVir Desktop
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic

======System event log======

Computer Name: MD8818
Event Code: 6006
Message: Der Ereignisprotokolldienst wurde beendet.

Record Number: 69441
Source Name: EventLog
Time Written: 20090928005954.000000+120
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 8033
Message: Der Suchdienst hat eine Wahl auf dem Netzwerk "\Device\NetBT_Tcpip_{49D23CDE-0437-47B3-A174-4D15408BFA1C}" erzwungen, da der Hauptsuchdienst beendet wurde.

Record Number: 69440
Source Name: BROWSER
Time Written: 20090928005924.000000+120
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 4202
Message: Es wurde festgestellt, dass der Netzwerkadapter "VIA Rhine II Fast Ethernet Adapter" vom Netzwerk getrennt wurde,
und dass die Netzwerkkonfiguration des Adapters freigegeben wurde. Möglicherweise
ist der Adapter beschädigt, falls der Adapter nicht vom Netzwerk getrennt wurde.
Wenden Sie sich an den Hersteller bezüglich aktueller Treiber.

Record Number: 69439
Source Name: Tcpip
Time Written: 20090928005922.000000+120
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 7036
Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Beendet".

Record Number: 69438
Source Name: Service Control Manager
Time Written: 20090928003849.000000+120
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 7036
Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Ausgeführt".

Record Number: 69437
Source Name: Service Control Manager
Time Written: 20090928003842.000000+120
Event Type: Informationen
User: 

=====Application event log=====

Computer Name: MD8818
Event Code: 0
Message: 
Record Number: 14813
Source Name: iPod Service
Time Written: 20090327080931.000000+060
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 0
Message: 
Record Number: 14812
Source Name: TVESched
Time Written: 20090327080924.000000+060
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 0
Message: 
Record Number: 14811
Source Name: TVECapSvc
Time Written: 20090327080924.000000+060
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 1800
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.

Record Number: 14810
Source Name: SecurityCenter
Time Written: 20090327080924.000000+060
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 32068
Message: Die ausgehende Verteilerregel ist nicht gültig, weil kein gültiges Gerät gefunden werden kann. Ausgehende Faxe, die diese Regel verwenden, werden nicht weitergeleitet. Stellen Sie sicher, dass das angezielte Gerät bzw. die angezielten Geräte angeschlossen, korrekt installiert und angeschaltet sind. Stellen Sie außerdem sicher, dass die Gruppe korrekt konfiguriert ist, falls die Weiterleitung an eine Gruppe von Geräten erfolgen soll.
Landes-/Regionskennzahl: "*"
Ortskennzahl: "*"

Record Number: 14809
Source Name: Microsoft Fax
Time Written: 20090327080923.000000+060
Event Type: Warnung
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Programme\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Programme\Java\jre1.5.0_08\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre1.5.0_08\lib\ext\QTJava.zip

-----------------EOF-----------------
         
--- --- ---



so, das wär's erstmal. Ich hoffe, ihr könnt mir weiterhelfen.

Danke und viele Grüße
Joe

Geändert von Joe007 (20.07.2010 um 10:43 Uhr)

Alt 21.07.2010, 13:45   #5
Joe007
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Habe MAM nochmal komplett drüberlaufen lassen - kein Fund.

Habe AntiVir geupdated nochmal drüberlaufen lassen, 1 Fund: JAVA/Agent.T.1
Code:
ATTFilter
Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Mittwoch, 21. Juli 2010  12:52
 
Es wird nach 2395531 Virenstämmen gesucht.
 
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
 
Lizenznehmer   : Avira AntiVir Personal - FREE Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows XP
Windowsversion : (Service Pack 3)  [5.1.2600]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : MD8818
 
Versionsinformationen:
BUILD.DAT      : 10.0.0.567     32097 Bytes  19.04.2010 15:50:00
AVSCAN.EXE     : 10.0.3.0      433832 Bytes  01.04.2010 11:37:35
AVSCAN.DLL     : 10.0.3.0       56168 Bytes  30.03.2010 10:42:16
LUKE.DLL       : 10.0.2.3      104296 Bytes  07.03.2010 17:32:59
LUKERES.DLL    : 10.0.0.0       13672 Bytes  14.01.2010 10:59:47
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 08:05:36
VBASE001.VDF   : 7.10.1.0     1372672 Bytes  19.11.2009 18:27:49
VBASE002.VDF   : 7.10.3.1     3143680 Bytes  20.01.2010 16:37:42
VBASE003.VDF   : 7.10.3.75     996864 Bytes  26.01.2010 15:37:42
VBASE004.VDF   : 7.10.4.203   1579008 Bytes  05.03.2010 10:29:03
VBASE005.VDF   : 7.10.6.82    2494464 Bytes  15.04.2010 19:44:22
VBASE006.VDF   : 7.10.7.218   2294784 Bytes  02.06.2010 19:44:26
VBASE007.VDF   : 7.10.7.219      2048 Bytes  02.06.2010 19:44:26
VBASE008.VDF   : 7.10.7.220      2048 Bytes  02.06.2010 19:44:26
VBASE009.VDF   : 7.10.7.221      2048 Bytes  02.06.2010 19:44:26
VBASE010.VDF   : 7.10.7.222      2048 Bytes  02.06.2010 19:44:26
VBASE011.VDF   : 7.10.7.223      2048 Bytes  02.06.2010 19:44:26
VBASE012.VDF   : 7.10.7.224      2048 Bytes  02.06.2010 19:44:26
VBASE013.VDF   : 7.10.8.37     270336 Bytes  10.06.2010 19:44:26
VBASE014.VDF   : 7.10.8.69     138752 Bytes  14.06.2010 19:44:27
VBASE015.VDF   : 7.10.8.102    130560 Bytes  16.06.2010 19:44:27
VBASE016.VDF   : 7.10.8.135    152064 Bytes  21.06.2010 19:44:28
VBASE017.VDF   : 7.10.8.163    432128 Bytes  23.06.2010 19:44:28
VBASE018.VDF   : 7.10.8.194    133632 Bytes  27.06.2010 19:44:29
VBASE019.VDF   : 7.10.8.220    134656 Bytes  29.06.2010 19:44:29
VBASE020.VDF   : 7.10.8.252    171520 Bytes  04.07.2010 19:44:30
VBASE021.VDF   : 7.10.9.19     131072 Bytes  06.07.2010 19:44:30
VBASE022.VDF   : 7.10.9.36     297472 Bytes  07.07.2010 19:44:30
VBASE023.VDF   : 7.10.9.60     150016 Bytes  11.07.2010 19:44:31
VBASE024.VDF   : 7.10.9.79     113152 Bytes  13.07.2010 19:44:31
VBASE025.VDF   : 7.10.9.99     158720 Bytes  16.07.2010 19:44:31
VBASE026.VDF   : 7.10.9.133    630784 Bytes  20.07.2010 10:46:05
VBASE027.VDF   : 7.10.9.134      2048 Bytes  20.07.2010 10:46:05
VBASE028.VDF   : 7.10.9.135      2048 Bytes  20.07.2010 10:46:05
VBASE029.VDF   : 7.10.9.136      2048 Bytes  20.07.2010 10:46:06
VBASE030.VDF   : 7.10.9.137      2048 Bytes  20.07.2010 10:46:06
VBASE031.VDF   : 7.10.9.139     15872 Bytes  21.07.2010 10:46:06
Engineversion  : 8.2.4.22  
AEVDF.DLL      : 8.1.2.0       106868 Bytes  18.07.2010 19:44:37
AESCRIPT.DLL   : 8.1.3.41     1364346 Bytes  21.07.2010 10:46:15
AESCN.DLL      : 8.1.6.1       127347 Bytes  18.07.2010 19:44:36
AESBX.DLL      : 8.1.3.1       254324 Bytes  18.07.2010 19:44:37
AERDL.DLL      : 8.1.8.2       614772 Bytes  21.07.2010 10:46:14
AEPACK.DLL     : 8.2.3.2       471414 Bytes  21.07.2010 10:46:13
AEOFFICE.DLL   : 8.1.1.7       201081 Bytes  21.07.2010 10:46:12
AEHEUR.DLL     : 8.1.2.6      2793846 Bytes  21.07.2010 10:46:11
AEHELP.DLL     : 8.1.13.2      242039 Bytes  21.07.2010 10:46:08
AEGEN.DLL      : 8.1.3.15      385396 Bytes  21.07.2010 10:46:08
AEEMU.DLL      : 8.1.2.0       393588 Bytes  18.07.2010 19:44:33
AECORE.DLL     : 8.1.16.2      192887 Bytes  21.07.2010 10:46:07
AEBB.DLL       : 8.1.1.0        53618 Bytes  18.07.2010 19:44:32
AVWINLL.DLL    : 10.0.0.0       19304 Bytes  14.01.2010 10:59:10
AVPREF.DLL     : 10.0.0.0       44904 Bytes  14.01.2010 10:59:07
AVREP.DLL      : 10.0.0.8       62209 Bytes  18.02.2010 15:47:40
AVREG.DLL      : 10.0.3.0       53096 Bytes  01.04.2010 11:35:44
AVSCPLR.DLL    : 10.0.3.0       83816 Bytes  01.04.2010 11:39:49
AVARKT.DLL     : 10.0.0.14     227176 Bytes  01.04.2010 11:22:11
AVEVTLOG.DLL   : 10.0.0.8      203112 Bytes  26.01.2010 08:53:25
SQLITE3.DLL    : 3.6.19.0      355688 Bytes  28.01.2010 11:57:53
AVSMTP.DLL     : 10.0.0.17      63848 Bytes  16.03.2010 14:38:54
NETNT.DLL      : 10.0.0.0       11624 Bytes  19.02.2010 13:40:55
RCIMAGE.DLL    : 10.0.0.26    2550120 Bytes  28.01.2010 12:10:08
RCTEXT.DLL     : 10.0.53.0      98152 Bytes  09.04.2010 13:14:28
 
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: c:\programme\avira\antivir desktop\sysscan.avp
Protokollierung.......................: niedrig
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Optimierter Suchlauf..................: ein
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: mittel
Abweichende Gefahrenkategorien........: +APPL,+PCK,+SPR,
 
Beginn des Suchlaufs: Mittwoch, 21. Juli 2010  12:52
 
Der Suchlauf nach versteckten Objekten wird begonnen.
 
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'msdtc.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'AAWTray.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'alg.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiapsrv.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehmsas.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'soffice.BIN' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'soffice.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'RUNDLL32.EXE' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'brctrcen.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'pptd40nt.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'qttask.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'SetIcon.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'RTHDCPL.EXE' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehtray.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'mcrdsvc.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'x10nets.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'RichVideo.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'MDM.EXE' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'LSSrvc.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'jqs.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehSched.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehRecvr.exe' - '182' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'accsvc.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'AAWService.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'smc.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '163' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvsvc32.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
 
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD1
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD2
    [INFO]      Es wurde kein Virus gefunden!
Masterbootsektor HD3
    [INFO]      Es wurde kein Virus gefunden!
 
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'D:\'
    [INFO]      Es wurde kein Virus gefunden!
 
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1748' Dateien ).
 
 
Der Suchlauf über die ausgewählten Dateien wird begonnen:
 
Beginne mit der Suche in 'C:\' <BOOT>
C:\WINDOWS\Temp\6.0\29\7adbb65d-74619230
[0] Archivtyp: ZIP
  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.T.1
  --> vmain.class
  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.T.1
Beginne mit der Suche in 'D:\' <RECOVER>
 
Beginne mit der Desinfektion:
C:\WINDOWS\Temp\6.0\29\7adbb65d-74619230
    [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.T.1
    [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e3f4f58.qua' verschoben!
 
 
Ende des Suchlaufs: Mittwoch, 21. Juli 2010  14:43
Benötigte Zeit:  1:49:58 Stunde(n)
 
Der Suchlauf wurde vollständig durchgeführt.
 
  17521 Verzeichnisse wurden überprüft
 611953 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 611952 Dateien ohne Befall
  10524 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise
 645398 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         
(in Quarantäne verschoben)

Und siehe da: Maus wieder ohne schwarze Quer-Striche, AntiVir funzt wieder schneller, Videos kann ich wieder anschaun (VLC Player), die genannten Emails werden wieder normal schnell geladen :-)

Aber obs das schon war, weiß ich nicht...

Die Probleme kamen kurz darauf wieder, habe dann MAM drüberlaufen lassen - kein Fund, anschließend AntiVir - folgender Fund:
Code:
ATTFilter
Die Datei 'C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\8DIRGLUN\nobj[1].exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Gendal.52224.BI' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4fbab14b.qua' verschoben!
         
Dann erstmal wieder keine Probleme, heute aber wieder die gleichen Probleme (sh. oben). Heute aber keine Funde mit MAM/Antivir.
Habe gestern das aktuelle Update von Firefox installiert, ich weiß nicht, ob es damit zusammenhängen könnte.

hoffe noch auf Hilfe, die noch bestehenden Symptome sind:
- Computer-Maus: hat schwarze Querstreifen im normalerweise weißen Bereich (manchmal auch rot, ändert sich manchmal beim Bewegen der Maus)
- Probleme beim Anzeigen von Videos, es können keine Videos abgespielt werden (nur Ton)
- Probleme bei der Anzeige bestimmter Programme/Emails: Z.B. dauert die Anzeige von AntiVir Personal sehr lange, sprich es scheint sehr lange zu laden, beim Starten oder wenn man einen Menüpunkt anklickt usw.; selbiges bei Emails in Outlook Express, und zwar dann, wenn eine Email Daten/Bilder aus dem Internet nachladen will (obwohl Outlook diese ja blockiert) - das Laden dieser Emails dauert ebenfalls sehr sehr lange (es werden dann auch keine Bilder angezeigt, trotzdem dauert es lange)
- beim Starten/Booten zeigt der Bildschirm nichts mehr an (bis zur Benutzerauswahl)
- der PC stürzt öfters ab, wenn er ein Video laden will o.ä.

Nach Virenfunden (s.o.) gings kurzzeitig wieder, jetzt wieder nicht mehr.

Habe jetzt mal noch GMER scannen lassen. Ist sehr schnell erledigt gewesen
Log:
Code:
ATTFilter
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-28 09:59:12
Windows 5.1.2600 Service Pack 3
Running: pgtrnxzt.exe; Driver: C:\DOKUME~1\FAMILI~1\LOKALE~1\Temp\pxtdypow.sys
 
 
---- System - GMER 1.0.15 ----
 
SSDT            F7C3DEA6                                                                                                 ZwCreateKey
SSDT            F7C3DE9C                                                                                                 ZwCreateThread
SSDT            F7C3DEAB                                                                                                 ZwDeleteKey
SSDT            F7C3DEB5                                                                                                 ZwDeleteValueKey
SSDT            F7C3DEBA                                                                                                 ZwLoadKey
SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                        ZwMapViewOfSection [0xF79B18D0]
SSDT            F7C3DE88                                                                                                 ZwOpenProcess
SSDT            F7C3DE8D                                                                                                 ZwOpenThread
SSDT            F7C3DEC4                                                                                                 ZwReplaceKey
SSDT            F7C3DEBF                                                                                                 ZwRestoreKey
SSDT            F7C3DEB0                                                                                                 ZwSetValueKey
SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                        ZwShutdownSystem [0xF79B1E70]
SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                        ZwTerminateProcess [0xF79B1E00]
 
---- Kernel code sections - GMER 1.0.15 ----
 
.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                 section is writeable [0xF5F643A0, 0x592C35, 0xE8000020]
.text           tcpip.sys!IPTransmit + 10FC                                                                              F3666D3A 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           tcpip.sys!IPTransmit + 2A52                                                                              F3668690 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           tcpip.sys!IPRegisterProtocol + 930                                                                       F367E454 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           wanarp.sys                                                                                               F78253FD 4 Bytes  CALL F731B350 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           wanarp.sys                                                                                               F7825402 2 Bytes  [90, 90] {NOP ; NOP }
 
---- Kernel IAT/EAT - GMER 1.0.15 ----
 
IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter]                                      [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter]                                       [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol]                                [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol]                                  [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol]                                 [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter]                                      [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter]                                     [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol]                               [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol]                                  [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol]                                [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter]                                      [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter]                                       [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter]                                        [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter]                                         [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol]                                    [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol]                                 [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol]                                   [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter]                                        [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter]                                       [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter]                                      [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter]                                       [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol]                                [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol]                                  [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol]                                  [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol]                                [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter]                                      [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter]                                       [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
 
---- Devices - GMER 1.0.15 ----
 
Device          \Driver\Tcpip \Device\Ip                                                                                 wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device          \Driver\Tcpip \Device\Tcp                                                                                wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
 
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                Lbd.sys (Boot Driver/Lavasoft AB)
 
Device          \Driver\Tcpip \Device\Udp                                                                                wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device          \Driver\Tcpip \Device\RawIp                                                                              wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device          \Driver\Tcpip \Device\IPMULTICAST                                                                        wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
 
AttachedDevice  \FileSystem\Fastfat \Fat                                                                                 fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
 
---- Registry - GMER 1.0.15 ----
 
Reg             HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@j!s!i!`!r!`!e!d!\30!\30!t!e!s!m!s!y!  71230
 
---- EOF - GMER 1.0.15 ----
         
Hmmm, als ich das log gerade im Editor speichern wollte, hat er sich mehrmals aufgehängt (als ich auf Speichern im Speichern unter-Fenster geklickt habe), gleiches mit MS Works Textverarbeitung (speichern in einer bereits vorhandenen .txt funktionierte dann)
Auch beim Neustarten hat der PC nicht reagiert (sich aber nicht vollständig aufgehängt). Im Task-Manager war lsass.exe mit 50% CPU-Auslastung drin, und bei den Anwendungen "SysFader" - keine Rückmeldung...
Der Task-Manager hat dann auch nicht mehr reagiert, es half nur noch ein Kaltstart.

da ich leider noch keine Reaktion erhalten habe und nicht weiß, bis wann ich eine Antwort bekommen könnte, habe ich mein Problem nun unter Windows XP Win32.Backdoor.Papras/A, TR/Spy.Browse.A (Trojan), JAVA/Agent.T.1; Grafikprobleme,... geschildert.
Wenn mir dort zwischenzeitlich geholfen wird, ist in diesem Thread keine Antwort mehr nötig.
Danke und nichts für ungut.

(Natürlich freue ich mich auch weiterhin, wenn ich Hilfe bekomme.)
Ist mein System noch infiziert?


Alt 29.07.2010, 20:52   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Hallo,

Zitat:
Sygate Personal Firewall
Das ist nichts weiter als ein Spielzeug, das eher kontraproduktiv ist. Solltest Du deinstallieren, allein schon deswegen, weil das Teil schon lange nicht mehr supportet wird (vor einigen Jahren wurde Sygate AFAIK von Symantec übernommen)


Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
--> Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?

Alt 29.07.2010, 23:05   #7
Joe007
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Hallo Arne,

danke für Deine Antwort!

Hier die beiden Log-files:

Extras.txt
Code:
ATTFilter
OTL Extras logfile created on: 30.07.2010 00:00:54 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.022,00 Mb Total Physical Memory | 328,00 Mb Available Physical Memory | 32,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 278,55 Gb Total Space | 65,66 Gb Free Space | 23,57% Space Free | Partition Type: NTFS
Drive D: | 19,52 Gb Total Space | 5,46 Gb Free Space | 27,95% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MD8818
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)
"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)
"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.)
"C:\Programme\Trillian\trillian.exe" = C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios)
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen -- (Microsoft Corporation)
"C:\Programme\WS_FTP\WS_FTP95.exe" = C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA 02173)
"C:\Programme\TmNationsForever\TmForever.exe" = C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{08E4F3CE-A34E-4667-8DE9-147249FAE468}" = Mein Geld Professional
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{247A11CA-F5CE-4DD6-85E2-64850E64E064}" = USB2.0 CARD READER
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 21
"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe  1.4.89.1
"{2808E975-BD01-47DD-9852-54E3C622BDDC}" = WLAN Monitor
"{31671B31-682F-499E-00B9-7AD7D33C9E4F}" = Need For Speed Hot Pursuit 2
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows-Journal-Viewer
"{446DBFFA-4088-48E3-8932-74316BA4CAE4}" = iTunes
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo Bonavista
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{50D8FFDD-90CD-4859-841F-AA1961C7767A}" = QuickTime
"{50E21B3A-FF06-412D-879B-DEA30815736E}" = OpenOffice.org 2.4
"{5A347920-4AFC-11D5-9FB0-800649886934}" = SDFormatter
"{5B8072B3-A576-4C0B-99BC-FAA7145A1031}" = Nero 7 Essentials
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.0
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm
"{782DDB70-3DF4-4366-00BF-E3767BCD173B}" = FIFA 2004
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DCBD4B1-DD30-4A9A-ADF7-FA3162B596C4}" = Windows Live Messenger
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D1C26BD-E792-4159-9D16-07EA222D8EF0}" = Windows Messenger 5.1
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A70800000002}" = Adobe Reader 7.0.8 - Deutsch
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0CC1431-915D-4454-A045-232155BFD498}" = TVsweeper
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}" = PowerCinema Linux 5.0
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E40268F4-7E9F-4E07-B773-7FF64971F42E}" = WLAN Quick-Starter
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink Wireless LAN-Karte
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F79A208D-D929-11D9-9D77-000129760D75}" = MagicDirector 1.2
"{F860F390-78F4-4B45-8C1A-0489618E315B}" = Sygate Personal Firewall
"1F811665-E818-4956-9173-35CD47C9DCE0" = Otto
"7A1E1C4F-CC6F-4BF0-BB81-7CFC3F655564" = GemMaster Mystic
"7-Zip" = 7-Zip 4.65
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2004
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued)
"ALDI Sued Foto Manager D" = ALDI Sued Foto Manager (D)
"ALDI Sued Foto Service D" = ALDI Sued Foto Service (D)
"Atlantis - Sky Patrol" = Atlantis - Sky Patrol (remove only)
"Audacity 1.3 Beta_is1" = Audacity 1.3.7
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Avira UnErase Personal" = Avira UnErase Personal
"Biet-O-Matic v2.6.1" = Biet-O-Matic v2.6.1
"Big Fish Games Center" = Big Fish Games Center (remove only)
"CCleaner" = CCleaner
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"Europa Raser" = Europa Raser
"Fairies EU" = Fairies EU (remove only)
"ffdshow_is1" = ffdshow [rev 1473] [2007-09-10]
"FIFA RTWC 98" = FIFA RTWC 98
"FileZilla Client" = FileZilla Client 3.3.3
"Fish Tycoon" = Fish Tycoon (remove only)
"Free Download Manager_is1" = Free Download Manager 2.1
"GetRight_is1" = GetRight
"Hidden Expedition Titanic" = Hidden Expedition Titanic (remove only)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"Internet Radio" = Internet Radio
"KompoZer_is1" = KompoZer 0.77
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LetsTrade" = LetsTrade Komponenten
"Mah-Jomino" = Mah-Jomino (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued (D)
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Mystery Case Files - Huntsville" = Mystery Case Files - Huntsville (remove only)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"Mystic Inn" = Mystic Inn (remove only)
"Need For Speed II SE" = Need For Speed II SE
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Poker Superstars II" = Poker Superstars II (remove only)
"RealPlayer 6.0" = RealPlayer
"TmNationsForever_is1" = TmNationsForever
"Trillian" = Trillian
"Virtual Villagers" = Virtual Villagers (remove only)
"VLC media player" = VideoLAN VLC media player 0.8.6
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"VRally3_is1" = VRally3
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.7
"WMCSetup" = Windows Media Connect
"X10Hardware" = X10 Hardware(TM)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SC07-PRO7" = Ski Challenge 2007 (Pro7)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 19.07.2010 01:53:16 | Computer Name = MD8818 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten
 Vorgang nicht ausführen.  .
 
Error - 19.07.2010 01:53:16 | Computer Name = MD8818 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten
 Vorgang nicht ausführen.  .
 
Error - 19.07.2010 07:58:31 | Computer Name = MD8818 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
 zurückgegeben.  .
 
Error - 19.07.2010 08:00:29 | Computer Name = MD8818 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
 zurückgegeben.  .
 
Error - 19.07.2010 08:00:45 | Computer Name = MD8818 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten
 Vorgang nicht ausführen.  .
 
Error - 19.07.2010 08:19:25 | Computer Name = MD8818 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
 zurückgegeben.  .
 
Error - 19.07.2010 08:19:46 | Computer Name = MD8818 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 19.07.2010 08:48:20 | Computer Name = MD8818 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung msimn.exe, Version 6.0.2900.5512, fehlgeschlagenes
 Modul riched20.dll, Version 5.30.23.1230, Fehleradresse 0x00005b3a.
 
Error - 19.07.2010 09:05:25 | Computer Name = MD8818 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich 749919678.
 
Error - 22.07.2010 03:18:18 | Computer Name = MD8818 | Source = COM+ | ID = 135761
Description = In der Laufzeitumgebung wurde ein inkonsistenter interner Status erkannt.
 Dies deutet auf eine potenzielle Instabilität des Prozesses hin. Diese Instabilität
 wird durch die in der COM+-Anwendung ausgeführten benutzerdefinierten Komponenten,
 die von ihnen verwendeten Komponenten oder durch andere Faktoren verursacht. Fehler
 in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector
 fail
 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
OTL.txt
Code:
ATTFilter
OTL logfile created on: 30.07.2010 00:00:54 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.022,00 Mb Total Physical Memory | 328,00 Mb Available Physical Memory | 32,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 278,55 Gb Total Space | 65,66 Gb Free Space | 23,57% Space Free | Partition Type: NTFS
Drive D: | 19,52 Gb Total Space | 5,46 Gb Free Space | 27,95% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MD8818
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.exe (OpenOffice.org)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe (AccSys GmbH)
PRC - C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
PRC - C:\Programme\SMSC\SetIcon.exe (Standard Microsystems Corp.)
PRC - C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
PRC - C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\SSSensor.dll (Sygate Technologies, Inc.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (TVTABRDZ) -- C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe File not found
SRV - (RGZES) -- C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe File not found
SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (srvcPVR) -- C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)
SRV - (TVESched) TVEnhance Task Scheduler (TTS)) -- C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe ()
SRV - (TVECapSvc) TVEnhance Background Capture Service (TBCS) -- C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe ()
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (accsvc) -- C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe (AccSys GmbH)
SRV - (WMConnectCDS) -- C:\Programme\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)
SRV - (SmcService) -- C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\4.tmp File not found
DRV - (DMSKSSRh) -- C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys File not found
DRV - (catchme) -- C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys File not found
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.)
DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)
DRV - (wpsdrvnt) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Sygate Technologies, Inc.)
DRV - (Teefer) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys (Sygate Technologies, Inc.)
DRV - (wg3n) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys (Sygate Technologies, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {B0D70E72-2FC1-4b9f-A3D4-5921C854D906}:1.2
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.28
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.25 09:36:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.29 10:38:23 | 000,000,000 | ---D | M]
 
[2009.08.31 09:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2010.07.29 11:05:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions
[2010.07.24 10:25:54 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010.05.14 08:54:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.06.15 09:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}
[2008.06.04 22:50:45 | 000,001,051 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\searchplugins\leo-eng-ger.xml
[2010.07.29 11:05:00 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.07.29 10:38:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.06.26 10:03:55 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.06.26 10:03:55 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.06.26 10:03:55 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.06.26 10:03:55 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.06.26 10:03:55 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.08.14 15:04:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdmcks.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [InstantOn] C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\Home Cinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [SetIcon] \Programme\SMSC\SetIcon.exe ()
O4 - HKLM..\Run: [SmcService] C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRDownload.htm ()
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRBrowse.htm ()
O9 - Extra Button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Programme\Internet Radio\Radio.exe (EndicoSoft.com)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160402350437 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.29 13:36:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.07.29 23:58:09 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2010.07.29 12:10:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.07.29 11:55:23 | 000,000,000 | ---D | C] -- C:\bcf8b9367cd64455d6d3bc6c9f
[2010.07.29 11:54:50 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.07.29 11:38:42 | 000,000,000 | ---D | C] -- C:\Programme\HijackThis
[2010.07.29 10:39:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.07.29 10:39:00 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2010.07.29 10:38:22 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.07.29 10:38:22 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.07.29 10:38:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.07.29 10:38:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.07.25 13:53:37 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent
[2010.07.18 21:47:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010.07.18 21:42:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Avira
[2010.07.18 21:06:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2010.07.08 15:31:46 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010.07.08 15:31:34 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.07.08 15:30:26 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.07.08 15:29:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.07.07 19:29:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation
[2010.07.07 19:29:04 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.07.07 19:28:13 | 002,632,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010.07.07 19:28:13 | 002,165,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010.07.07 19:28:13 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010.07.07 19:28:10 | 010,256,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010.07.07 19:28:10 | 004,554,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010.07.07 19:28:01 | 000,000,000 | ---D | C] -- C:\NVIDIA
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.07.29 23:58:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2010.07.29 18:24:01 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010.07.29 12:24:02 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2010.07.29 12:09:42 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.07.29 12:09:42 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010.07.29 12:09:42 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010.07.29 12:07:52 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.07.29 12:06:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.29 12:05:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.29 12:05:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.29 12:05:51 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.29 12:04:50 | 014,417,920 | ---- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.dat
[2010.07.29 12:04:50 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini
[2010.07.29 11:33:04 | 000,030,259 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\hjtscanlist.bat
[2010.07.29 10:39:05 | 004,287,990 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.07.28 09:49:45 | 000,293,376 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\pgtrnxzt.exe
[2010.07.27 11:31:55 | 000,038,912 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.27 09:17:57 | 001,056,220 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.07.27 09:17:57 | 000,453,824 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.07.27 09:17:57 | 000,436,316 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.07.27 09:17:57 | 000,082,866 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.07.27 09:17:57 | 000,069,636 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.07.24 18:20:06 | 000,001,590 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Trillian.lnk
[2010.07.22 18:24:18 | 000,045,819 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Reisekostenerstattung_Vorstellungsgespräch_mit Hinweis.doc.pdf
[2010.07.22 17:52:24 | 000,515,871 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\bookmarks-2010-07-22.json
[2010.07.20 11:18:36 | 000,000,658 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\CCleaner.lnk
[2010.07.17 05:00:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.07.17 05:00:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.07.17 05:00:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.07.17 02:42:29 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.07.08 20:03:59 | 000,238,352 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.07.07 19:29:24 | 000,217,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.07.07 19:29:24 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.07.07 19:29:21 | 000,217,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.07.07 19:29:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010.07.07 19:16:37 | 000,088,565 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.07.06 07:01:39 | 000,010,752 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Brief Osterm..wps
[2010.07.06 07:01:39 | 000,006,648 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\wklnhst.dat
[2010.07.05 09:55:16 | 000,001,570 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2010.07.04 22:08:57 | 000,021,348 | ---- | M] () -- C:\Dokumente und Einstellungen\***\.recently-used.xbel
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.07.28 09:49:45 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\pgtrnxzt.exe
[2010.07.22 18:24:18 | 000,045,819 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Reisekostenerstattung_Vorstellungsgespräch_mit Hinweis.doc.pdf
[2010.07.22 17:52:23 | 000,515,871 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\bookmarks-2010-07-22.json
[2010.07.22 09:32:02 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.07.22 09:31:41 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2010.07.22 09:31:31 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2010.07.22 09:31:30 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010.07.07 19:29:24 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.07.07 19:29:21 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.07.07 19:29:21 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.07.07 19:29:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2010.07.07 19:28:13 | 000,007,959 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2010.07.07 19:28:09 | 002,186,342 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010.07.06 07:01:39 | 000,010,752 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Brief Osterm..wps
[2010.07.04 22:08:57 | 000,021,348 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.recently-used.xbel
[2009.08.15 20:49:40 | 000,000,065 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.12.26 15:43:51 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008.09.14 17:04:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008.09.14 17:02:35 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2008.09.14 16:45:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2008.09.14 16:43:46 | 000,027,114 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2008.03.11 11:11:54 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll
[2007.09.24 13:05:38 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2007.09.12 13:14:14 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007.09.12 13:14:14 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2007.01.23 21:40:11 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\1114386310.sys
[2007.01.03 02:27:51 | 000,000,509 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006.12.12 01:31:24 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2006.12.02 16:37:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CatClient.INI
[2006.10.31 14:16:45 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\midas.dll
[2006.10.31 14:16:45 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll
[2006.10.23 12:55:25 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.10.23 11:14:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\CoInstaller7x.dll
[2006.10.23 11:13:03 | 000,295,018 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2006.10.17 12:28:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2006.10.17 12:19:47 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006.10.17 12:19:46 | 000,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2006.10.16 13:39:55 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.10.16 13:07:13 | 000,000,187 | ---- | C] () -- C:\WINDOWS\WISO.INI
[2006.10.10 17:08:56 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2006.10.09 14:01:38 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006.10.09 13:55:55 | 000,009,708 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006.10.09 13:55:55 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\EC23ACB85A.sys
[2006.10.09 12:42:57 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.09.29 14:24:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.09.29 14:05:58 | 000,000,941 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006.09.29 13:11:58 | 000,001,256 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.09.20 08:34:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Buhl.ini
[2005.08.05 14:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.07.01 13:14:48 | 000,000,966 | ---- | C] () -- C:\WINDOWS\System32\Generic.ini
[2005.07.01 10:38:06 | 000,000,232 | ---- | C] () -- C:\WINDOWS\SwapDrvrSP3.ini
[2005.07.01 10:37:46 | 000,000,233 | ---- | C] () -- C:\WINDOWS\SwapDrvrSP2.ini
[2004.09.28 23:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2002.03.04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
< End of report >
         

Geändert von Joe007 (29.07.2010 um 23:11 Uhr)

Alt 30.07.2010, 14:11   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Außerdem musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:
ATTFilter
:OTL
SRV - (TVTABRDZ) -- C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe File not found
SRV - (RGZES) -- C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe File not found
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\4.tmp File not found
DRV - (DMSKSSRh) -- C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys File not found
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann auf den Button Run Fixes!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 30.07.2010, 20:34   #9
Joe007
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Danke, hat geklappt, mit Neustart.

Log:
Code:
ATTFilter
All processes killed
========== OTL ==========
Service TVTABRDZ stopped successfully!
Service TVTABRDZ deleted successfully!
File  C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe File not found not found.
Service RGZES stopped successfully!
Service RGZES deleted successfully!
File  C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe File not found not found.
Service MEMSWEEP2 stopped successfully!
Service MEMSWEEP2 deleted successfully!
File  C:\WINDOWS\System32\4.tmp File not found not found.
Service DMSKSSRh stopped successfully!
Service DMSKSSRh deleted successfully!
File  C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys File not found not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 446 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 446 bytes
 
User: ***
->Temp folder emptied: 588795 bytes
->Temporary Internet Files folder emptied: 1587748 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 111835230 bytes
->Flash cache emptied: 12772 bytes
 
User: Gast
->Temp folder emptied: 587613 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 446 bytes
 
User: ***
->Temp folder emptied: 722254 bytes
->Temporary Internet Files folder emptied: 414622175 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 85371689 bytes
->Flash cache emptied: 1028 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 442502 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 4787170 bytes
 
%systemdrive% .tmp files removed: 15269892 bytes
%systemroot% .tmp files removed: 3545272 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3526790 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 613,00 mb
 
 
OTL by OldTimer - Version 3.2.9.1 log created on 07302010_212549

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
         

Alt 30.07.2010, 20:37   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 30.07.2010, 21:10   #11
Joe007
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



ComboFix ausgeführt.

Log Teil 1:
Code:
ATTFilter
ComboFix 10-07-30.01 - *** 30.07.2010  21:51:29.7.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1022.349 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\cofi.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85EC5DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86145DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86225C04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {864F4C7C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {0871AAA0-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C9F054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CD7DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CF3874-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D0426C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2CDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2D054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D3FDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4C694-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DAA404-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DAE4FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DB5DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DB8CE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DC9CE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DD5054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DE3054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DE6654-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DEACE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF5DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF896C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFA054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFA96C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFE054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0B5E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E21DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E32A6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E3FDDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E57054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E5E29C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E66A3C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E8FDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E93054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA6DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EABDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EB8DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EC1844-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ED2DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ED3824-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE5054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE6594-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE75FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE8DDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EED96C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EF0AD4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EF1814-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFDDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFE4D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFF74C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F01A7C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F054FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F074D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F0F054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F12684-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F12AAC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2798C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F37C24-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F46054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F49DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6CDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6F34C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7A664-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7C314-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FA5B64-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FAAA64-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FADDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FDAAD4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FE0DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86020A1C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8604EBD4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8608AC0C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86095A7C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8609C374-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AD1AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AF734-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860B8DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860BA054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860BEA6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C1944-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C9054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C92C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860CB054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860CD484-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D239C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D4054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D7C2C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860DA20C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860DFA44-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860E7054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860E7A74-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860EC32C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860ECC14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860F5314-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FAA8C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FB054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FDDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86104DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8610852C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86111C8C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611333C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86116DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F434-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F524-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F5A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612344C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612440C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86125054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612D054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86132054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86136DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613734C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86138054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861381A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861392AC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613C6B4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613D50C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86141054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614139C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86141794-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86143054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86144054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86144DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614D2F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614D96C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614ECBC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614F2F4-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86150054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615397C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86154A64-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615545C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86155B5C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86158DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615C2F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615D39C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615F2F4-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86163DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616427C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861643BC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616AA3C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616C39C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616D054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616D394-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616F054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86170054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861713C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86172054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86172DDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86174264-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86175054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86175B4C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8617656C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8617D054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86183DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86184DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86186804-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86188054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618A054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618D234-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618EC14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86191054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86198DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619B25C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619C2A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619E714-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A096C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A0DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A2BFC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A3DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861AE6DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861AF054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B139C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B3A6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B7DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C0324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C0B4C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C1DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C2054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C3C2C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C62CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861CB96C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861CC7CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D0CE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D2A6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D4344-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D5DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861DC42C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861DCBD4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E23DC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E49AC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E5DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E6B24-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E6DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E7B4C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E7C4C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861EA424-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861EB054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F439C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F5CBC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F8054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FB4C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FCCE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FEDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86201DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86203624-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86204DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86206854-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86206DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620796C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86208DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620A33C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620DC2C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621139C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86213DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862152F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86217C0C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86218054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621CC04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F36C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F4FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F5AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86220874-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86221324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862219A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622439C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86225A74-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622797C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86229364-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622957C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86229DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622A464-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622A6CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622D37C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622EC04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862325FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86232784-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86234054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86234C6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862376AC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623836C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86238C04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862392CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86239DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623CDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623F234-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86242464-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86243A14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86244054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862451BC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862456B4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86246284-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86246DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862491F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86249434-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624ABF4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624D45C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624D88C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624E38C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624FDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624FDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86250324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86256DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862599FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625B054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625C054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625C2AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625D34C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625D544-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625DDDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625F054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625F274-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86260DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86262B4C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86263054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86264C44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86265394-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626637C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86266DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626740C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86268C0C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86269DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626D6C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626DDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626E3EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626F61C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86270AB4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86271054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862727AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86275184-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627528C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86276DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279A6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279D8C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627C57C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627CBAC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627D3C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627D554-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627DDB4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86280314-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628161C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86281C04-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86284054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86285C04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628C5E4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628CDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628E3C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628E484-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86291D54-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862923C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86294DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629548C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86295DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86296A6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86296DDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629738C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86298A8C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86299494-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86299BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629B944-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629D62C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629DA94-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A0994-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A0DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A36AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A3DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A4274-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A4DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A5CE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A836C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A8374-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AB3DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ACDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ACDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AE51C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AFA6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B03EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B43F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B684C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B6DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B85FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BBC34-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BEA8C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BF054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BF39C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C074C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C4DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C789C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C9DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CA36C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CBDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CC284-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CC38C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CD29C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CDA74-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CE7A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CE8F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D1DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D267C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D2DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D5DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D650C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6584-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6C9C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D75FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D8434-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D866C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D868C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862DF30C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E3054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E58F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E59F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E6D8C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E8974-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E8A14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E997C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EA39C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EB87C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EBDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EC324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ECDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EDB54-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EE60C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF404-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF4F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF96C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F0DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F2544-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F2554-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F62CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F7B04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F7DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F879C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F8DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FA764-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FB4AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FEC6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FFDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86300434-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630184C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86302DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86305264-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863055F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86306AAC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630866C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86308BE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86308DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630A28C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630A96C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630DD14-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630E324-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631230C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313A7C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86314D44-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863155FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86315DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631780C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631F054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863226C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86322B9C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86322BC4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86323334-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632429C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863242AC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86324A4C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632540C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632656C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632955C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632D1D4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632D1F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632E38C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632E5BC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632F444-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86330DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86332DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86334054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863358EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86336DDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863385E4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86338DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86338DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633B054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633B24C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633CBCC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633D9E4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633DAD4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633DDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863405FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86340CA4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86340DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86343054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86343784-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634437C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634437C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344C3C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86345DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86346C44-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86347DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634894C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634C7EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634CA24-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634E594-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634F054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634FC04-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635026C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863512F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635272C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635341C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86354054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86354054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863544C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863567EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635687C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635736C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359604-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359854-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863599B4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635A054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635ACA4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635B4B4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635CB74-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635D054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635E444-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635EB24-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86361DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86362B14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86363054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636668C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86368DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636A054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636E054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86370054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863713D4-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86371DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637356C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86373D14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86373DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863744A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86377C24-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637B054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637B63C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637D1A4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637E484-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637F694-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637FDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863812FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86381CCC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86385054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863852D4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86385DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863864DC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86388054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638863C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86388DDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638ABEC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638ADDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638E2AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638E3AC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638F69C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638FC9C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863908E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639697C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863996F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86399714-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639A344-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639B58C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639CBC4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A05AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A2604-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A27FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A3904-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A4474-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A52A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A572C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A5C3C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A6054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A623C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A7054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A7DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A9BE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863AADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863AEDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B0BF4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B1C6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B3054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B4C04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B548C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B7C9C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B86DC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B9054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BACA4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BB2CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BBDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BCDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BD054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BEDB4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C463C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C671C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C935C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863CC9B4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863D5054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863DF654-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863E1054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863E13A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863ED924-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863EDDDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F0DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F2C74-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F5054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F67C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F8054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863FC054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863FD2E4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86412054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86412DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864181E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86422D9C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8642627C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86428464-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864307EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86433D0C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86438DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86444DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8644679C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864496EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8644CBCC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86451524-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864525C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8645459C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8645571C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86458054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86459054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86462054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86462054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646872C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646DCE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86470344-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86470664-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86472A94-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86476134-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8647A5FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8647F9C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864815A4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86486054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8648666C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864868CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8648DD4C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86490054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649444C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649499C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86499054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649B664-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649FDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864A6DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B1CDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B3054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B7054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B96EC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864BD054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C2DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C465C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C6A44-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C7054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D076C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D29C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D5DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D6054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864DBC74-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864DD98C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864E5054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864E5744-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EBDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EC3AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864ECDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864ECDDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EDDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F034C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F3054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F9054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864FB3DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86500054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86503054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865087C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650977C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650ABEC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650B054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650C4A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650CC9C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86511DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8651BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86542054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8654FDB4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8655EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8655F7D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86563274-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865685D4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656BBEC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656E4FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656FB04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657043C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86571DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86573314-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86573974-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86574054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657419C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86575054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657572C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657750C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865784AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86578A6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86578A6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865795D4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657A724-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657E1E4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657E7A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86581C0C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86582324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86582494-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86583504-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86584054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86584974-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658AB5C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658C424-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658C6EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86590DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86594C0C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8659D29C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865B31FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865BDBD4-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865DCDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86641BD4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667F374-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668D7EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669D22C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E7054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FFCB4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86739474-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86757DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86767054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {B9A93C84-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {F78B8540-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFDFF540-FFA4-00EF-0D24-347CA8A3377C}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system\MSINET.OCX

.
(((((((((((((((((((((((   Dateien erstellt von 2010-06-28 bis 2010-07-30  ))))))))))))))))))))))))))))))
.

2010-07-30 19:25 . 2010-07-30 19:25	--------	d-----w-	C:\_OTL
2010-07-29 09:55 . 2010-07-29 10:04	--------	d-----w-	C:\bcf8b9367cd64455d6d3bc6c9f
2010-07-29 09:54 . 2010-06-14 14:31	744448	-c----w-	c:\windows\system32\dllcache\helpsvc.exe
2010-07-29 09:38 . 2010-07-29 09:38	388096	----a-r-	c:\dokumente und einstellungen\***\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-29 08:39 . 2010-07-29 08:39	--------	d-----w-	c:\programme\Gemeinsame Dateien\Java
2010-07-29 08:38 . 2010-07-29 08:38	503808	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3815a016-n\msvcp71.dll
2010-07-29 08:38 . 2010-07-29 08:38	499712	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3815a016-n\jmc.dll
2010-07-29 08:38 . 2010-07-29 08:38	348160	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3815a016-n\msvcr71.dll
2010-07-29 08:38 . 2010-07-29 08:38	61440	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7a5c831d-n\decora-sse.dll
2010-07-29 08:38 . 2010-07-29 08:38	12800	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7a5c831d-n\decora-d3d.dll
2010-07-29 08:38 . 2010-07-17 03:00	423656	----a-w-	c:\windows\system32\deployJava1.dll
2010-07-22 17:41 . 2010-07-22 17:41	--------	d-----w-	c:\dokumente und einstellungen\gastuser\Anwendungsdaten\vlc
2010-07-22 15:48 . 2010-07-22 15:48	--------	d-----w-	c:\dokumente und einstellungen\gastuser\Lokale Einstellungen\Anwendungsdaten\Mozilla
2010-07-18 21:58 . 2010-07-18 21:58	--------	d-----r-	c:\dokumente und einstellungen\LocalService\Favoriten
2010-07-18 19:47 . 2010-07-29 12:02	--------	d-----w-	c:\windows\system32\NtmsData
2010-07-18 19:42 . 2010-07-18 19:42	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Avira
2010-07-18 19:07 . 2010-07-18 19:07	--------	d-----w-	c:\windows\system32\wbem\Repository
2010-07-18 19:06 . 2010-07-18 19:06	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Avira
2010-07-08 13:31 . 2009-11-21 15:54	471552	-c----w-	c:\windows\system32\dllcache\aclayers.dll
2010-07-08 13:31 . 2009-10-23 15:28	3558912	-c----w-	c:\windows\system32\dllcache\moviemk.exe
2010-07-08 13:30 . 2010-05-06 10:31	743424	-c----w-	c:\windows\system32\dllcache\iedvtool.dll
2010-07-08 13:29 . 2010-02-12 10:03	293376	------w-	c:\windows\system32\browserchoice.exe
2010-07-07 17:29 . 2010-07-07 17:29	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation
2010-07-07 17:29 . 2010-07-07 17:29	217180	----a-w-	c:\windows\system32\nvdrsdb0.bin
2010-07-07 17:29 . 2010-07-07 17:29	1	----a-w-	c:\windows\system32\nvdrssel.bin
2010-07-07 17:29 . 2010-07-07 17:29	217180	----a-w-	c:\windows\system32\nvdrsdb1.bin
2010-07-07 17:29 . 2010-07-07 17:30	--------	d-----w-	c:\programme\NVIDIA Corporation
2010-07-07 17:28 . 2010-06-07 23:57	61440	----a-w-	c:\windows\system32\OpenCL.dll
2010-07-07 17:28 . 2010-06-07 23:57	2632296	----a-w-	c:\windows\system32\nvcuvenc.dll
2010-07-07 17:28 . 2010-06-07 23:57	2165352	----a-w-	c:\windows\system32\nvcuvid.dll
2010-07-07 17:28 . 2010-06-07 23:57	4554752	----a-w-	c:\windows\system32\nvcuda.dll
2010-07-07 17:28 . 2010-06-07 23:57	10256384	----a-w-	c:\windows\system32\nvcompiler.dll
2010-07-07 17:28 . 2010-06-07 23:57	2186342	----a-w-	c:\windows\system32\nvdata.bin
2010-07-07 17:28 . 2010-07-07 17:28	--------	d-----w-	C:\NVIDIA

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-30 19:30 . 2006-12-03 18:11	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\OpenOffice.org2
2010-07-29 09:04 . 2007-11-05 07:05	188152	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\FlashGot.exe
2010-07-29 08:38 . 2009-11-13 22:26	--------	d-----w-	c:\programme\Java
2010-07-27 07:17 . 2006-03-24 12:00	82866	----a-w-	c:\windows\system32\perfc007.dat
2010-07-27 07:17 . 2006-03-24 12:00	453824	----a-w-	c:\windows\system32\perfh007.dat
2010-07-24 16:40 . 2006-12-15 22:18	--------	d-----w-	c:\programme\Trillian
2010-07-24 08:32 . 2007-10-22 06:15	1	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2010-07-23 18:44 . 2010-06-16 09:27	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\FileZilla
2010-07-22 16:30 . 2006-10-09 11:55	--------	d-----w-	c:\programme\Google
2010-07-21 22:04 . 2008-03-11 09:13	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\BOM
2010-07-21 21:26 . 2008-03-11 09:11	--------	d-----w-	c:\programme\Biet-O-Matic
2010-07-20 09:29 . 2009-08-09 12:30	--------	d-----w-	c:\programme\Trend Micro
2010-07-20 09:18 . 2009-11-13 11:50	--------	d-----w-	c:\programme\CCleaner
2010-07-18 19:02 . 2009-09-02 08:10	--------	d-----w-	c:\programme\Avira
2010-07-13 22:25 . 2007-01-23 17:40	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Free Download Manager
2010-07-06 05:01 . 2006-12-02 14:21	6648	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\wklnhst.dat
2010-06-16 09:27 . 2010-06-16 09:27	--------	d-----w-	c:\programme\FileZilla FTP Client
2010-06-15 22:29 . 2009-09-07 08:21	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\gtk-2.0
2010-06-14 14:31 . 2006-09-29 11:34	744448	----a-w-	c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-12 07:28 . 2010-06-12 07:14	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\TmForever
2010-06-12 07:12 . 2010-06-12 07:10	--------	d-----w-	c:\programme\TmNationsForever
2010-06-07 23:57 . 2006-10-16 10:21	600680	----a-w-	c:\windows\system32\nvudisp.exe
2010-06-07 23:57 . 2006-10-13 15:05	15192064	----a-w-	c:\windows\system32\nvoglnt.dll
2010-06-07 23:57 . 2006-10-13 15:05	232040	----a-w-	c:\windows\system32\nvcodins.dll
2010-06-07 23:57 . 2006-10-13 15:05	232040	----a-w-	c:\windows\system32\nvcod.dll
2010-06-07 23:57 . 2006-10-13 15:05	1359872	----a-w-	c:\windows\system32\nvapi.dll
2010-06-07 23:57 . 2006-10-13 15:05	10531200	----a-w-	c:\windows\system32\drivers\nv4_mini.sys
2010-06-07 23:57 . 2006-10-13 15:05	6300544	----a-w-	c:\windows\system32\nv4_disp.dll
2010-06-02 20:37 . 2007-07-21 11:29	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\dvdcss
2010-05-28 10:58 . 2006-10-16 10:21	600680	----a-w-	c:\windows\system32\NVUNINST.EXE
2010-05-19 11:10 . 2009-08-08 20:19	15880	----a-w-	c:\windows\system32\lsdelete.exe
2010-05-06 10:31 . 2006-03-24 12:00	916480	----a-w-	c:\windows\system32\wininet.dll
2010-05-02 08:05 . 2006-03-24 12:00	1851392	----a-w-	c:\windows\system32\win32k.sys
2002-03-11 08:06 . 2002-03-11 08:06	1822520	----a-w-	c:\programme\instmsiw.exe
2002-03-11 07:45 . 2002-03-11 07:45	1708856	----a-w-	c:\programme\instmsia.exe
2007-01-23 19:40 . 2007-01-23 19:40	56	--sh--r-	c:\windows\system32\1114386310.sys
2006-10-09 11:55 . 2006-10-09 11:55	8	--sh--r-	c:\windows\system32\EC23ACB85A.sys
2007-01-23 19:40 . 2006-10-09 11:55	9708	--sha-w-	c:\windows\system32\KGyGaAvL.sys
.
         

Alt 30.07.2010, 21:10   #12
Joe007
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Log Teil 2:

Code:
ATTFilter
(((((((((((((((((((((((((((((   SnapShot_2009-11-22_08.35.55   )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 01:19 . 2007-11-07 01:19	54272              c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
- 2007-11-07 00:19 . 2007-11-07 00:19	54272              c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	62976              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	62976              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	46080              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	46080              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	46592              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	46592              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	64512              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	64512              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	66048              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	66048              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	56832              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	56832              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	66560              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	66560              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	39936              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	39936              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	38912              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	38912              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
- 2008-07-29 04:07 . 2008-07-29 04:07	59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07	59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07	59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
- 2008-07-29 04:07 . 2008-07-29 04:07	59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2010-07-30 19:27 . 2010-07-30 19:27	16384              c:\windows\Temp\Perflib_Perfdata_63c.dat
+ 2010-06-12 07:13 . 2005-12-05 16:07	61136              c:\windows\system32\xinput9_1_0.dll
+ 2010-06-12 07:13 . 2006-03-31 10:39	62672              c:\windows\system32\xinput1_1.dll
+ 2010-06-12 07:13 . 2006-02-03 06:41	14032              c:\windows\system32\x3daudio1_0.dll
- 2007-01-29 08:58 . 2009-07-14 11:03	46080              c:\windows\system32\tzchange.exe
+ 2007-01-29 08:58 . 2010-04-21 13:28	46080              c:\windows\system32\tzchange.exe
+ 2006-03-24 12:00 . 2009-10-21 05:38	75776              c:\windows\system32\strmfilt.dll
- 2006-03-24 12:00 . 2008-04-14 02:22	75776              c:\windows\system32\strmfilt.dll
+ 2010-07-07 17:29 . 2006-10-06 14:38	81920              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvwddi.dll
+ 2010-07-07 17:29 . 2006-10-06 14:38	86016              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvmctray.dll
+ 2010-07-07 17:29 . 2006-10-06 14:38	35840              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcod.dll
+ 2006-03-24 12:00 . 2009-10-12 13:38	79872              c:\windows\system32\raschap.dll
- 2006-03-24 12:00 . 2008-04-14 02:22	79872              c:\windows\system32\raschap.dll
+ 2010-03-30 22:16 . 2010-03-30 22:16	99176              c:\windows\system32\PresentationHostProxy.dll
- 2006-03-24 12:00 . 2009-11-19 18:55	69636              c:\windows\system32\perfc009.dat
+ 2006-03-24 12:00 . 2010-07-27 07:17	69636              c:\windows\system32\perfc009.dat
- 2006-10-13 15:05 . 2006-10-06 14:38	81920              c:\windows\system32\nvwddi.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	81920              c:\windows\system32\nvwddi.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	49488              c:\windows\system32\netfxperf.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	11600              c:\windows\system32\mui\0409\mscorees.dll
+ 2004-08-04 00:57 . 2009-11-27 17:11	17920              c:\windows\system32\msyuv.dll
+ 2006-03-24 12:00 . 2009-11-27 16:08	28672              c:\windows\system32\msvidc32.dll
+ 2006-03-24 12:00 . 2009-11-27 16:08	11264              c:\windows\system32\msrle32.dll
- 2006-03-24 12:00 . 2008-04-14 02:22	11264              c:\windows\system32\msrle32.dll
+ 2006-11-07 20:03 . 2010-05-06 10:31	55296              c:\windows\system32\msfeedsbs.dll
- 2006-11-07 20:03 . 2009-08-29 07:54	55296              c:\windows\system32\msfeedsbs.dll
- 2006-03-24 12:00 . 2009-08-29 07:54	25600              c:\windows\system32\jsproxy.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	25600              c:\windows\system32\jsproxy.dll
+ 2004-08-04 00:57 . 2009-11-27 16:08	48128              c:\windows\system32\iyuv_32.dll
+ 2006-03-24 12:00 . 2009-10-21 05:38	25088              c:\windows\system32\httpapi.dll
+ 2006-03-24 12:00 . 2009-10-15 16:28	81920              c:\windows\system32\fontsub.dll
- 2006-03-24 12:00 . 2009-06-16 14:36	81920              c:\windows\system32\fontsub.dll
- 2009-09-02 08:10 . 2009-05-11 08:12	28520              c:\windows\system32\drivers\ssmdrv.sys
+ 2009-09-02 08:10 . 2009-05-11 08:12	28520              c:\windows\system32\drivers\ssmdrv.sys
+ 2009-08-14 13:34 . 2010-04-29 13:39	38224              c:\windows\system32\drivers\mbamswissarmy.sys
- 2009-08-14 13:34 . 2009-09-10 13:54	38224              c:\windows\system32\drivers\mbamswissarmy.sys
+ 2009-08-14 13:34 . 2010-04-29 13:39	20952              c:\windows\system32\drivers\mbam.sys
+ 2009-09-02 08:10 . 2009-05-11 10:49	17016              c:\windows\system32\drivers\avgntmgr.sys
+ 2009-09-02 08:10 . 2010-02-16 12:24	60936              c:\windows\system32\drivers\avgntflt.sys
+ 2009-09-02 08:10 . 2009-05-11 10:49	51992              c:\windows\system32\drivers\avgntdd.sys
- 2009-11-19 10:54 . 2009-08-29 07:54	12800              c:\windows\system32\dllcache\xpshims.dll
+ 2009-11-19 10:54 . 2010-05-06 10:31	12800              c:\windows\system32\dllcache\xpshims.dll
+ 2009-10-21 05:38 . 2009-10-21 05:38	75776              c:\windows\system32\dllcache\strmfilt.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38	79872              c:\windows\system32\dllcache\raschap.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11	17920              c:\windows\system32\dllcache\msyuv.dll
+ 2006-03-24 12:00 . 2009-11-27 16:08	28672              c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08	11264              c:\windows\system32\dllcache\msrle32.dll
- 2007-05-09 07:29 . 2009-08-29 07:54	55296              c:\windows\system32\dllcache\msfeedsbs.dll
+ 2007-05-09 07:29 . 2010-05-06 10:31	55296              c:\windows\system32\dllcache\msfeedsbs.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	25600              c:\windows\system32\dllcache\jsproxy.dll
- 2006-03-24 12:00 . 2009-08-29 07:54	25600              c:\windows\system32\dllcache\jsproxy.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08	48128              c:\windows\system32\dllcache\iyuv_32.dll
+ 2009-10-21 05:38 . 2009-10-21 05:38	25088              c:\windows\system32\dllcache\httpapi.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28	81920              c:\windows\system32\dllcache\fontsub.dll
- 2009-06-16 14:36 . 2009-06-16 14:36	81920              c:\windows\system32\dllcache\fontsub.dll
+ 2009-12-14 07:08 . 2009-12-14 07:08	33280              c:\windows\system32\dllcache\csrsrv.dll
+ 2010-01-13 14:00 . 2010-01-13 14:00	86528              c:\windows\system32\dllcache\cabview.dll
+ 2009-06-10 14:13 . 2009-11-27 16:08	85504              c:\windows\system32\dllcache\avifil32.dll
- 2009-06-10 14:13 . 2009-06-10 14:13	85504              c:\windows\system32\dllcache\avifil32.dll
+ 2010-03-05 14:37 . 2010-03-05 14:37	65536              c:\windows\system32\dllcache\asycfilt.dll
+ 2006-03-24 12:00 . 2009-12-14 07:08	33280              c:\windows\system32\csrsrv.dll
+ 2006-11-29 16:30 . 2010-07-28 15:03	32768              c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat
- 2006-11-29 16:30 . 2009-11-21 07:01	32768              c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat
- 2006-11-29 16:30 . 2009-11-21 07:01	16384              c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-05-19 11:08 . 2010-07-28 15:03	16384              c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2006-03-24 12:00 . 2010-01-13 14:00	86528              c:\windows\system32\cabview.dll
- 2006-03-24 12:00 . 2009-06-10 14:13	85504              c:\windows\system32\avifil32.dll
+ 2006-03-24 12:00 . 2009-11-27 16:08	85504              c:\windows\system32\avifil32.dll
+ 2006-03-24 12:00 . 2010-03-05 14:37	65536              c:\windows\system32\asycfilt.dll
- 2008-07-29 18:16 . 2008-07-29 18:16	32768              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48	32768              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13648              c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2010-03-23 03:31 . 2010-03-23 03:31	30544              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-04-01 09:42 . 2010-04-01 09:42	81920              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2008-05-27 22:49 . 2008-05-27 22:49	77824              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51	77824              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51	86016              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2008-05-27 22:49 . 2008-05-27 22:49	86016              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2008-05-27 22:49 . 2008-05-27 22:49	81920              c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51	81920              c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-03-31 13:32 . 2010-03-31 13:32	32768              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2008-05-27 23:30 . 2008-05-27 23:30	32768              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-03-31 13:32 . 2010-03-31 13:32	24576              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2003-02-20 17:19 . 2003-02-20 17:19	24576              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2006-09-29 11:32 . 2010-02-09 16:22	81920              c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Security.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13648              c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13648              c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13648              c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13648              c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13664              c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13688              c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13664              c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13696              c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13656              c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13656              c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13656              c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13672              c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	13664              c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	86864              c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2010-06-12 07:13 . 2005-03-18 14:23	12800              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2010-06-12 07:13 . 2005-03-18 14:23	53248              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-04-15 08:14 . 2010-04-15 08:14	22528              c:\windows\Installer\434208.msi
+ 2010-07-08 13:36 . 2010-07-08 13:36	32768              c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2010-04-15 08:16 . 2010-04-15 08:16	25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-04-15 08:16 . 2010-04-15 08:16	25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-04-15 08:16 . 2010-04-15 08:16	25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-04-15 08:16 . 2010-04-15 08:16	25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-04-15 08:16 . 2010-04-15 08:16	25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-04-15 08:16 . 2010-04-15 08:16	25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-04-15 08:16 . 2010-04-15 08:16	25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\ARPPRODUCTICON.exe
+ 2010-07-08 13:55 . 2009-08-29 07:54	12800              c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-07-08 13:55 . 2009-08-29 07:54	55296              c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-07-08 13:55 . 2009-08-29 07:54	25600              c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2009-11-27 17:11 . 2009-11-27 17:11	17920              c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08	48128              c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	90112              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_afad9ea9\System.Drawing.Design.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	61440              c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_f86b29aa\CustomMarshalers.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	60928              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ea1b4fbde0e772748c6ac42d627cf684\UIAutomationProvider.ni.dll
+ 2010-07-08 14:03 . 2010-07-08 14:03	37888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\f46915dfc57bc7e49c5402e9b8f7ec18\System.Windows.Presentation.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	36864              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1464c662c302ea6372a885161b983732\System.Web.DynamicData.Design.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	94208              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-07-08 14:00 . 2010-07-08 14:00	47104              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe
+ 2010-07-08 13:59 . 2010-07-08 13:59	39424              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\0375dfa28e2f6ef7e89df9edede4b83d\PresentationCFFRasterizer.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	55296              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\4a52287444c36c89310856b38ff52fe0\Microsoft.Vsa.ni.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-07-08 13:42 . 2010-07-08 13:42	32768              c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2009-11-19 11:10 . 2009-11-19 11:10	32768              c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	81920              c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-07-08 14:02 . 2010-07-08 14:02	81920              c:\windows\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	12800              c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	53248              c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2001-08-18 04:54 . 2009-11-27 16:08	8704              c:\windows\system32\tsbyuv.dll
+ 2001-08-18 04:54 . 2009-11-27 16:08	8704              c:\windows\system32\dllcache\tsbyuv.dll
+ 2009-11-27 16:08 . 2009-11-27 16:08	8704              c:\windows\Driver Cache\i386\tsbyuv.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-11-19 18:55 . 2009-11-19 18:55	6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	655872              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	655872              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	572928              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	572928              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 02:54 . 2008-07-29 02:54	225280              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
- 2008-07-29 01:54 . 2008-07-29 01:54	225280              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	161784              c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	161784              c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2010-06-12 07:13 . 2006-05-31 05:24	230168              c:\windows\system32\xactengine2_2.dll
+ 2010-06-12 07:13 . 2006-03-31 10:39	229584              c:\windows\system32\xactengine2_1.dll
+ 2010-06-12 07:13 . 2006-02-03 06:42	230096              c:\windows\system32\xactengine2_0.dll
+ 2006-03-24 12:00 . 2009-12-24 06:59	177664              c:\windows\system32\wintrust.dll
+ 2006-03-24 12:00 . 2009-08-25 09:17	354816              c:\windows\system32\winhttp.dll
+ 2006-03-24 12:00 . 2010-03-10 06:15	420352              c:\windows\system32\vbscript.dll
- 2006-03-24 12:00 . 2009-03-08 03:33	420352              c:\windows\system32\vbscript.dll
- 2006-03-24 12:00 . 2009-06-16 14:36	119808              c:\windows\system32\t2embed.dll
+ 2006-03-24 12:00 . 2009-10-15 16:28	119808              c:\windows\system32\t2embed.dll
- 2006-03-24 12:00 . 2008-04-14 02:22	474624              c:\windows\system32\shlwapi.dll
+ 2006-03-24 12:00 . 2009-12-08 09:23	474624              c:\windows\system32\shlwapi.dll
+ 2010-07-07 17:29 . 2006-10-06 14:38	159810              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvsvc32.exe
+ 2010-07-07 17:29 . 2006-10-06 14:38	212992              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvapi.dll
+ 2006-03-24 12:00 . 2009-10-12 13:38	150528              c:\windows\system32\rastls.dll
+ 2010-03-30 22:10 . 2010-03-30 22:10	295264              c:\windows\system32\PresentationHost.exe
- 2006-03-24 12:00 . 2009-11-19 18:55	436316              c:\windows\system32\perfh009.dat
+ 2006-03-24 12:00 . 2010-07-27 07:17	436316              c:\windows\system32\perfh009.dat
- 2006-03-24 12:00 . 2009-08-29 07:54	206848              c:\windows\system32\occache.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	206848              c:\windows\system32\occache.dll
+ 2006-03-24 12:00 . 2009-10-13 10:32	271360              c:\windows\system32\oakley.dll
- 2006-03-24 12:00 . 2008-04-14 02:22	271360              c:\windows\system32\oakley.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	154728              c:\windows\system32\nvsvc32.exe
+ 2010-06-07 15:35 . 2010-06-07 15:35	126976              c:\windows\system32\nvrszht.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	229376              c:\windows\system32\nvrszhc.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	258048              c:\windows\system32\nvrstr.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	253952              c:\windows\system32\nvrsth.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	253952              c:\windows\system32\nvrssv.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	258048              c:\windows\system32\nvrssl.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	258048              c:\windows\system32\nvrssk.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	270336              c:\windows\system32\nvrsru.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	270336              c:\windows\system32\nvrsptb.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	274432              c:\windows\system32\nvrspt.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	258048              c:\windows\system32\nvrspl.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	253952              c:\windows\system32\nvrsno.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	274432              c:\windows\system32\nvrsnl.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	266240              c:\windows\system32\nvrsko.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	270336              c:\windows\system32\nvrsja.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	282624              c:\windows\system32\nvrsit.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	262144              c:\windows\system32\nvrshu.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	331776              c:\windows\system32\nvrshe.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	286720              c:\windows\system32\nvrsfr.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	249856              c:\windows\system32\nvrsfi.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	274432              c:\windows\system32\nvrsesm.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	282624              c:\windows\system32\nvrses.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	249856              c:\windows\system32\nvrseng.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	282624              c:\windows\system32\nvrsel.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	278528              c:\windows\system32\nvrsde.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	253952              c:\windows\system32\nvrsda.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	249856              c:\windows\system32\nvrscs.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	335872              c:\windows\system32\nvrsar.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	110696              c:\windows\system32\nvmctray.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	277608              c:\windows\system32\nvmccs.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	145000              c:\windows\system32\nvcolor.exe
- 2006-03-24 12:00 . 2009-03-08 03:32	611840              c:\windows\system32\mstime.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	611840              c:\windows\system32\mstime.dll
- 2006-09-29 11:30 . 2008-04-14 02:22	346624              c:\windows\system32\mspaint.exe
+ 2006-09-29 11:30 . 2009-12-17 07:40	346624              c:\windows\system32\mspaint.exe
+ 2006-11-07 20:03 . 2010-05-06 10:31	599040              c:\windows\system32\msfeeds.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07	297808              c:\windows\system32\mscoree.dll
+ 2010-06-16 07:38 . 2010-06-16 07:38	231888              c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe
- 2006-03-24 12:00 . 2009-06-22 06:45	726528              c:\windows\system32\jscript.dll
+ 2006-03-24 12:00 . 2009-12-09 05:53	726528              c:\windows\system32\jscript.dll
+ 2010-07-29 08:38 . 2010-07-17 03:00	153376              c:\windows\system32\javaws.exe
- 2009-11-13 22:27 . 2009-11-13 22:26	145184              c:\windows\system32\javaw.exe
+ 2010-07-29 08:38 . 2010-07-17 03:00	145184              c:\windows\system32\javaw.exe
- 2009-11-13 22:27 . 2009-11-13 22:26	145184              c:\windows\system32\java.exe
+ 2010-07-29 08:38 . 2010-07-17 03:00	145184              c:\windows\system32\java.exe
+ 2006-09-29 11:34 . 2010-01-29 14:59	691712              c:\windows\system32\inetcomm.dll
- 2006-09-29 11:34 . 2008-04-11 19:04	691712              c:\windows\system32\inetcomm.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	184320              c:\windows\system32\iepeers.dll
- 2006-03-24 12:00 . 2009-08-29 07:54	184320              c:\windows\system32\iepeers.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	387584              c:\windows\system32\iedkcs32.dll
- 2006-03-24 12:00 . 2009-08-29 07:54	387584              c:\windows\system32\iedkcs32.dll
+ 2006-03-24 12:00 . 2010-05-05 13:30	173056              c:\windows\system32\ie4uinit.exe
- 2006-03-24 12:00 . 2009-08-28 10:35	173056              c:\windows\system32\ie4uinit.exe
+ 2006-09-29 12:23 . 2010-07-08 18:03	238352              c:\windows\system32\FNTCACHE.DAT
+ 2006-03-24 12:00 . 2010-02-11 12:02	226880              c:\windows\system32\drivers\tcpip6.sys
+ 2006-03-24 12:00 . 2009-12-31 16:50	353792              c:\windows\system32\drivers\srv.sys
+ 2006-03-24 12:00 . 2010-02-24 13:11	455680              c:\windows\system32\drivers\mrxsmb.sys
+ 2006-03-24 12:00 . 2009-10-20 16:20	265728              c:\windows\system32\drivers\http.sys
+ 2009-09-02 08:10 . 2010-03-01 08:05	124784              c:\windows\system32\drivers\avipbb.sys
+ 2009-12-24 06:59 . 2009-12-24 06:59	177664              c:\windows\system32\dllcache\wintrust.dll
- 2006-03-24 12:00 . 2009-08-29 07:54	916480              c:\windows\system32\dllcache\wininet.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	916480              c:\windows\system32\dllcache\wininet.dll
+ 2008-12-16 12:30 . 2009-08-25 09:17	354816              c:\windows\system32\dllcache\winhttp.dll
+ 2008-05-09 10:54 . 2010-03-10 06:15	420352              c:\windows\system32\dllcache\vbscript.dll
- 2008-05-09 10:54 . 2009-03-08 03:33	420352              c:\windows\system32\dllcache\vbscript.dll
+ 2008-06-20 11:08 . 2010-02-11 12:02	226880              c:\windows\system32\dllcache\tcpip6.sys
- 2009-06-16 14:36 . 2009-06-16 14:36	119808              c:\windows\system32\dllcache\t2embed.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28	119808              c:\windows\system32\dllcache\t2embed.dll
+ 2008-10-16 07:07 . 2009-12-31 16:50	353792              c:\windows\system32\dllcache\srv.sys
+ 2009-01-07 17:20 . 2009-12-08 09:23	474624              c:\windows\system32\dllcache\shlwapi.dll
- 2009-01-07 17:20 . 2009-01-07 17:20	474624              c:\windows\system32\dllcache\shlwapi.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38	150528              c:\windows\system32\dllcache\rastls.dll
- 2006-03-24 12:00 . 2009-08-29 07:54	206848              c:\windows\system32\dllcache\occache.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	206848              c:\windows\system32\dllcache\occache.dll
+ 2009-10-13 10:32 . 2009-10-13 10:32	271360              c:\windows\system32\dllcache\oakley.dll
- 2006-03-24 12:00 . 2009-03-08 03:32	611840              c:\windows\system32\dllcache\mstime.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	611840              c:\windows\system32\dllcache\mstime.dll
+ 2009-12-17 07:40 . 2009-12-17 07:40	346624              c:\windows\system32\dllcache\mspaint.exe
+ 2007-05-09 07:29 . 2010-05-06 10:31	599040              c:\windows\system32\dllcache\msfeeds.dll
+ 2008-11-12 21:54 . 2010-02-24 13:11	455680              c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-05-09 10:54 . 2009-12-09 05:53	726528              c:\windows\system32\dllcache\jscript.dll
- 2008-05-09 10:54 . 2009-06-22 06:45	726528              c:\windows\system32\dllcache\jscript.dll
+ 2008-08-16 07:31 . 2010-01-29 14:59	691712              c:\windows\system32\dllcache\inetcomm.dll
- 2008-08-16 07:31 . 2008-04-11 19:04	691712              c:\windows\system32\dllcache\inetcomm.dll
+ 2009-11-19 10:54 . 2010-05-06 10:31	247808              c:\windows\system32\dllcache\ieproxy.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	184320              c:\windows\system32\dllcache\iepeers.dll
- 2006-03-24 12:00 . 2009-08-29 07:54	184320              c:\windows\system32\dllcache\iepeers.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	387584              c:\windows\system32\dllcache\iedkcs32.dll
- 2006-03-24 12:00 . 2009-08-29 07:54	387584              c:\windows\system32\dllcache\iedkcs32.dll
+ 2006-03-24 12:00 . 2010-05-05 13:30	173056              c:\windows\system32\dllcache\ie4uinit.exe
- 2006-03-24 12:00 . 2009-08-28 10:35	173056              c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-10-20 16:20 . 2009-10-20 16:20	265728              c:\windows\system32\dllcache\http.sys
+ 2010-04-20 05:29 . 2010-04-20 05:29	285696              c:\windows\system32\dllcache\atmfd.dll
+ 2010-02-12 04:33 . 2010-02-12 04:33	100864              c:\windows\system32\dllcache\6to4svc.dll
+ 2006-03-24 12:00 . 2010-04-20 05:29	285696              c:\windows\system32\atmfd.dll
- 2006-03-24 12:00 . 2008-04-14 02:20	285696              c:\windows\system32\atmfd.dll
+ 2006-03-24 12:00 . 2010-02-12 04:33	100864              c:\windows\system32\6to4svc.dll
+ 2010-03-30 22:16 . 2010-03-30 22:16	130408              c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48	970752              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-29 18:16 . 2008-07-29 18:16	110592              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48	110592              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-03-23 03:31 . 2010-03-23 03:31	435024              c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2008-07-25 10:17 . 2008-07-25 10:17	258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-02-09 10:22 . 2010-02-09 10:22	258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-05-27 22:49 . 2008-05-27 22:49	102400              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51	102400              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2008-05-27 22:48 . 2008-05-27 22:48	315392              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2010-03-31 12:49 . 2010-03-31 12:49	315392              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2008-05-27 23:30 . 2008-05-27 23:30	258048              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-03-31 13:32 . 2010-03-31 13:32	258048              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-06-12 07:13 . 2006-03-31 09:27	578560              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2006-02-03 05:40	578560              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2005-12-05 15:20	577536              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2005-09-28 12:11	577536              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2005-07-22 15:21	577024              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2005-05-26 13:15	576000              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2005-03-18 15:23	567296              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2005-02-05 17:32	563712              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2005-03-18 14:23	223232              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2010-06-12 07:13 . 2005-03-18 14:23	178176              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2010-06-12 07:13 . 2005-03-18 14:23	364544              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2010-06-12 07:13 . 2005-03-18 14:23	159232              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2010-06-12 07:13 . 2005-03-18 14:23	145920              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2010-06-12 07:13 . 2005-03-18 14:23	473600              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2010-02-24 22:14 . 2010-02-24 22:14	543232              c:\windows\Installer\b8b66.msp
+ 2010-07-08 13:36 . 2010-07-08 13:36	429568              c:\windows\Installer\b8b5a.msi
+ 2010-07-29 08:39 . 2010-07-29 08:39	180224              c:\windows\Installer\308b4d.msi
+ 2010-07-08 13:55 . 2009-08-29 07:54	916480              c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-07-08 13:55 . 2010-02-22 14:22	388984              c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-07-08 13:55 . 2008-07-08 13:00	234872              c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-07-08 13:55 . 2009-08-29 07:54	206848              c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-07-08 13:55 . 2009-03-08 03:32	611840              c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-07-08 13:55 . 2009-08-29 07:54	594432              c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-07-08 13:55 . 2009-08-29 07:54	246272              c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-07-08 13:55 . 2009-08-29 07:54	184320              c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-07-08 13:55 . 2009-03-08 03:35	742912              c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-07-08 13:55 . 2009-08-29 07:54	387584              c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-07-08 13:55 . 2009-08-28 10:35	173056              c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-07-08 13:45 . 2009-03-08 03:33	420352              c:\windows\ie8updates\KB981332-IE8\vbscript.dll
+ 2010-07-08 13:45 . 2009-05-26 11:40	388984              c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2010-07-08 13:45 . 2009-05-26 11:40	234872              c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2010-07-08 14:03 . 2008-07-08 13:00	388984              c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-07-08 14:03 . 2008-07-08 13:00	234872              c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-07-08 14:03 . 2009-06-22 06:45	726528              c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2008-11-12 21:54 . 2010-02-24 13:11	455680              c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-10-20 16:20 . 2009-10-20 16:20	265728              c:\windows\Driver Cache\i386\http.sys
+ 2010-07-08 14:02 . 2010-07-08 14:02	835584              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b7482fc9\System.Drawing.dll
+ 2010-07-08 14:02 . 2010-07-08 14:02	192512              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_69663f97\System.Drawing.Design.dll
+ 2010-07-08 14:02 . 2010-07-08 14:02	118784              c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_30ce2e99\CustomMarshalers.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	321536              c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe
+ 2010-07-08 14:01 . 2010-07-08 14:01	240128              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b3a9fac9aea3ad913781fafbdcbb0cae\WindowsFormsIntegration.ni.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	447488              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\4131a3627fec69291dbaed236f30dc65\UIAutomationClient.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	400896              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\747e84d81d1de2041661f0f71b04734a\System.Xml.Linq.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	129536              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	202240              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	859648              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e8ef769b3e899e62b26daadee50b97ed\System.Web.Extensions.Design.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	328704              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	301056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ad04fe1182e55e7c01066b62a4bee6b5\System.Web.Entity.Design.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	547328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	627200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	679936              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	311296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	621056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\f90965b9d9a6a6604c9a66f57c37c026\System.Net.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	998400              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	330752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e6bd59fec415e273c173170c6508180a\System.Management.Instrumentation.ni.dll
+ 2010-07-08 13:47 . 2010-07-08 13:47	381440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e3eb86170cba4c80e6e22ca33c63c218\System.IO.Log.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cfa48936affc9a5fb89f0bf66cc52a47\System.IdentityModel.Selectors.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	280064              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.Wrapper.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	627712              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.ni.dll
+ 2010-07-08 13:45 . 2010-07-08 13:45	208384              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\aeba6820f20655dec7fe0fe05aaeb818\System.Drawing.Design.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	455680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9ef70079beca3a9982a3aa76ebc0ddd8\System.DirectoryServices.Protocols.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	881152              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\277619716d9136216065bea970365c65\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	939008              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\90b67e13866b176ae6cbdb23144f724d\System.Data.Services.Client.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	354816              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\131a477d41a8669b15696128b94c2636\System.Data.Services.Design.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	756736              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\d4990681ce373d81a52b231ee4c4afea\System.Data.Entity.Design.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	135680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\9e9d66a3a0e16fceead505c25af569eb\System.Data.DataSetExtensions.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	971264              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\39e4f9a276fb12125d8a1444d8b65a84\System.Configuration.Install.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	633856              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\849916c5cb3ff7763d15a3976766c2f6\System.AddIn.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	366080              c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\f38a426b90e6c526dcb2c435c7380450\SMSvcHost.ni.exe
+ 2010-07-08 13:48 . 2010-07-08 13:48	256000              c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6cabc7d1700c224e8b41ff2f96a3087c\SMDiagnostics.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	320512              c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5c8f5ca36498f43980d64820d8186c8a\ServiceModelReg.ni.exe
+ 2010-07-08 14:00 . 2010-07-08 14:00	368128              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a10c2c7e38291c3ada631ad13e762818\PresentationFramework.Aero.ni.dll
+ 2010-07-08 14:00 . 2010-07-08 14:00	539648              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7579c76fa81eb309d3170b62467be58d\PresentationFramework.Luna.ni.dll
+ 2010-07-08 14:00 . 2010-07-08 14:00	224768              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bef0992fb684e71dbfab5c0a99316af\PresentationFramework.Classic.ni.dll
+ 2010-07-08 14:00 . 2010-07-08 14:00	258048              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2f6687d394813d760496f60acf046384\PresentationFramework.Royale.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	133632              c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7700963610c1af364aa934c3c824b7b4\MSBuild.ni.exe
+ 2010-07-08 13:48 . 2010-07-08 13:48	386560              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c74d4c69c49992dfb23ba512081dc3de\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	144384              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a6a9f24b1a8984eaafbabb1ee968e359\Microsoft.Build.Utilities.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	175104              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\2fa81d363cb1496be2427d848a867409\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	839680              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c4c360df9c1024ebc3f0de77f5cf8b1c\Microsoft.Build.Engine.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	222720              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c9386dcd89c2518a74115f3bfd861830\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-07-08 13:47 . 2010-07-08 13:47	410112              c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\abb62e3ed74c974f0282bc7ea5d3f1c1\ComSvcConfig.ni.exe
+ 2010-07-08 13:48 . 2010-07-08 13:48	842240              c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\6d34f00b6a782d15bec70d6cdb00b5e8\AspNetMMCExt.ni.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-07-08 13:42 . 2010-07-08 13:42	970752              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-07-08 13:42 . 2010-07-08 13:42	438272              c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-07-08 13:42 . 2010-07-08 13:42	110592              c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-11-19 11:10 . 2009-11-19 11:10	110592              c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	223232              c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	178176              c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	364544              c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	159232              c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	145920              c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	577024              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	576000              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	567296              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	563712              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	473600              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2006-03-24 12:00 . 2009-11-21 15:54	471552              c:\windows\AppPatch\aclayers.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	3783672              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	3783672              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
- 2008-07-29 06:05 . 2008-07-29 06:05	3768312              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05	3768312              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2009-07-20 22:03 . 2009-07-20 22:03	1348432              c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2006-03-24 12:00 . 2010-04-03 02:27	2334720              c:\windows\system32\WMVCore.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	1209344              c:\windows\system32\urlmon.dll
+ 2007-02-16 08:03 . 2010-07-18 19:07	1072116              c:\windows\system32\Restore\rstrlog.dat
+ 2010-07-07 17:29 . 2006-10-06 14:38	5644288              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvoglnt.dll
+ 2010-07-07 17:29 . 2006-10-06 14:38	7700480              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcpl.dll
+ 2010-07-07 17:29 . 2006-10-06 14:38	3992608              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nv4_mini.sys
+ 2010-07-07 17:29 . 2006-10-06 14:38	4526592              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nv4_disp.dll
+ 2006-03-24 12:00 . 2010-02-05 18:25	1297408              c:\windows\system32\quartz.dll
+ 2006-03-24 12:00 . 2010-02-16 19:04	2148864              c:\windows\system32\ntoskrnl.exe
+ 2004-08-04 00:50 . 2010-02-16 19:04	2027008              c:\windows\system32\ntkrnlpa.exe
+ 2008-09-18 22:04 . 2009-07-31 08:02	1372672              c:\windows\system32\msxml6.dll
+ 2009-07-20 22:05 . 2009-07-20 22:05	1348432              c:\windows\system32\msxml4.dll
+ 2006-03-24 12:00 . 2009-07-31 04:32	1172480              c:\windows\system32\msxml3.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	5950976              c:\windows\system32\mshtml.dll
+ 2010-01-27 01:07 . 2010-06-16 07:38	5612496              c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2006-10-17 10:57 . 2010-05-06 10:31	1985536              c:\windows\system32\iertutil.dll
- 2006-10-17 10:57 . 2009-08-29 07:54	1985536              c:\windows\system32\iertutil.dll
+ 2006-03-24 12:00 . 2010-04-03 02:27	2334720              c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-16 07:07 . 2010-05-02 08:05	1851392              c:\windows\system32\dllcache\win32k.sys
+ 2006-03-24 12:00 . 2010-05-06 10:31	1209344              c:\windows\system32\dllcache\urlmon.dll
+ 2008-05-07 05:10 . 2010-02-05 18:25	1297408              c:\windows\system32\dllcache\quartz.dll
+ 2008-10-16 07:07 . 2010-02-17 12:04	2192256              c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-16 07:07 . 2010-02-16 19:04	2027008              c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-16 07:07 . 2010-02-16 19:04	2069120              c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-16 07:07 . 2010-02-16 19:04	2148864              c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-09-18 22:04 . 2009-07-31 08:02	1372672              c:\windows\system32\dllcache\msxml6.dll
+ 2008-11-12 21:54 . 2009-07-31 04:32	1172480              c:\windows\system32\dllcache\msxml3.dll
+ 2009-08-14 17:38 . 2010-01-29 14:59	1315328              c:\windows\system32\dllcache\msoe.dll
- 2009-08-14 17:38 . 2009-07-10 13:26	1315328              c:\windows\system32\dllcache\msoe.dll
+ 2006-03-24 12:00 . 2010-05-06 10:31	5950976              c:\windows\system32\dllcache\mshtml.dll
- 2007-05-09 07:29 . 2009-08-29 07:54	1985536              c:\windows\system32\dllcache\iertutil.dll
+ 2007-05-09 07:29 . 2010-05-06 10:31	1985536              c:\windows\system32\dllcache\iertutil.dll
+ 2009-11-06 23:06 . 2009-11-06 23:06	1130824              c:\windows\system32\dfshim.dll
+ 2010-06-12 07:13 . 2006-03-31 10:40	2388176              c:\windows\system32\d3dx9_30.dll
+ 2010-06-12 07:13 . 2006-02-03 06:43	2332368              c:\windows\system32\d3dx9_29.dll
+ 2010-06-12 07:13 . 2005-12-05 16:09	2323664              c:\windows\system32\d3dx9_28.dll
+ 2010-06-12 07:13 . 2005-07-22 17:59	2319568              c:\windows\system32\d3dx9_27.dll
+ 2010-06-12 07:13 . 2005-05-26 13:34	2297552              c:\windows\system32\d3dx9_26.dll
+ 2010-06-12 07:13 . 2005-03-18 15:19	2337488              c:\windows\system32\d3dx9_25.dll
+ 2010-06-12 07:13 . 2005-02-05 17:45	2222800              c:\windows\system32\d3dx9_24.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48	5967872              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2010-03-23 03:32 . 2010-03-23 03:32	5242880              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2008-11-25 03:59 . 2008-11-25 03:59	5242880              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 03:32 . 2010-03-23 03:32	3182592              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42	1265664              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2008-05-27 23:35 . 2008-05-27 23:35	1265664              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2008-05-27 23:35 . 2008-05-27 23:35	1232896              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42	1232896              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-03-31 12:50 . 2010-03-31 12:50	2514944              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2008-05-27 22:48 . 2008-05-27 22:48	2514944              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 12:50 . 2010-03-31 12:50	2527232              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2008-05-27 22:43 . 2008-05-27 22:43	2142208              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42	2142208              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-06-12 07:13 . 2004-12-01 13:53	2846720              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2004-09-29 10:38	2676224              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2010-04-11 20:17 . 2010-04-11 20:17	2607104              c:\windows\Installer\b8b73.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17	4210688              c:\windows\Installer\b8b72.msp
+ 2010-04-15 08:16 . 2010-04-15 08:16	1235968              c:\windows\Installer\43420f.msi
+ 2010-07-29 09:38 . 2010-07-29 09:38	1094656              c:\windows\Installer\35acad.msi
+ 2009-11-08 22:25 . 2009-11-08 22:25	1935360              c:\windows\Installer\1e7595.msp
+ 2010-07-08 13:55 . 2009-08-29 07:54	1208832              c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2010-07-08 13:55 . 2009-10-22 09:16	5939712              c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2010-07-08 13:55 . 2009-08-29 07:54	1985536              c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2008-10-16 07:07 . 2010-02-17 12:04	2192256              c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-16 07:07 . 2010-02-16 19:04	2027008              c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-16 07:07 . 2010-02-16 19:04	2069120              c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-16 07:07 . 2010-02-16 19:04	2148864              c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-07-08 14:02 . 2010-07-08 14:02	4792320              c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_61899a3e\System.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	1966080              c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_0c3a21de\System.dll
+ 2010-07-08 14:02 . 2010-07-08 14:02	5513216              c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_d75f9eaa\System.Xml.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	2088960              c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_0406f836\System.Xml.dll
+ 2010-07-08 14:02 . 2010-07-08 14:02	7884800              c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_befc6435\System.Windows.Forms.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	3018752              c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_0a075b53\System.Windows.Forms.dll
+ 2010-07-08 14:02 . 2010-07-08 14:02	2244608              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_e78bb713\System.Drawing.dll
+ 2010-07-08 14:02 . 2010-07-08 14:02	3395584              c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_fd40100a\System.Design.dll
+ 2010-07-08 14:02 . 2010-07-08 14:02	1470464              c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_8a8a4e89\System.Design.dll
+ 2010-07-08 14:02 . 2010-07-08 14:02	3391488              c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_beec7aec\mscorlib.dll
+ 2010-07-08 14:02 . 2010-07-08 14:02	8908800              c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_31f06c26\mscorlib.dll
+ 2010-07-08 13:59 . 2010-07-08 13:59	3325440              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d63164ac4ed5adabc6a1b0fdf07eee05\WindowsBase.ni.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	1049600              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\d8549ce90b26cdc3071224ab6f020189\UIAutomationClientsideProviders.ni.dll
+ 2010-07-08 13:42 . 2010-07-08 13:42	7949824              c:\windows\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
+ 2010-07-08 13:45 . 2010-07-08 13:45	5450752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	1356288              c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\016b75f60a18535c8d6b3e5d861ab559\System.WorkflowServices.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	1908224              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6dacae37d337004345518976fb57099e\System.Workflow.Runtime.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	4514304              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c7b832bbc5bb11c6c7f128c801ce90d7\System.Workflow.ComponentModel.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	2992640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\b9ea6ea910293cd6f13f765775867ebd\System.Workflow.Activities.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	1840640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8ef8d556899a4a10b7f288a80925489f\System.Web.Services.ni.dll
+ 2010-07-08 13:50 . 2010-07-08 13:50	2209280              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\5dfda43f1991ee6ba345d62b2be4801c\System.Web.Mobile.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	2403328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f08b3b8cdf548e3dfe61f342536175eb\System.Web.Extensions.ni.dll
+ 2010-07-08 13:45 . 2010-07-08 13:45	1917952              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2d6a5dbee4506bf643b853e41668afa3\System.Speech.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	1706496              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\169fe0ad9d59982a2a6b89779c09885b\System.ServiceModel.Web.ni.dll
+ 2010-07-08 13:47 . 2010-07-08 13:47	2345472              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	1035264              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\af217ef58e5558991f331d482c2bdba6\System.Printing.ni.dll
+ 2010-07-08 13:47 . 2010-07-08 13:47	1070080              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\ad4fb86064d7a1ebcb9ee997e7208ac1\System.IdentityModel.ni.dll
+ 2010-07-08 13:45 . 2010-07-08 13:45	1587200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	1116672              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7deab2494d53763cd83c567e71e0d8e0\System.DirectoryServices.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	1801216              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\b81efadfee7702624b713c6d86f7e369\System.Deployment.ni.dll
+ 2010-07-08 13:44 . 2010-07-08 13:44	6616576              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	2510336              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f71abf392c5ca05a4e46a5d1c4c72856\System.Data.SqlXml.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	1328128              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\5e6311aff5ada83d0f854922fa62faf6\System.Data.Services.ni.dll
+ 2010-07-08 13:44 . 2010-07-08 13:44	2516480              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3ba3367d03779ad6e76c5d4cdfe572a\System.Data.Linq.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	9924096              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6abf820d8ec57a0561c3367727d274df\System.Data.Entity.ni.dll
+ 2010-07-08 13:44 . 2010-07-08 13:44	2295296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e98726349766935ec0e9b980f19a046a\System.Core.ni.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	2128896              c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\57abb757c1f38586390dcc63bf056322\ReachFramework.ni.dll
+ 2010-07-08 14:00 . 2010-07-08 14:00	1657856              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\0095ba60255d4addaf5b8ebee697a027\PresentationUI.ni.dll
+ 2010-07-08 13:42 . 2010-07-08 13:42	1451008              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\20ef773b20f6ce721ae60e5c2c2e8f80\PresentationBuildTasks.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	1712128              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\935b855860088a86bb65d37a19f059cc\Microsoft.VisualBasic.ni.dll
+ 2010-07-08 13:47 . 2010-07-08 13:47	1093120              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\7a266de493d30eed21cb60ebe300be53\Microsoft.Transactions.Bridge.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	2332160              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\9db8f9f7fe63ca4451bb5316a3ebb009\Microsoft.JScript.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	1966080              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\c96be82d6cb00367db4e3553272165ef\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	1620992              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3815de5b052187b5d9375681a6784255\Microsoft.Build.Tasks.ni.dll
+ 2010-07-08 13:48 . 2010-07-08 13:48	1888768              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\43fc6723d08e9ce88701c29653efd224\Microsoft.Build.Engine.ni.dll
+ 2010-07-08 13:59 . 2010-07-08 13:59	1249280              c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	3182592              c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	2048000              c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	2048000              c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-07-08 13:42 . 2010-07-08 13:42	5967872              c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-07-08 13:59 . 2010-07-08 13:59	5279744              c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	5242880              c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-11-19 18:54 . 2009-11-19 18:55	5242880              c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-11-19 11:10 . 2009-11-19 11:10	4210688              c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-07-08 13:59 . 2010-07-08 13:59	4210688              c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2009-11-19 18:55 . 2009-11-19 18:55	4546560              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-07-08 13:58 . 2010-07-08 13:58	4546560              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-10-22 12:11 . 2009-10-22 12:11	1232896              c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	1232896              c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-07-08 14:01 . 2010-07-08 14:01	1265664              c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-22 12:11 . 2009-10-22 12:11	1265664              c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	2846720              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-12 07:13 . 2010-06-12 07:13	2676224              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-06-07 15:35 . 2010-06-07 15:35	13902440              c:\windows\system32\nvcpl.dll
+ 2006-09-29 12:35 . 2010-07-02 19:39	34045896              c:\windows\system32\MRT.exe
+ 2006-11-07 20:03 . 2010-05-06 10:31	11076096              c:\windows\system32\ieframe.dll
+ 2006-10-13 15:05 . 2010-06-07 23:57	10531200              c:\windows\system32\dllcache\nv4_mini.sys
+ 2007-05-09 07:29 . 2010-05-06 10:31	11076096              c:\windows\system32\dllcache\ieframe.dll
+ 2010-04-02 17:29 . 2010-04-02 17:29	11413504              c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17	14599680              c:\windows\Installer\b8b82.msp
+ 2010-04-02 10:30 . 2010-04-02 10:30	17456640              c:\windows\Installer\1e75c0.msp
+ 2010-03-30 23:23 . 2010-03-30 23:23	15638528              c:\windows\Installer\1e75a2.msp
+ 2010-07-08 13:55 . 2009-08-29 07:54	11069440              c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2010-07-08 13:45 . 2010-07-08 13:45	12430848              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
+ 2010-07-08 13:49 . 2010-07-08 13:49	11797504              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
+ 2010-07-08 13:47 . 2010-07-08 13:47	17403904              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll
+ 2010-07-08 13:45 . 2010-07-08 13:45	10683392              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f352c5cb50bee105e4c873ca050f9f46\System.Design.ni.dll
+ 2010-07-08 14:00 . 2010-07-08 14:00	14328320              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\560662ada034afb6ec78a152bd9a47b5\PresentationFramework.ni.dll
+ 2010-07-08 14:00 . 2010-07-08 14:00	12215808              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f5dff344ac6ac923b5ade8ba1ab9382\PresentationCore.ni.dll
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-09 16236032]
"NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"SetIcon"="\Programme\SMSC\SetIcon.exe" [2004-04-28 42496]
"LanguageShortcut"="c:\programme\Home Cinema\PowerDVD\Language\Language.exe" [2006-05-18 49152]
"InstantOn"="c:\programme\CyberLink\PowerCinema Linux\ion_install.exe" [2006-06-21 93640]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2006-10-25 282624]
"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-02-24 2372760]
"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\programme\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 57393]
"IndexSearch"="c:\programme\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 40960]
"SetDefPrt"="c:\programme\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152]
"ControlCenter2.0"="c:\programme\Brother\ControlCenter2\brctrcen.exe" [2004-11-11 864256]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-06-07 110696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\dokumente und einstellungen\***\Startmen\Programme\Autostart\
OpenOffice.org 2.4.lnk - c:\programme\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
2004-01-14 01:10	409600	----a-w-	c:\programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2006-10-30 08:36	256576	----a-w-	c:\programme\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVBroadcast]
2006-10-19 22:43	814080	----a-w-	c:\programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]
2006-10-19 13:00	151552	----a-w-	c:\programme\Home Cinema\TV Enhance\TVEService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wlconfig]
2006-03-06 12:45	1347584	------w-	c:\programme\WLAN Monitor\WLConfig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"TVTABRDZ"=3 (0x3)
"TVESched"=2 (0x2)
"TVECapSvc"=2 (0x2)
"gupdate"=2 (0x2)
"srvcPVR"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programme\\NetMeeting\\Conf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Trillian\\trillian.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Programme\\WS_FTP\\WS_FTP95.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\TmNationsForever\\TmForever.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [08.08.2009 20:21 64288]
R2 accsvc;AccSys WiFi Component;c:\programme\Gemeinsame Dateien\AccSys\accsvc.exe [11.12.2006 23:52 147456]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [02.09.2009 10:10 135336]
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [17.10.2006 12:28 1105664]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [23.10.2006 12:37 7040]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programme\Lavasoft\Ad-Aware\AAWService.exe [24.09.2009 13:17 1181328]
S4 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [15.04.2010 10:13 136176]
S4 srvcPVR;Sceneo PVR Service;c:\programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe [31.10.2006 14:16 1441280]
S4 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [23.10.2006 12:50 282709]
S4 TVESched;TVEnhance Task Scheduler (TTS));c:\programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [23.10.2006 12:50 122971]
.
Inhalt des "geplante Tasks" Ordners

2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10]

2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10]

2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10]

2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10]

2010-07-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mWindow Title = Arcor AG & Co. KG
IE: Alles mit FDM herunterladen - file://c:\programme\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://c:\programme\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://c:\programme\Free Download Manager\dllink.htm
IE: Download with GetRight - c:\programme\GetRight\GRdownload.htm
IE: Easy-WebPrint - Drucken - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Easy-WebPrint - Schnelldruck - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint - Vorschau - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint - Zu Druckliste hinzufügen - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Open with GetRight Browser - c:\programme\GetRight\GRbrowse.htm
IE: {{1F958B09-3312-7f0e-9723-4C1324C57B20} - c:\programme\Internet Radio\Radio.exe
FF - ProfilePath - c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - plugin: c:\programme\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programme\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size",  4096);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

MSConfigStartUp-BullGuard - c:\programme\BullGuard Software\BullGuard\bullguard.exe



**************************************************************************
Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 

**************************************************************************
.
Zeit der Fertigstellung: 2010-07-30  22:01:46
ComboFix-quarantined-files.txt  2010-07-30 20:01
ComboFix2.txt  2009-11-22 10:48
ComboFix3.txt  2009-11-22 09:00
ComboFix4.txt  2009-11-22 08:37
ComboFix5.txt  2010-07-30 19:49

Vor Suchlauf: 20 Verzeichnis(se), 71.067.766.784 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 71.036.264.448 Bytes frei

- - End Of File - - 84BC0F6BD07F607C36B253AA1B2C0E02
         

Alt 31.07.2010, 13:54   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus

Anschließend den bootkit_remover herunterladen. Entpacke das Tool in einen eigenen Ordner auf dem Desktop und führe in diesem Ordner die Datei remove.exe aus.

Wenn Du Windows Vista oder Windows 7 verwendest, musst Du die remover.exe über ein Rechtsklick => als Administrator ausführen

Ein schwarzes Fenster wird sich öffnen und automatisch nach bösartigen Veränderungen im MBR suchen.
Poste dann bitte, ob es Veränderungen gibt und wenn ja in welchem device. Am besten alles posten was die remover.exe ausgibt.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 31.07.2010, 21:56   #14
Joe007
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



So, habe GMER ausgeführt, ist nicht abgestürzt. Hat aber ewig gedauert, mehr als 5 Stunden diesmal...

Log:
Code:
ATTFilter
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-31 22:07:23
Windows 5.1.2600 Service Pack 3
Running: pgtrnxzt.exe; Driver: C:\DOKUME~1\***\LOKALE~1\Temp\pxtdypow.sys


---- System - GMER 1.0.15 ----

SSDT            F7C24126                                                                                                                                                                                                                                                                                   ZwCreateKey
SSDT            F7C2411C                                                                                                                                                                                                                                                                                   ZwCreateThread
SSDT            F7C2412B                                                                                                                                                                                                                                                                                   ZwDeleteKey
SSDT            F7C24135                                                                                                                                                                                                                                                                                   ZwDeleteValueKey
SSDT            F7C2413A                                                                                                                                                                                                                                                                                   ZwLoadKey
SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                                                                                                                                                                                                          ZwMapViewOfSection [0xF79C18D0]
SSDT            F7C24108                                                                                                                                                                                                                                                                                   ZwOpenProcess
SSDT            F7C2410D                                                                                                                                                                                                                                                                                   ZwOpenThread
SSDT            F7C24144                                                                                                                                                                                                                                                                                   ZwReplaceKey
SSDT            F7C2413F                                                                                                                                                                                                                                                                                   ZwRestoreKey
SSDT            F7C24130                                                                                                                                                                                                                                                                                   ZwSetValueKey
SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                                                                                                                                                                                                          ZwShutdownSystem [0xF79C1E70]
SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                                                                                                                                                                                                          ZwTerminateProcess [0xF79C1E00]

---- Kernel code sections - GMER 1.0.15 ----

.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                                                                                                                                                                                                   section is writeable [0xF5EB33A0, 0x592C35, 0xE8000020]
.text           tcpip.sys!IPTransmit + 10FC                                                                                                                                                                                                                                                                F35B5D3A 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           tcpip.sys!IPTransmit + 2A52                                                                                                                                                                                                                                                                F35B7690 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           tcpip.sys!IPRegisterProtocol + 930                                                                                                                                                                                                                                                         F35CD454 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           wanarp.sys                                                                                                                                                                                                                                                                                 F77853FD 4 Bytes  CALL F731B350 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           wanarp.sys                                                                                                                                                                                                                                                                                 F7785402 2 Bytes  [90, 90] {NOP ; NOP }

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                        [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                         [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                  [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                    [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                   [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                        [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                       [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                 [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                    [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                  [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                        [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                         [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                          [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                           [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                      [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                   [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                     [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                          [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                         [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                        [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                         [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                  [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                    [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                    [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                  [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                        [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                         [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

---- Devices - GMER 1.0.15 ----

Device          \Driver\Tcpip \Device\Ip                                                                                                                                                                                                                                                                   wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device          \Driver\Tcpip \Device\Tcp                                                                                                                                                                                                                                                                  wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                                                                                                                                                                                  Lbd.sys (Boot Driver/Lavasoft AB)

Device          \Driver\Tcpip \Device\Udp                                                                                                                                                                                                                                                                  wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device          \Driver\Tcpip \Device\RawIp                                                                                                                                                                                                                                                                wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device          \Driver\Tcpip \Device\IPMULTICAST                                                                                                                                                                                                                                                          wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

AttachedDevice  \FileSystem\Fastfat \Fat                                                                                                                                                                                                                                                                   fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@j!s!i!`!r!`!e!d!\30!\30!t!e!s!m!s!y!                                                                                                                                                                                    71230

---- Files - GMER 1.0.15 ----

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\az_multimedia.css       5530 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\mediaplayer.swf         33571 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\scripts.js              3514 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\scripts_prog.js         1146 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\swf_object.js           9320 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\ufo.js                  10964 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\3_0_gross_augsburg.gif  4864 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\et_mmedetect.js         3397 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\et_overlay.php          886 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\overlay_get_clicks.js   6443 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\scripts.js              871 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\scripts_prog.js         1146 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\styles.css              5870 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\SK neu 03112009\Dateien\Artikel,-Maerchenhafte-Geschichten-und-schoene-alte-Volkslieder-_arid,1228169_regid,1_puid,2_pageid,4492-Dateien\puid1_pageid6_regid10_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\ET_MME~1.JS       3397 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\SK neu 03112009\Dateien\Artikel,-Maerchenhafte-Geschichten-und-schoene-alte-Volkslieder-_arid,1228169_regid,1_puid,2_pageid,4492-Dateien\puid1_pageid6_regid10_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\OVERLA~1.JS       6443 bytes
File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\SK neu 03112009\Dateien\Artikel,-Maerchenhafte-Geschichten-und-schoene-alte-Volkslieder-_arid,1228169_regid,1_puid,2_pageid,4492-Dateien\puid1_pageid6_regid10_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\styles.css        5870 bytes

---- EOF - GMER 1.0.15 ----
         
auch diesmal war der PC nach dem Ausführen von GMER sehr langsam. Als ich OSAM ausführen wollte, hat sich dieses mglw. aufgehängt, ist jedenfalls minutenlang beim Scannen des 3. Eintrags hängengeblieben.
Konnte den PC dann (wie oben) nicht mehr manuell herunterfahren -> Kaltstart.

Habe dann OSAM ausgeführt, folgendes Log:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
h**p://www.online-solutions.ru/en/
Saved at 22:40:40 on 31.07.2010

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.8

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Boot Execute]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )-----
"BootExecute" - ? - C:\WINDOWS\system32\lsdelete.exe  (File found, but it contains no detailed information)

[Common]
-----( %SystemRoot%\Tasks )-----
"Ad-Aware Update (Daily 1).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
"Ad-Aware Update (Daily 2).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
"Ad-Aware Update (Daily 3).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
"Ad-Aware Update (Daily 4).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
"Ad-Aware Update (Weekly).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"ddbaccpl.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbaccpl.cpl
"ddbacctm.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbacctm.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"SERVICE.CPL" - "Davilex Software bv" - C:\WINDOWS\system32\SERVICE.CPL
"xhidcpl.cpl" - ? - C:\WINDOWS\system32\xhidcpl.cpl  (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"Avira AntiVir PersonalEdition Classic Konfiguration" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl  (File not found)
"Nero BurnRights" - "Nero AG" - C:\Programme\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"QuickTime" - "Apple Computer, Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
"Windows Media Connect" - "Microsoft Corporation" - C:\Programme\Windows Media Connect 2\wmccpl.dll

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"AEGIS Protocol (IEEE 802.1x) v3.4.10.0" (AegisP) - "Meetinghouse Data Communications" - C:\WINDOWS\System32\DRIVERS\AegisP.sys
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"Lbd" (Lbd) - "Lavasoft AB" - C:\WINDOWS\System32\DRIVERS\Lbd.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"MHN-Treiber" (MHNDRV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mhndrv.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"SyGate for NT, wg3n" (wg3n) - "Sygate Technologies, Inc." - C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys
"Teefer for NT" (Teefer) - "Sygate Technologies, Inc." - C:\WINDOWS\System32\Drivers\Teefer.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
"wpsdrvnt" (wpsdrvnt) - "Sygate Technologies, Inc." - C:\WINDOWS\system32\drivers\wpsdrvnt.sys

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} "Microsoft Windows Media Player" - "Microsoft Corporation" - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - ? -   (File not found | COM-object registry key not found)
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - ? -   (File not found | COM-object registry key not found)
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Computer, Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} "Meine freigegebenen Ordner" - "Microsoft Corporation" - C:\Programme\MSN Messenger\fsshext.8.0.0812.00.dll
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - ? -   (File not found | COM-object registry key not found)
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll
{640167b4-59b0-47a6-b335-a6b3c0695aea} "Portable Media Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\audiodev.dll
{cc86590a-b60a-48e6-996b-41d25ed39a1e} "Portable Media Devices Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\audiodev.dll
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Programme\Real\RealPlayer\rpshell.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} "WMP Add To Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll
{8DD448E6-C188-4aed-AF92-44956194EB1F} "WMP Burn Audio CD Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll
{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} "WMP Play As Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{15B782AF-55D8-11D1-B477-006097098764} "Macromedia Authorware Web Player Control" - "Macromedia, Inc." - C:\WINDOWS\system32\macromed\authorwa\awswax.ocx / h**p://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} "MUWebControl Class" - "Microsoft Corporation" - C:\WINDOWS\system32\muweb.dll / h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} "Office Update Installation Engine" - "Microsoft Corporation" - C:\WINDOWS\opuc.dll / h**p://office.microsoft.com/officeupdate/content/opuc3.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx / h**p://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\LegitCheckControl.DLL / h**p://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"Internet Radio by Endicosoft.com" - "EndicoSoft.com" - C:\Programme\Internet Radio\Radio.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} "Easy-WebPrint" - ? - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{CC59E0F9-7E43-44FA-9FAA-8377850BF205} "FDMIECookiesBHO Class" - ? - C:\Programme\Free Download Manager\iefdmcks.dll
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} "Google Dictionary Compression sdch" - "Google Inc." - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\desktop.ini
"OpenOffice.org 2.4.lnk" - ? - C:\Programme\OpenOffice.org 2.4\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"ControlCenter2.0" - "Brother Industries, Ltd." - C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun
"IndexSearch" - "ScanSoft, Inc." - C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
"InstantOn" - ? - "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c "  (File not found)
"LanguageShortcut" - ? - "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe"
"NeroFilterCheck" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
"PaperPort PTD" - "ScanSoft, Inc." - C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
"QuickTime Task" - "Apple Computer, Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime
"SetDefPrt" - "Brother Industories, Ltd." - C:\Programme\Brother\Brmfl04g\BrStDvPt.exe
"SetIcon" - ? - \Programme\SMSC\SetIcon.exe  (File not found)
"SmcService" - "Sygate Technologies, Inc." - C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
"SSBkgdUpdate" - "Scansoft, Inc." - "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDFCreator" - ? - C:\WINDOWS\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"AccSys WiFi Component" (accsvc) - "AccSys GmbH" - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Programme\CyberLink\Shared Files\RichVideo.exe
"HID Input Service" (HidServ) - ? -  C:\WINDOWS\System32\hidserv.dll  (File not found)
"iPod Service" (iPod Service) - "Apple Computer, Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Lavasoft Ad-Aware Service" (Lavasoft Ad-Aware Service) - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
"Messenger Sharing USN Journal Reader-Service" (usnsvc) - "Microsoft Corporation" - C:\Programme\MSN Messenger\usnsvc.dll
"MHN" (MHN) - "Microsoft Corporation" - C:\WINDOWS\System32\mhn.dll
"NVIDIA Display Driver Service" (NVSvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe
"Sygate Personal Firewall" (SmcService) - "Sygate Technologies, Inc." - C:\Programme\Sygate\SPF\smc.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Media Connect-Dienst" (WMConnectCDS) - "Microsoft Corporation" - C:\Programme\Windows Media Connect 2\wmccds.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
"X10 Device Network Service" (x10nets) - "X10" - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit h**p://forum.online-solutions.ru
         
Habe anschließend remover.exe ausgeführt, Bildschirmausgabe:
Code:
ATTFilter
(...)
Program version: 1.1.0.0
OS Version: Microsoft windows XP Professional Service Pack 3 (build 2600)

System volume is \\.\C.
\\.\C. -> \\.\PhysicalDrive0 at offset 0x00000000'00007e00
Boot sector MD5 is: cd38df3ac5b49526a61408de03ef0647

Size    298 GB
Device Name   \\.\Physical Drive0
MBR Status   Unknown boot code

Unknown boot code has been found on some of your physical disks.
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>


Done:
Press any key to quit...
         

Alt 01.08.2010, 19:21   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Standard

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?



Zuerst mal bitte - falls noch nicht getan - die Datei remover.exe (vom BootkitRemover) vom Desktop nach c:\windows\system32 kopieren!
Danach die Konsole starten über Start, Ausführen, cmd eintippen, ok.

Den Text im folgenden Codefeld eintippen und mit Enter/Return ausführen:
Code:
ATTFilter
remover.exe fix \\.\PhysicalDrive0
         
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?
anschluss, antivir guard, anzeige, awareness, beim starten, bildschirm, blockiert, c:\windows\system32\rundll32.exe, c:\windows\system32\services.exe, dllhost.exe, druck, dsl, einstellungen, entfernen, forum, geforce, grafikkarte, guard, install.exe, jusched.exe, kompatibilität, launch, maus, media center, neue, nicht sicher, nt.exe, nvidia, prima, probleme, required, router, sanduhr, sched.exe, sekunden, starten, system, treiber, trojan, wichtig




Ähnliche Themen: Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?


  1. Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject
    Log-Analyse und Auswertung - 01.02.2014 (17)
  2. Exploit.Script.Generic, Exploit.JS.Pdfka.gfa, Backdoor.Win32.ZAccess.ypw, Backdoor.Win32.ZAccess.yqi, Trojan.Win32.Miner.dw und weitere
    Log-Analyse und Auswertung - 02.10.2012 (7)
  3. Backdoor.Win32.ZAccess.mbg und Trojan.Win32.Small.bmph
    Log-Analyse und Auswertung - 10.07.2012 (28)
  4. Backdoor:Win32/Cbot.B - Trojan:Win32/FakeSysdef
    Log-Analyse und Auswertung - 04.05.2011 (32)
  5. Win32.Backdoor.Papras/A - Rechner infiziert; werde Trojaner nicht los
    Plagegeister aller Art und deren Bekämpfung - 08.02.2011 (13)
  6. Probleme beim Online-Banking: Trojan.Win32.Generic!BT, Win32.Backdoor.Papras/A und andere...
    Log-Analyse und Auswertung - 06.11.2010 (19)
  7. win32.backdoor.papras a lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 25.10.2010 (7)
  8. ComboFix nach Win32.Backdoor.Papras/A
    Plagegeister aller Art und deren Bekämpfung - 13.10.2010 (11)
  9. Win32.Backdoor.Papras/A
    Plagegeister aller Art und deren Bekämpfung - 16.09.2010 (25)
  10. Win32.Backdoor\Papras/A
    Plagegeister aller Art und deren Bekämpfung - 03.08.2010 (6)
  11. Anti Malware Doctor & Win32.Backdoor.Papras/A eingefangen / Systemwiederherstellung
    Plagegeister aller Art und deren Bekämpfung - 01.08.2010 (16)
  12. Trojaner win32.backdoor.papras/a
    Plagegeister aller Art und deren Bekämpfung - 15.07.2010 (31)
  13. BDS/Papras.JF [backdoor]
    Plagegeister aller Art und deren Bekämpfung - 30.06.2010 (3)
  14. Backdoor.Win32.Papras.HE
    Plagegeister aller Art und deren Bekämpfung - 24.06.2010 (11)
  15. eventuell noch trojaner? Trojan-PSW.Win32.Delf.cqp, Backdoor.Win32.Poison.jmo
    Log-Analyse und Auswertung - 21.11.2008 (0)
  16. Trojan.Win32.Sphinx.a+Backdoor.Win32.agent.zq+HJT-log
    Plagegeister aller Art und deren Bekämpfung - 01.12.2006 (1)
  17. Trojan Backdoor win32.Delf.aml
    Mülltonne - 24.01.2006 (1)

Zum Thema Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? - Hallo Forum, hallo Helfer, ich habe mal wieder ein Problem... Mein System: Windows XP AntiVir Sygate Personal Firewall Internetzugang über einen Router (Arcor DSL WLAN-Modem 200) Am besten schildere ich - Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?...
Archiv
Du betrachtest: Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.