|
Log-Analyse und Auswertung: Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
20.07.2010, 09:59 | #1 |
| Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Hallo Forum, hallo Helfer, ich habe mal wieder ein Problem... Mein System: Windows XP AntiVir Sygate Personal Firewall Internetzugang über einen Router (Arcor DSL WLAN-Modem 200) Am besten schildere ich erstmal die Symptome: - Maus: nicht mehr weiß mit schwarzem Rand sondern zusätzlich mit schwarzen Strichen im weißen Bereich, auch bei der Sanduhr analog - Probleme beim anzeigen von Videos, es können keine Videos abgespielt werden - Probleme bei der Anzeige bestimmter Programme/Emails: Z.B. dauert die Anzeige von AntiVir Personal sehr lange, sprich es scheint sehr lange zu laden, beim Starten oder wenn man einen Menüpunkt anklickt usw.; selbiges bei Emails in Outlook Express, und zwar dann, wenn eine Email Daten/Bilder aus dem Internet nachladen will (obwohl Outlook diese blockiert) - das Laden dieser Emails dauert ebenfalls sehr sehr lange - der Antivir Guard ließ sich nicht mehr aktivieren, habe anschließend AntiVir deinstalliert und Antivir 10 installiert (drüberinstallieren ging nicht), der Guard ist nun wieder aktiviert - beim Starten/Booten zeigt der Bildschirm nichts mehr an - gelegentlich stürzt der PC ab, wenn er e. Video laden will o.ä. Diese Probleme sind sukzessive aufgetreten. Ich habe zunächst auf Probleme mit der Grafikkarte (nvidia Geforce 7650 GS) getippt und einen neuen Treiber installiert. Danach gings vorübergehend wieder. Dann habe ich den PC mal komplett vom Stromnetz getrennt, und nach einigen Stunden wieder angesteckt - danach gings (vorrübergehend) wieder, jetzt hilft es jedoch nichts mehr. (das hatte ich vor ein paar Monaten schon mal gemacht, als der Bildschirm etwa alle 5-7 Sekunden für 2-3 Sekunden schwarz geworden war, damals hat das geholfen). Viren-/Malware-Fund von Antivir: Code:
ATTFilter Die Datei 'C:\System Volume Information\_restore{BDB02021-8C9D-4BD9-BAB5-977838CC146D}\RP111\A0039550.dll' enthielt einen Virus oder unerwünschtes Programm 'TR/Spy.Browse.A' [trojan]. Durchgeführte Aktion(en): Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e0ad2f7.qua' verschoben! Der Guard/Ad-Watch hat angeschlagen und versucht, das zu entfernen, hat auch gescannt, jedoch bin ich mir nicht sicher, ob das geklappt hat, ich hatte den Eindruck, er würde immer wieder von vorne beginnen. log: Code:
ATTFilter Logfile created: 14.07.2010 11:24:51 Lavasoft Ad-Aware version: 8.1.4 Extended engine: 329338072 Extended engine version: User performing scan: *** *********************** Definitions database information *********************** Lavasoft definition file: 149.317 Genotype definition file version: 2010/07/02 07:55:37 ******************************** Scan results: ********************************* Scan profile name: Intelligenter Scan (ID: smart) Objects scanned: 25190 Objects detected: 1 Type Detected ========================== Processes.......: 1 Registry entries: 0 Hostfile entries: 0 Files...........: 0 Folders.........: 0 LSPs............: 0 Cookies.........: 0 Browser hijacks.: 0 MRU objects.....: 0 Quarantined items: Description: c:\windows\system32\diskshta.dll Family Name: Win32.Backdoor.Papras/A Engine: 1 Clean status: Reboot required Item ID: 0 Family ID: 0 Scan and cleaning complete: Finished correctly after 128 seconds *********************************** Settings *********************************** Scan profile: ID: smart, enabled:1, value: Intelligenter Scan ID: folderstoscan, enabled:1, value: ID: useantivirus, enabled:1, value: true ID: sections, enabled:1 ID: scancriticalareas, enabled:1, value: true ID: scanrunningapps, enabled:1, value: true ID: scanregistry, enabled:1, value: true ID: scanlsp, enabled:1, value: true ID: scanads, enabled:1, value: false ID: scanhostsfile, enabled:1, value: false ID: scanmru, enabled:1, value: false ID: scanbrowserhijacks, enabled:1, value: true ID: scantrackingcookies, enabled:1, value: true ID: closebrowsers, enabled:1, value: false ID: filescanningoptions, enabled:1 ID: archives, enabled:1, value: false ID: onlyexecutables, enabled:1, value: true ID: skiplargerthan, enabled:1, value: 20480 ID: scanrootkits, enabled:1, value: true ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict ID: usespywareheuristics, enabled:1, value: true Scan global: ID: global, enabled:1 ID: addtocontextmenu, enabled:1, value: true ID: playsoundoninfection, enabled:1, value: false ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav Scheduled scan settings: <Empty> Update settings: ID: updates, enabled:1 ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: schedules, enabled:1, value: true ID: updatedaily1, enabled:1, value: Daily 1 ID: time, enabled:1, value: Tue Nov 10 12:22:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily2, enabled:1, value: Daily 2 ID: time, enabled:1, value: Tue Nov 10 18:22:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily3, enabled:1, value: Daily 3 ID: time, enabled:1, value: Tue Nov 10 00:22:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily4, enabled:1, value: Daily 4 ID: time, enabled:1, value: Tue Nov 10 06:22:00 2009 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updateweekly1, enabled:1, value: Weekly ID: time, enabled:1, value: Tue Nov 10 12:22:00 2009 ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: true ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: true ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall Appearance settings: ID: appearance, enabled:1 ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource ID: showtrayicon, enabled:1, value: true ID: language, enabled:1, value: de, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language ID: autoentertainmentmode, enabled:1, value: true ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple Realtime protection settings: ID: realtime, enabled:1 ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant ID: modules, enabled:1 ID: processprotection, enabled:1, value: true ID: registryprotection, enabled:1, value: true ID: networkprotection, enabled:1, value: true ID: layers, enabled:1 ID: useantivirus, enabled:1, value: true ID: usespywareheuristics, enabled:1, value: true ****************************** System information ****************************** Computer name: MD8818 Processor name: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz Processor identifier: x86 Family 6 Model 15 Stepping 6 Processor speed: ~1861MHZ Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 3846, number of processors 2, processor features: [MMX,SSE,SSE2] Physical memory available: 466587648 bytes Physical memory total: 1072082944 bytes Virtual memory available: 1884852224 bytes Virtual memory total: 2147352576 bytes Memory load: 56% Microsoft Windows XP Professional Service Pack 3 (build 2600) Windows startup mode: Running processes: PID: 464 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 536 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 560 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 604 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 616 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 804 name: C:\WINDOWS\system32\nvsvc32.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 872 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 920 name: C:\WINDOWS\system32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT PID: 988 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 1036 name: C:\Programme\Sygate\SPF\smc.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 1152 name: C:\WINDOWS\system32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT PID: 1432 name: C:\WINDOWS\system32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT PID: 1576 name: C:\Programme\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 1664 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 1748 name: C:\Programme\Avira\AntiVir Desktop\sched.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 1792 name: C:\WINDOWS\system32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT PID: 2012 name: C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 2028 name: C:\Programme\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 176 name: C:\WINDOWS\eHome\ehRecvr.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 192 name: C:\WINDOWS\eHome\ehSched.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 352 name: C:\Programme\Java\jre6\bin\jqs.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 424 name: C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 328 name: C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE owner: SYSTEM domain: NT-AUTORITÄT PID: 524 name: C:\Programme\CyberLink\Shared Files\RichVideo.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 1128 name: C:\WINDOWS\system32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT PID: 1348 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 2056 name: C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 2144 name: C:\WINDOWS\ehome\mcrdsvc.exe owner: LOKALER DIENST domain: NT-AUTORITÄT PID: 2916 name: C:\WINDOWS\system32\dllhost.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 2980 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 3128 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 3276 name: C:\WINDOWS\system32\wbem\wmiapsrv.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 3308 name: C:\WINDOWS\System32\alg.exe owner: LOKALER DIENST domain: NT-AUTORITÄT PID: 3504 name: C:\WINDOWS\ehome\ehtray.exe owner: *** domain: MD8818 PID: 3512 name: C:\WINDOWS\RTHDCPL.EXE owner: *** domain: MD8818 PID: 3528 name: C:\Programme\SMSC\SetIcon.exe owner: *** domain: MD8818 PID: 3544 name: C:\Programme\QuickTime\qttask.exe owner: *** domain: MD8818 PID: 3608 name: C:\Programme\ScanSoft\PaperPort\pptd40nt.exe owner: *** domain: MD8818 PID: 3628 name: C:\WINDOWS\eHome\ehmsas.exe owner: *** domain: MD8818 PID: 3852 name: C:\Programme\Brother\ControlCenter2\brctrcen.exe owner: *** domain: MD8818 PID: 3864 name: C:\Programme\Avira\AntiVir Desktop\avgnt.exe owner: *** domain: MD8818 PID: 3980 name: C:\Programme\Java\jre6\bin\jusched.exe owner: *** domain: MD8818 PID: 4000 name: C:\WINDOWS\system32\RUNDLL32.EXE owner: *** domain: MD8818 PID: 4056 name: C:\WINDOWS\system32\ctfmon.exe owner: *** domain: MD8818 PID: 520 name: C:\Programme\OpenOffice.org 2.4\program\soffice.exe owner: *** domain: MD8818 PID: 1216 name: C:\Programme\OpenOffice.org 2.4\program\soffice.BIN owner: *** domain: MD8818 PID: 3176 name: C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe owner: *** domain: MD8818 PID: 3772 name: C:\Programme\Lavasoft\Ad-Aware\Ad-Aware.exe owner: *** domain: MD8818 PID: 2084 name: C:\WINDOWS\system32\wuauclt.exe owner: SYSTEM domain: NT-AUTORITÄT PID: 2716 name: C:\WINDOWS\explorer.exe owner: *** domain: MD8818 PID: 3808 name: C:\WINDOWS\system32\imapi.exe owner: SYSTEM domain: NT-AUTORITÄT Startup items: Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1} imagepath: Browseui preloader Name: {8C7461EF-2B13-11d2-BE35-3078302C2030} imagepath: Component Categories cache daemon Name: PostBootReminder imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9} Name: CDBurn imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9} Name: WebCheck imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} Name: SysTray imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153} Name: CTFMON.EXE imagepath: C:\WINDOWS\system32\CTFMON.EXE Name: ehTray imagepath: C:\WINDOWS\ehome\ehtray.exe Name: RTHDCPL imagepath: RTHDCPL.EXE Name: NeroFilterCheck imagepath: C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe Name: SetIcon imagepath: \Programme\SMSC\SetIcon.exe Name: LanguageShortcut imagepath: "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe" Name: InstantOn imagepath: "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c " Name: QuickTime Task imagepath: "C:\Programme\QuickTime\qttask.exe" -atboottime Name: SmcService imagepath: C:\PROGRA~1\Sygate\SPF\smc.exe -startgui Name: SSBkgdUpdate imagepath: "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot Name: PaperPort PTD imagepath: C:\Programme\ScanSoft\PaperPort\pptd40nt.exe Name: IndexSearch imagepath: C:\Programme\ScanSoft\PaperPort\IndexSearch.exe Name: SetDefPrt imagepath: C:\Programme\Brother\Brmfl04g\BrStDvPt.exe Name: ControlCenter2.0 imagepath: C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun Name: avgnt imagepath: "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min Name: SunJavaUpdateSched imagepath: "C:\Programme\Java\jre6\bin\jusched.exe" Name: nwiz imagepath: C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet Name: NvCplDaemon imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup Name: NvMediaCenter imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit Name: imagepath: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini Bootexecute items: Name: imagepath: autocheck autochk * Name: imagepath: lsdelete Running services: Name: accsvc displayname: AccSys WiFi Component Name: ALG displayname: Gatewaydienst auf Anwendungsebene Name: AntiVirSchedulerService displayname: Avira AntiVir Planer Name: AntiVirService displayname: Avira AntiVir Guard Name: AudioSrv displayname: Windows Audio Name: Browser displayname: Computerbrowser Name: COMSysApp displayname: COM+-Systemanwendung Name: CryptSvc displayname: CryptSvc Name: DcomLaunch displayname: DCOM-Server-Prozessstart Name: Dhcp displayname: DHCP-Client Name: dmserver displayname: Verwaltung logischer Datenträger Name: Dnscache displayname: DNS-Client Name: ehRecvr displayname: Media Center Receiver Service Name: ehSched displayname: Media Center-Planerdienst Name: ERSvc displayname: Fehlerberichterstattungsdienst Name: Eventlog displayname: Ereignisprotokoll Name: EventSystem displayname: COM+-Ereignissystem Name: FastUserSwitchingCompatibility displayname: Kompatibilität für schnelle Benutzerumschaltung Name: helpsvc displayname: Hilfe und Support Name: HidServ displayname: HID Input Service Name: JavaQuickStarterService displayname: Java Quick Starter Name: lanmanserver displayname: Server Name: lanmanworkstation displayname: Arbeitsstationsdienst Name: Lavasoft Ad-Aware Service displayname: Lavasoft Ad-Aware Service Name: LightScribeService displayname: LightScribeService Direct Disc Labeling Service Name: LmHosts displayname: TCP/IP-NetBIOS-Hilfsprogramm Name: McrdSvc displayname: Media Center Extender Service Name: MDM displayname: Machine Debug Manager Name: Netman displayname: Netzwerkverbindungen Name: Nla displayname: NLA (Network Location Awareness) Name: NVSvc displayname: NVIDIA Display Driver Service Name: PlugPlay displayname: Plug & Play Name: PolicyAgent displayname: IPSEC-Dienste Name: ProtectedStorage displayname: Geschützter Speicher Name: RasMan displayname: RAS-Verbindungsverwaltung Name: RemoteRegistry displayname: Remote-Registrierung Name: RichVideo displayname: Cyberlink RichVideo Service(CRVS) Name: RpcSs displayname: Remoteprozeduraufruf (RPC) Name: SamSs displayname: Sicherheitskontenverwaltung Name: Schedule displayname: Taskplaner Name: seclogon displayname: Secondary Logon Name: SENS displayname: Systemereignisbenachrichtigung Name: SharedAccess displayname: Windows-Firewall/Gemeinsame Nutzung der Internetverbindung Name: ShellHWDetection displayname: Shellhardwareerkennung Name: SmcService displayname: Sygate Personal Firewall Name: Spooler displayname: Druckwarteschlange Name: srservice displayname: Systemwiederherstellungsdienst Name: SSDPSRV displayname: SSDP Discovery Service Name: stisvc displayname: Windows-Bilderfassung (WIA) Name: TapiSrv displayname: Telefonie Name: TermService displayname: Terminaldienste Name: Themes displayname: Designs Name: TrkWks displayname: Überwachung verteilter Verknüpfungen (Client) Name: W32Time displayname: Windows-Zeitgeber Name: WebClient displayname: WebClient Name: winmgmt displayname: Windows-Verwaltungsinstrumentation Name: WmiApSrv displayname: WMI-Leistungsadapter Name: wscsvc displayname: Sicherheitscenter Name: wuauserv displayname: Automatische Updates Name: WZCSVC displayname: Konfigurationsfreie drahtlose Verbindung Name: x10nets displayname: X10 Device Network Service Daher wäre es prima, wenn ihr mir nochmal helfen könnt. Werde im Anschluss nacher noch die logs posten. Danke, Joe Geändert von Joe007 (20.07.2010 um 10:03 Uhr) Grund: Code eingefügt |
20.07.2010, 10:07 | #2 |
| Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Avira AntiRootkit log:
__________________Code:
ATTFilter Avira AntiRootkit Tool (1.1.0.1) ======================================================================================================== - Scan started Sonntag, 18. Juli 2010 - 17:36:21 ======================================================================================================== -------------------------------------------------------------------------------------------------------- Configuration: -------------------------------------------------------------------------------------------------------- - [X] Scan files - [X] Scan registry - [X] Scan processes - [ ] Fast scan - Working disk total size : 278.55 GB - Working disk free size : 49.24 GB (17 %) -------------------------------------------------------------------------------------------------------- Scan task finished. No hidden objects detected! -------------------------------------------------------------------------------------------------------- Files: 0/255370 Registry items: 0/400154 Processes: 0/50 Scan time: 00:10:35 -------------------------------------------------------------------------------------------------------- Active processes: - bgyjfaoc.exe (PID 3444) (Avira AntiRootkit Tool) - System (PID 4) - smss.exe (PID 460) - csrss.exe (PID 532) - winlogon.exe (PID 556) - services.exe (PID 600) - lsass.exe (PID 612) - nvsvc32.exe (PID 800) - svchost.exe (PID 868) - svchost.exe (PID 916) - svchost.exe (PID 984) - Smc.exe (PID 1036) - svchost.exe (PID 1148) - svchost.exe (PID 1284) - explorer.exe (PID 1432) - AAWService.exe (PID 1488) - spoolsv.exe (PID 1636) - sched.exe (PID 1704) - svchost.exe (PID 1748) - accsvc.exe (PID 1832) - ehrecvr.exe (PID 1880) - ehSched.exe (PID 1908) - jqs.exe (PID 2000) - LSSrvc.exe (PID 2044) - MDM.EXE (PID 340) - RichVideo.exe (PID 520) - svchost.exe (PID 1008) - svchost.exe (PID 1192) - X10nets.exe (PID 1556) - mcrdsvc.exe (PID 2144) - dllhost.exe (PID 2752) - wmiapsrv.exe (PID 2796) - unsecapp.exe (PID 2844) - wmiprvse.exe (PID 2952) - alg.exe (PID 3016) - ehtray.exe (PID 3508) - RTHDCPL.exe (PID 3524) - ehmsas.exe (PID 3580) - SetIcon.exe (PID 3592) - qttask.exe (PID 3616) - pptd40nt.exe (PID 3668) - brctrcen.exe (PID 3780) - avgnt.exe (PID 3856) - jusched.exe (PID 3944) - rundll32.exe (PID 3984) - ctfmon.exe (PID 4008) - soffice.exe (PID 516) - soffice.bin (PID 500) - AAWTray.exe (PID 2676) - avirarkd.exe (PID 3876) ======================================================================================================== - Scan finished Sonntag, 18. Juli 2010 - 17:46:57 ======================================================================================================== MAM hat auch nichts gefunden: Code:
ATTFilter Malwarebytes' Anti-Malware 1.46 w*w.malwarebytes.org Datenbank Version: 4288 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 19.07.2010 02:28:34 mbam-log-2010-07-19 (02-28-34).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 375180 Laufzeit: 2 Stunde(n), 3 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
20.07.2010, 10:33 | #3 |
| Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? RSIT log.txt:
__________________Code:
ATTFilter Logfile of random's system information tool 1.08 (written by random/random) Run by *** at 2010-07-20 11:29:34 Microsoft Windows XP Professional Service Pack 3 System drive C: has 54 GB (19%) free of 285 GB Total RAM: 1022 MB (36% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:29:51, on 20.07.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Sygate\SPF\smc.exe C:\WINDOWS\Explorer.EXE C:\Programme\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programme\Avira\AntiVir Desktop\avshadow.exe C:\Programme\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\SMSC\SetIcon.exe C:\Programme\QuickTime\qttask.exe C:\Programme\ScanSoft\PaperPort\pptd40nt.exe C:\Programme\Brother\ControlCenter2\brctrcen.exe C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Programme\Java\jre6\bin\jusched.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\OpenOffice.org 2.4\program\soffice.exe C:\Programme\OpenOffice.org 2.4\program\soffice.BIN C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe C:\Dokumente und Einstellungen\***\Desktop\RSIT.exe C:\Programme\trend micro\***.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdmcks.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SetIcon] \Programme\SMSC\SetIcon.exe O4 - HKLM\..\Run: [LanguageShortcut] "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [InstantOn] "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c " O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04g\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlall.htm O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlselected.htm O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Programme\Free Download Manager\dllink.htm O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Programme\Internet Radio\Radio.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=h**p://w*w.aldi.com/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160402350437 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152 O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: RGZES - Unknown owner - C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 9364 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-10 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Programme\Free Download Manager\iefdmcks.dll [2006-08-20 81920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-11-14 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-14 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Programme\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-09 16236032] "NeroFilterCheck"=C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] "SetIcon"=\Programme\SMSC\SetIcon.exe [2004-04-28 42496] "LanguageShortcut"=C:\Programme\Home Cinema\PowerDVD\Language\Language.exe [2006-05-18 49152] "InstantOn"=C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe [2006-06-21 93640] "QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2006-10-25 282624] "SmcService"=C:\PROGRA~1\Sygate\SPF\smc.exe [2004-02-24 2372760] "SSBkgdUpdate"=C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648] "PaperPort PTD"=C:\Programme\ScanSoft\PaperPort\pptd40nt.exe [2004-03-09 57393] "IndexSearch"=C:\Programme\ScanSoft\PaperPort\IndexSearch.exe [2004-03-09 40960] "SetDefPrt"=C:\Programme\Brother\Brmfl04g\BrStDvPt.exe [2004-11-11 49152] "ControlCenter2.0"=C:\Programme\Brother\ControlCenter2\brctrcen.exe [2004-11-11 864256] "avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792] "SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-11-14 149280] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BullGuard] C:\Programme\BullGuard Software\BullGuard\bullguard.exe -boot [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe [2006-10-30 256576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVBroadcast] C:\Programme\Sceneo\Bonavista\SERVICES\ODSBC\ODSBCApp.exe [2006-10-20 814080] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] C:\Programme\Home Cinema\TV Enhance\TVEService.exe [2006-10-19 151552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wlconfig] C:\Programme\WLAN Monitor\wlconfig.exe [2006-03-06 1347584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 "TVTABRDZ"=3 "TVESched"=2 "TVECapSvc"=2 "gupdate"=2 "srvcPVR"=2 C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart OpenOffice.org 2.4.lnk - C:\Programme\OpenOffice.org 2.4\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung" "C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger" "C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger" "C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax" "C:\Programme\NetMeeting\Conf.exe"="C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Programme\Trillian\trillian.exe"="C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian" "C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen" "C:\Programme\WS_FTP\WS_FTP95.exe"="C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\TmNationsForever\TmForever.exe"="C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung" "C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger" "C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger" "C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax" "C:\Programme\NetMeeting\Conf.exe"="C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" ======List of files/folders created in the last 1 months====== 2010-07-18 21:47:57 ----D---- C:\WINDOWS\system32\NtmsData 2010-07-18 21:42:49 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Avira 2010-07-18 21:06:13 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira 2010-07-08 16:03:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$ 2010-07-08 16:03:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-07-08 16:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-07-08 16:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979904$ 2010-07-08 16:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$ 2010-07-08 16:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-07-08 16:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-07-08 16:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-07-08 16:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-07-08 16:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-07-08 16:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-07-08 16:00:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-07-08 15:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-07-08 15:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-07-08 15:56:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-07-08 15:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$ 2010-07-08 15:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-07-08 15:55:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2010-07-08 15:55:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-07-08 15:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$ 2010-07-08 15:45:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$ 2010-07-08 15:45:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-07-08 15:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-07-08 15:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-07-08 15:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-07-08 15:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-07-08 15:44:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2010-07-08 15:44:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$ 2010-07-08 15:44:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-07-08 15:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$ 2010-07-08 15:29:44 ----N---- C:\WINDOWS\system32\browserchoice.exe 2010-07-07 19:29:31 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation 2010-07-07 19:29:04 ----D---- C:\Programme\NVIDIA Corporation 2010-07-07 19:28:13 ----A---- C:\WINDOWS\system32\OpenCL.dll 2010-07-07 19:28:13 ----A---- C:\WINDOWS\system32\nvcuvid.dll 2010-07-07 19:28:13 ----A---- C:\WINDOWS\system32\nvcuvenc.dll 2010-07-07 19:28:10 ----A---- C:\WINDOWS\system32\nvcuda.dll 2010-07-07 19:28:10 ----A---- C:\WINDOWS\system32\nvcompiler.dll 2010-07-07 19:28:01 ----D---- C:\NVIDIA ======List of files/folders modified in the last 1 months====== 2010-07-20 11:29:51 ----D---- C:\Programme\Trend Micro 2010-07-20 11:29:21 ----D---- C:\WINDOWS\Prefetch 2010-07-20 11:21:31 ----D---- C:\WINDOWS\Debug 2010-07-20 11:21:31 ----D---- C:\WINDOWS 2010-07-20 11:21:30 ----D---- C:\WINDOWS\Temp 2010-07-20 11:21:30 ----D---- C:\WINDOWS\Minidump 2010-07-20 11:18:33 ----D---- C:\Programme\CCleaner 2010-07-20 10:50:45 ----SD---- C:\WINDOWS\Tasks 2010-07-20 10:21:15 ----A---- C:\WINDOWS\NeroDigital.ini 2010-07-20 10:20:59 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenOffice.org2 2010-07-20 10:19:33 ----D---- C:\WINDOWS\Registration 2010-07-20 10:19:23 ----D---- C:\WINDOWS\system32\CatRoot2 2010-07-19 15:05:48 ----N---- C:\WINDOWS\SchedLgU.Txt 2010-07-19 08:00:40 ----D---- C:\WINDOWS\system32 2010-07-18 23:36:58 ----SHD---- C:\System Volume Information 2010-07-18 21:48:21 ----HD---- C:\WINDOWS\inf 2010-07-18 21:47:56 ----D---- C:\WINDOWS\repair 2010-07-18 21:07:34 ----D---- C:\WINDOWS\system32\config 2010-07-18 21:07:14 ----D---- C:\WINDOWS\system32\wbem 2010-07-18 21:06:42 ----D---- C:\Programme\Biet-O-Matic 2010-07-18 21:06:38 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\BOM 2010-07-18 21:06:21 ----D---- C:\WINDOWS\system32\drivers 2010-07-18 21:02:44 ----D---- C:\Programme\Avira 2010-07-18 17:16:12 ----D---- C:\Programme\Google 2010-07-16 23:23:24 ----SHD---- C:\WINDOWS\Installer 2010-07-15 14:35:30 ----D---- C:\Programme\Trillian 2010-07-14 00:25:28 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Free Download Manager 2010-07-13 14:17:34 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FileZilla 2010-07-08 20:03:58 ----D---- C:\WINDOWS\AppPatch 2010-07-08 20:03:58 ----D---- C:\Config.Msi 2010-07-08 16:03:51 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-07-08 16:03:43 ----HD---- C:\WINDOWS\$hf_mig$ 2010-07-08 16:03:42 ----D---- C:\WINDOWS\Microsoft.NET 2010-07-08 16:03:39 ----RSD---- C:\WINDOWS\assembly 2010-07-08 16:03:07 ----D---- C:\WINDOWS\ie8updates 2010-07-08 15:58:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-07-08 15:58:19 ----D---- C:\WINDOWS\WinSxS 2010-07-08 15:56:28 ----D---- C:\Programme\Movie Maker 2010-07-08 15:55:31 ----D---- C:\Programme\Internet Explorer 2010-07-08 15:44:49 ----D---- C:\Programme\Outlook Express 2010-07-07 19:30:52 ----D---- C:\WINDOWS\Help 2010-07-07 19:29:04 ----RD---- C:\Programme 2010-07-07 19:29:02 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-07-05 09:55:15 ----D---- C:\Programme\Mozilla Firefox ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2009-09-23 64288] R0 ohci1394;VIA OHCI-konformer IEEE 1394-Hostcontroller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-06-04 20576] R0 Teefer;Teefer for NT; C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys [2004-02-02 55891] R0 uagp35;Microsoft AGPv3.5-Filter; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672] R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-09-07 9728] R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-09-07 11264] R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 wpsdrvnt;wpsdrvnt; \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys [] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-10-23 21275] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936] R2 wg3n;SyGate for NT, wg3n; C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [2004-02-02 11914] R3 3xHybrid;Philips SAA713x PCI Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-10-10 1105664] R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-03-15 43008] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-10-09 4381696] R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200] R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040] R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792] S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295] S3 catchme;catchme; \??\C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys [] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys [] S3 FETNDIS;VIA PCI 10/100-MBit/s-Fast Ethernetadapter-NT-Treiber; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\4.tmp [] S3 MHNDRV;MHN-Treiber; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288] S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-06-08 344064] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 accsvc;AccSys WiFi Component; C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe [2006-01-11 147456] R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336] R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568] R2 ehSched;Media Center-Planerdienst; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-11-14 153376] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Programme\Lavasoft\Ad-Aware\AAWService.exe [2010-05-19 1181328] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [2006-04-24 73728] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Programme\CyberLink\Shared Files\RichVideo.exe [2006-10-19 262247] R2 SmcService;Sygate Personal Firewall; C:\Programme\Sygate\SPF\smc.exe [2004-02-24 2372760] R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;iPod Service; C:\Programme\iPod\bin\iPodService.exe [2006-10-30 492608] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 RGZES;RGZES; C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe [] S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912] S3 usnsvc;Messenger Sharing USN Journal Reader-Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S3 WMConnectCDS;Windows Media Connect-Dienst; C:\Programme\Windows Media Connect 2\wmccds.exe [2005-10-06 856064] S4 gupdate;Google Update Service (gupdate); C:\Programme\Google\Update\GoogleUpdate.exe [2010-04-15 136176] S4 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-10 182768] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 srvcPVR;Sceneo PVR Service; C:\Programme\Sceneo\Bonavista\Services\PVR\PVRService.exe [2006-10-24 1441280] S4 TVECapSvc;TVEnhance Background Capture Service (TBCS); C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [2006-10-19 282709] S4 TVESched;TVEnhance Task Scheduler (TTS)); C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [2006-10-19 122971] S4 TVTABRDZ;TVTABRDZ; C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe [] -----------------EOF----------------- |
20.07.2010, 10:37 | #4 |
| Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? RSIT info.txt: [CODE]info.txtRSIT Logfile: Code:
ATTFilter logfile of random's system information tool 1.06 2009-11-13 13:15:17 ======Uninstall list====== -->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\Programme\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20} -->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.65-->"C:\Programme\7-Zip\Uninstall.exe" Ad-Aware-->"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 7.0.8 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A70800000002} Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe" ALDI Online Druck Service (Sued)-->C:\PROGRA~1\ALDION~1\ALDI_ODS\UNWISE.EXE C:\PROGRA~1\ALDION~1\ALDI_ODS\INSTALL.LOG ALDI Sued Foto Manager (D)-->C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Manager\instslct.exe ALDI Sued Foto Service (D)-->C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Service\instslct.exe Atlantis - Sky Patrol (remove only)-->C:\Programme\Games\Atlantis - Sky Patrol\Uninstall.exe Audacity 1.3.7-->"C:\Programme\Audacity 1.3 Beta\unins000.exe" Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE Biet-O-Matic v2.6.1-->C:\PROGRA~1\BIET-O~1\UNWISE.EXE C:\PROGRA~1\BIET-O~1\Install.log Big Fish Games Center (remove only)-->C:\Programme\Games\Uninstall.exe Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}\Setup.exe" -l0x7 Brunin03.dllBrunin03.dll Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE} Canon Utilities Easy-PhotoPrint-->C:\Programme\Canon\Easy-PhotoPrint\uninst.exe C:\Programme\Canon\Easy-PhotoPrint\uninst.ini Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE CCleaner-->"C:\Programme\CCleaner\uninst.exe" CD-LabelPrint-->"C:\Programme\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER DivX Pro-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC EA SPORTS online 2004-->C:\Programme\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe Easy-WebPrint-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\Canon\Easy-WebPrint\Uninst.isu Europa Raser-->C:\PROGRA~1\Davilex\EUROPA~1\UNINST32.EXE C:\PROGRA~1\Davilex\EUROPA~1\INSTALL.LOG Fairies EU (remove only)-->C:\Programme\Games\Fairies EU\Uninstall.exe ffdshow [rev 1473] [2007-09-10]-->"C:\Programme\ffdshow\unins000.exe" FIFA 2004-->C:\Programme\EA SPORTS\FIFA 2004\EAUninstall.exe FIFA RTWC 98-->C:\WINDOWS\unin0407.exe -f"C:\Program Files\EA SPORTS\FIFA RTWC 98\DeIsL1.isu" Fish Tycoon (remove only)-->C:\Programme\Games\Fish Tycoon\Uninstall.exe Free Download Manager 2.1-->"C:\Programme\Free Download Manager\unins000.exe" GemMaster Mystic-->"C:\Programme\GemMasterGerman\uninstallgemmaster.exe" GetRight-->"C:\Programme\GetRight\unins000.exe" GIMP 2.6.7-->"C:\Programme\GIMP-2.0\setup\unins000.exe" Google Earth-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x7 -removeonly Google Toolbar for Internet Explorer-->"C:\Programme\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Hidden Expedition Titanic (remove only)-->C:\Programme\Games\Hidden Expedition Titanic\Uninstall.exe High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe" Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe" Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Internet Radio-->"C:\WINDOWS\lsb_un20.exe" /C=UC /N=Internet Radio iTunes-->MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4} J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080} KompoZer 0.77-->"C:\Programme\KompoZer\unins000.exe" LAME v3.98.2 for Audacity-->"C:\Programme\Lame for Audacity\unins000.exe" LetsTrade Komponenten-->C:\WINDOWS\fpuninst.exe -uninstall:"c:\programme\letstrade\uninst\uninst.ini" MagicDirector 1.2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall Mah-Jomino (remove only)-->C:\Programme\Games\Mah-Jomino\Uninstall.exe MakeDisc-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe" MCE Software Encoder 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\setup.exe" -uninstall MediaShow 3.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe" -uninstall MEDION Fotos auf CD Sued (D)-->C:\Programme\ALDI Sued Foto Service\MEDION_Fotos_auf_CD\instslct.exe Mein Geld Professional-->MsiExec.exe /I{08E4F3CE-A34E-4667-8DE9-147249FAE468} Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe" Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Windows-Journal-Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8} Microsoft Works-->MsiExec.exe /I{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3} Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe" Mozilla Firefox (3.5.5)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Mystery Case Files - Huntsville (remove only)-->C:\Programme\Games\Mystery Case Files - Huntsville\Uninstall.exe Mystery Case Files - Prime Suspects (remove only)-->C:\Programme\Games\Mystery Case Files - Prime Suspects\Uninstall.exe Mystic Inn (remove only)-->C:\Programme\Games\Mystic Inn\Uninstall.exe Need For Speed Hot Pursuit 2-->C:\Programme\EA Games\Need For Speed Hot Pursuit 2\EAUninstall.exe Need For Speed II SE-->C:\WINDOWS\unin0407.exe -f"C:\Programme\Electronic Arts\Need For Speed II SE\DeIsL1.isu" Nero 7 Essentials-->MsiExec.exe /I{5B8072B3-A576-4C0B-99BC-FAA7145A1031} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI Office 2003 Trial Assistant-->MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726} OpenOffice.org 2.4-->MsiExec.exe /I{50E21B3A-FF06-412D-879B-DEA30815736E} Otto-->"C:\Programme\GermanOtto\uninstallotto.exe" PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064} PDFCreator-->C:\Programme\PDFCreator\unins000.exe PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall Poker Superstars II (remove only)-->C:\Programme\Games\Poker Superstars II\Uninstall.exe PowerCinema Linux 5.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall PowerDirector-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" -uninstall PowerDVD-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall PowerProducer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall QuickTime-->MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A} Ralink Wireless LAN-Karte-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x7 -removeonly RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7 -removeonly Sceneo Bonavista-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}\Setup.exe" SDFormatter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{5A347920-4AFC-11D5-9FB0-800649886934}\setup.exe" Security Update für Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Sicherheitsupdate für Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe" Sicherheitsupdate für Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Sicherheitsupdate für Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Sygate Personal Firewall-->MsiExec.exe /X{F860F390-78F4-4B45-8C1A-0489618E315B} Trillian-->C:\Programme\Trillian\trillian.exe /uninstall Turbo Lister 2-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548} TV Enhance-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E4C891D6-6844-41B8-86E8-633CACCC644F}\setup.exe" -uninstall TVsweeper-->MsiExec.exe /I{D0CC1431-915D-4454-A045-232155BFD498} Update für Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe" Update für Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe" Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Update Rollup 2 für Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe USB2.0 CARD READER-->MsiExec.exe /I{247A11CA-F5CE-4DD6-85E2-64850E64E064} VIA Platform Device Manager-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA VideoLAN VLC media player 0.8.6-->C:\Programme\VideoLAN\VLC\uninstall.exe Virtual Villagers (remove only)-->C:\Programme\Games\Virtual Villagers\Uninstall.exe Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VRally3-->C:\Programme\Atari\VRally3\unins000.exe Windows Live Messenger-->MsiExec.exe /I{8DCBD4B1-DD30-4A9A-ADF7-FA3162B596C4} Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe" Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows Messenger 5.1-->MsiExec.exe /I{9D1C26BD-E792-4159-9D16-07EA222D8EF0} Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe" Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe" Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Windows-Sicherungsprogramm-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE} WLAN Monitor-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2808E975-BD01-47DD-9852-54E3C622BDDC}\setup.exe" -l0x7 WLAN Quick-Starter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E40268F4-7E9F-4E07-B773-7FF64971F42E}\setup.exe" -l0x7 X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log ======Security center information====== AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic (disabled) AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic (disabled) AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic (outdated) AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: AntiVir Desktop AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic (disabled) AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic (disabled) AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic AV: Avira AntiVir PersonalEdition Classic ======System event log====== Computer Name: MD8818 Event Code: 6006 Message: Der Ereignisprotokolldienst wurde beendet. Record Number: 69441 Source Name: EventLog Time Written: 20090928005954.000000+120 Event Type: Informationen User: Computer Name: MD8818 Event Code: 8033 Message: Der Suchdienst hat eine Wahl auf dem Netzwerk "\Device\NetBT_Tcpip_{49D23CDE-0437-47B3-A174-4D15408BFA1C}" erzwungen, da der Hauptsuchdienst beendet wurde. Record Number: 69440 Source Name: BROWSER Time Written: 20090928005924.000000+120 Event Type: Informationen User: Computer Name: MD8818 Event Code: 4202 Message: Es wurde festgestellt, dass der Netzwerkadapter "VIA Rhine II Fast Ethernet Adapter" vom Netzwerk getrennt wurde, und dass die Netzwerkkonfiguration des Adapters freigegeben wurde. Möglicherweise ist der Adapter beschädigt, falls der Adapter nicht vom Netzwerk getrennt wurde. Wenden Sie sich an den Hersteller bezüglich aktueller Treiber. Record Number: 69439 Source Name: Tcpip Time Written: 20090928005922.000000+120 Event Type: Informationen User: Computer Name: MD8818 Event Code: 7036 Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Beendet". Record Number: 69438 Source Name: Service Control Manager Time Written: 20090928003849.000000+120 Event Type: Informationen User: Computer Name: MD8818 Event Code: 7036 Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Ausgeführt". Record Number: 69437 Source Name: Service Control Manager Time Written: 20090928003842.000000+120 Event Type: Informationen User: =====Application event log===== Computer Name: MD8818 Event Code: 0 Message: Record Number: 14813 Source Name: iPod Service Time Written: 20090327080931.000000+060 Event Type: Informationen User: Computer Name: MD8818 Event Code: 0 Message: Record Number: 14812 Source Name: TVESched Time Written: 20090327080924.000000+060 Event Type: Informationen User: Computer Name: MD8818 Event Code: 0 Message: Record Number: 14811 Source Name: TVECapSvc Time Written: 20090327080924.000000+060 Event Type: Informationen User: Computer Name: MD8818 Event Code: 1800 Message: Der Windows-Sicherheitscenterdienst wurde gestartet. Record Number: 14810 Source Name: SecurityCenter Time Written: 20090327080924.000000+060 Event Type: Informationen User: Computer Name: MD8818 Event Code: 32068 Message: Die ausgehende Verteilerregel ist nicht gültig, weil kein gültiges Gerät gefunden werden kann. Ausgehende Faxe, die diese Regel verwenden, werden nicht weitergeleitet. Stellen Sie sicher, dass das angezielte Gerät bzw. die angezielten Geräte angeschlossen, korrekt installiert und angeschaltet sind. Stellen Sie außerdem sicher, dass die Gruppe korrekt konfiguriert ist, falls die Weiterleitung an eine Gruppe von Geräten erfolgen soll. Landes-/Regionskennzahl: "*" Ortskennzahl: "*" Record Number: 14809 Source Name: Microsoft Fax Time Written: 20090327080923.000000+060 Event Type: Warnung User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Programme\QuickTime\QTSystem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0f06 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Programme\Java\jre1.5.0_08\lib\ext\QTJava.zip "QTJAVA"=C:\Programme\Java\jre1.5.0_08\lib\ext\QTJava.zip -----------------EOF----------------- so, das wär's erstmal. Ich hoffe, ihr könnt mir weiterhelfen. Danke und viele Grüße Joe Geändert von Joe007 (20.07.2010 um 10:43 Uhr) |
21.07.2010, 13:45 | #5 |
| Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Habe MAM nochmal komplett drüberlaufen lassen - kein Fund. Habe AntiVir geupdated nochmal drüberlaufen lassen, 1 Fund: JAVA/Agent.T.1 Code:
ATTFilter Avira AntiVir Personal Erstellungsdatum der Reportdatei: Mittwoch, 21. Juli 2010 12:52 Es wird nach 2395531 Virenstämmen gesucht. Das Programm läuft als uneingeschränkte Vollversion. Online-Dienste stehen zur Verfügung. Lizenznehmer : Avira AntiVir Personal - FREE Antivirus Seriennummer : 0000149996-ADJIE-0000001 Plattform : Windows XP Windowsversion : (Service Pack 3) [5.1.2600] Boot Modus : Normal gebootet Benutzername : SYSTEM Computername : MD8818 Versionsinformationen: BUILD.DAT : 10.0.0.567 32097 Bytes 19.04.2010 15:50:00 AVSCAN.EXE : 10.0.3.0 433832 Bytes 01.04.2010 11:37:35 AVSCAN.DLL : 10.0.3.0 56168 Bytes 30.03.2010 10:42:16 LUKE.DLL : 10.0.2.3 104296 Bytes 07.03.2010 17:32:59 LUKERES.DLL : 10.0.0.0 13672 Bytes 14.01.2010 10:59:47 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 08:05:36 VBASE001.VDF : 7.10.1.0 1372672 Bytes 19.11.2009 18:27:49 VBASE002.VDF : 7.10.3.1 3143680 Bytes 20.01.2010 16:37:42 VBASE003.VDF : 7.10.3.75 996864 Bytes 26.01.2010 15:37:42 VBASE004.VDF : 7.10.4.203 1579008 Bytes 05.03.2010 10:29:03 VBASE005.VDF : 7.10.6.82 2494464 Bytes 15.04.2010 19:44:22 VBASE006.VDF : 7.10.7.218 2294784 Bytes 02.06.2010 19:44:26 VBASE007.VDF : 7.10.7.219 2048 Bytes 02.06.2010 19:44:26 VBASE008.VDF : 7.10.7.220 2048 Bytes 02.06.2010 19:44:26 VBASE009.VDF : 7.10.7.221 2048 Bytes 02.06.2010 19:44:26 VBASE010.VDF : 7.10.7.222 2048 Bytes 02.06.2010 19:44:26 VBASE011.VDF : 7.10.7.223 2048 Bytes 02.06.2010 19:44:26 VBASE012.VDF : 7.10.7.224 2048 Bytes 02.06.2010 19:44:26 VBASE013.VDF : 7.10.8.37 270336 Bytes 10.06.2010 19:44:26 VBASE014.VDF : 7.10.8.69 138752 Bytes 14.06.2010 19:44:27 VBASE015.VDF : 7.10.8.102 130560 Bytes 16.06.2010 19:44:27 VBASE016.VDF : 7.10.8.135 152064 Bytes 21.06.2010 19:44:28 VBASE017.VDF : 7.10.8.163 432128 Bytes 23.06.2010 19:44:28 VBASE018.VDF : 7.10.8.194 133632 Bytes 27.06.2010 19:44:29 VBASE019.VDF : 7.10.8.220 134656 Bytes 29.06.2010 19:44:29 VBASE020.VDF : 7.10.8.252 171520 Bytes 04.07.2010 19:44:30 VBASE021.VDF : 7.10.9.19 131072 Bytes 06.07.2010 19:44:30 VBASE022.VDF : 7.10.9.36 297472 Bytes 07.07.2010 19:44:30 VBASE023.VDF : 7.10.9.60 150016 Bytes 11.07.2010 19:44:31 VBASE024.VDF : 7.10.9.79 113152 Bytes 13.07.2010 19:44:31 VBASE025.VDF : 7.10.9.99 158720 Bytes 16.07.2010 19:44:31 VBASE026.VDF : 7.10.9.133 630784 Bytes 20.07.2010 10:46:05 VBASE027.VDF : 7.10.9.134 2048 Bytes 20.07.2010 10:46:05 VBASE028.VDF : 7.10.9.135 2048 Bytes 20.07.2010 10:46:05 VBASE029.VDF : 7.10.9.136 2048 Bytes 20.07.2010 10:46:06 VBASE030.VDF : 7.10.9.137 2048 Bytes 20.07.2010 10:46:06 VBASE031.VDF : 7.10.9.139 15872 Bytes 21.07.2010 10:46:06 Engineversion : 8.2.4.22 AEVDF.DLL : 8.1.2.0 106868 Bytes 18.07.2010 19:44:37 AESCRIPT.DLL : 8.1.3.41 1364346 Bytes 21.07.2010 10:46:15 AESCN.DLL : 8.1.6.1 127347 Bytes 18.07.2010 19:44:36 AESBX.DLL : 8.1.3.1 254324 Bytes 18.07.2010 19:44:37 AERDL.DLL : 8.1.8.2 614772 Bytes 21.07.2010 10:46:14 AEPACK.DLL : 8.2.3.2 471414 Bytes 21.07.2010 10:46:13 AEOFFICE.DLL : 8.1.1.7 201081 Bytes 21.07.2010 10:46:12 AEHEUR.DLL : 8.1.2.6 2793846 Bytes 21.07.2010 10:46:11 AEHELP.DLL : 8.1.13.2 242039 Bytes 21.07.2010 10:46:08 AEGEN.DLL : 8.1.3.15 385396 Bytes 21.07.2010 10:46:08 AEEMU.DLL : 8.1.2.0 393588 Bytes 18.07.2010 19:44:33 AECORE.DLL : 8.1.16.2 192887 Bytes 21.07.2010 10:46:07 AEBB.DLL : 8.1.1.0 53618 Bytes 18.07.2010 19:44:32 AVWINLL.DLL : 10.0.0.0 19304 Bytes 14.01.2010 10:59:10 AVPREF.DLL : 10.0.0.0 44904 Bytes 14.01.2010 10:59:07 AVREP.DLL : 10.0.0.8 62209 Bytes 18.02.2010 15:47:40 AVREG.DLL : 10.0.3.0 53096 Bytes 01.04.2010 11:35:44 AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01.04.2010 11:39:49 AVARKT.DLL : 10.0.0.14 227176 Bytes 01.04.2010 11:22:11 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26.01.2010 08:53:25 SQLITE3.DLL : 3.6.19.0 355688 Bytes 28.01.2010 11:57:53 AVSMTP.DLL : 10.0.0.17 63848 Bytes 16.03.2010 14:38:54 NETNT.DLL : 10.0.0.0 11624 Bytes 19.02.2010 13:40:55 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28.01.2010 12:10:08 RCTEXT.DLL : 10.0.53.0 98152 Bytes 09.04.2010 13:14:28 Konfiguration für den aktuellen Suchlauf: Job Name..............................: Vollständige Systemprüfung Konfigurationsdatei...................: c:\programme\avira\antivir desktop\sysscan.avp Protokollierung.......................: niedrig Primäre Aktion........................: interaktiv Sekundäre Aktion......................: ignorieren Durchsuche Masterbootsektoren.........: ein Durchsuche Bootsektoren...............: ein Bootsektoren..........................: C:, D:, Durchsuche aktive Programme...........: ein Laufende Programme erweitert..........: ein Durchsuche Registrierung..............: ein Suche nach Rootkits...................: ein Integritätsprüfung von Systemdateien..: aus Optimierter Suchlauf..................: ein Datei Suchmodus.......................: Alle Dateien Durchsuche Archive....................: ein Rekursionstiefe einschränken..........: 20 Archiv Smart Extensions...............: ein Makrovirenheuristik...................: ein Dateiheuristik........................: mittel Abweichende Gefahrenkategorien........: +APPL,+PCK,+SPR, Beginn des Suchlaufs: Mittwoch, 21. Juli 2010 12:52 Der Suchlauf nach versteckten Objekten wird begonnen. Der Suchlauf über gestartete Prozesse wird begonnen: Durchsuche Prozess 'msdtc.exe' - '40' Modul(e) wurden durchsucht Durchsuche Prozess 'dllhost.exe' - '45' Modul(e) wurden durchsucht Durchsuche Prozess 'vssvc.exe' - '48' Modul(e) wurden durchsucht Durchsuche Prozess 'avscan.exe' - '68' Modul(e) wurden durchsucht Durchsuche Prozess 'avcenter.exe' - '64' Modul(e) wurden durchsucht Durchsuche Prozess 'AAWTray.exe' - '23' Modul(e) wurden durchsucht Durchsuche Prozess 'alg.exe' - '31' Modul(e) wurden durchsucht Durchsuche Prozess 'wmiapsrv.exe' - '45' Modul(e) wurden durchsucht Durchsuche Prozess 'wmiprvse.exe' - '42' Modul(e) wurden durchsucht Durchsuche Prozess 'ehmsas.exe' - '22' Modul(e) wurden durchsucht Durchsuche Prozess 'unsecapp.exe' - '37' Modul(e) wurden durchsucht Durchsuche Prozess 'soffice.BIN' - '82' Modul(e) wurden durchsucht Durchsuche Prozess 'dllhost.exe' - '59' Modul(e) wurden durchsucht Durchsuche Prozess 'soffice.exe' - '17' Modul(e) wurden durchsucht Durchsuche Prozess 'ctfmon.exe' - '26' Modul(e) wurden durchsucht Durchsuche Prozess 'RUNDLL32.EXE' - '31' Modul(e) wurden durchsucht Durchsuche Prozess 'jusched.exe' - '50' Modul(e) wurden durchsucht Durchsuche Prozess 'avgnt.exe' - '51' Modul(e) wurden durchsucht Durchsuche Prozess 'brctrcen.exe' - '41' Modul(e) wurden durchsucht Durchsuche Prozess 'pptd40nt.exe' - '26' Modul(e) wurden durchsucht Durchsuche Prozess 'qttask.exe' - '20' Modul(e) wurden durchsucht Durchsuche Prozess 'SetIcon.exe' - '25' Modul(e) wurden durchsucht Durchsuche Prozess 'RTHDCPL.EXE' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'ehtray.exe' - '46' Modul(e) wurden durchsucht Durchsuche Prozess 'mcrdsvc.exe' - '29' Modul(e) wurden durchsucht Durchsuche Prozess 'x10nets.exe' - '35' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht Durchsuche Prozess 'RichVideo.exe' - '23' Modul(e) wurden durchsucht Durchsuche Prozess 'MDM.EXE' - '23' Modul(e) wurden durchsucht Durchsuche Prozess 'LSSrvc.exe' - '17' Modul(e) wurden durchsucht Durchsuche Prozess 'avshadow.exe' - '27' Modul(e) wurden durchsucht Durchsuche Prozess 'jqs.exe' - '74' Modul(e) wurden durchsucht Durchsuche Prozess 'ehSched.exe' - '40' Modul(e) wurden durchsucht Durchsuche Prozess 'ehRecvr.exe' - '182' Modul(e) wurden durchsucht Durchsuche Prozess 'avguard.exe' - '54' Modul(e) wurden durchsucht Durchsuche Prozess 'accsvc.exe' - '19' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht Durchsuche Prozess 'sched.exe' - '45' Modul(e) wurden durchsucht Durchsuche Prozess 'spoolsv.exe' - '61' Modul(e) wurden durchsucht Durchsuche Prozess 'Explorer.EXE' - '93' Modul(e) wurden durchsucht Durchsuche Prozess 'AAWService.exe' - '74' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht Durchsuche Prozess 'smc.exe' - '73' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '163' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht Durchsuche Prozess 'nvsvc32.exe' - '40' Modul(e) wurden durchsucht Durchsuche Prozess 'lsass.exe' - '58' Modul(e) wurden durchsucht Durchsuche Prozess 'services.exe' - '27' Modul(e) wurden durchsucht Durchsuche Prozess 'winlogon.exe' - '67' Modul(e) wurden durchsucht Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht Der Suchlauf über die Masterbootsektoren wird begonnen: Masterbootsektor HD0 [INFO] Es wurde kein Virus gefunden! Masterbootsektor HD1 [INFO] Es wurde kein Virus gefunden! Masterbootsektor HD2 [INFO] Es wurde kein Virus gefunden! Masterbootsektor HD3 [INFO] Es wurde kein Virus gefunden! Der Suchlauf über die Bootsektoren wird begonnen: Bootsektor 'C:\' [INFO] Es wurde kein Virus gefunden! Bootsektor 'D:\' [INFO] Es wurde kein Virus gefunden! Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen: Die Registry wurde durchsucht ( '1748' Dateien ). Der Suchlauf über die ausgewählten Dateien wird begonnen: Beginne mit der Suche in 'C:\' <BOOT> C:\WINDOWS\Temp\6.0\29\7adbb65d-74619230 [0] Archivtyp: ZIP [FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Agent.T.1 --> vmain.class [FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Agent.T.1 Beginne mit der Suche in 'D:\' <RECOVER> Beginne mit der Desinfektion: C:\WINDOWS\Temp\6.0\29\7adbb65d-74619230 [FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Agent.T.1 [HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e3f4f58.qua' verschoben! Ende des Suchlaufs: Mittwoch, 21. Juli 2010 14:43 Benötigte Zeit: 1:49:58 Stunde(n) Der Suchlauf wurde vollständig durchgeführt. 17521 Verzeichnisse wurden überprüft 611953 Dateien wurden geprüft 1 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 1 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 0 Dateien konnten nicht durchsucht werden 611952 Dateien ohne Befall 10524 Archive wurden durchsucht 0 Warnungen 1 Hinweise 645398 Objekte wurden beim Rootkitscan durchsucht 0 Versteckte Objekte wurden gefunden Und siehe da: Maus wieder ohne schwarze Quer-Striche, AntiVir funzt wieder schneller, Videos kann ich wieder anschaun (VLC Player), die genannten Emails werden wieder normal schnell geladen :-) Aber obs das schon war, weiß ich nicht... Die Probleme kamen kurz darauf wieder, habe dann MAM drüberlaufen lassen - kein Fund, anschließend AntiVir - folgender Fund: Code:
ATTFilter Die Datei 'C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\8DIRGLUN\nobj[1].exe' enthielt einen Virus oder unerwünschtes Programm 'TR/Gendal.52224.BI' [trojan]. Durchgeführte Aktion(en): Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4fbab14b.qua' verschoben! Habe gestern das aktuelle Update von Firefox installiert, ich weiß nicht, ob es damit zusammenhängen könnte. hoffe noch auf Hilfe, die noch bestehenden Symptome sind: - Computer-Maus: hat schwarze Querstreifen im normalerweise weißen Bereich (manchmal auch rot, ändert sich manchmal beim Bewegen der Maus) - Probleme beim Anzeigen von Videos, es können keine Videos abgespielt werden (nur Ton) - Probleme bei der Anzeige bestimmter Programme/Emails: Z.B. dauert die Anzeige von AntiVir Personal sehr lange, sprich es scheint sehr lange zu laden, beim Starten oder wenn man einen Menüpunkt anklickt usw.; selbiges bei Emails in Outlook Express, und zwar dann, wenn eine Email Daten/Bilder aus dem Internet nachladen will (obwohl Outlook diese ja blockiert) - das Laden dieser Emails dauert ebenfalls sehr sehr lange (es werden dann auch keine Bilder angezeigt, trotzdem dauert es lange) - beim Starten/Booten zeigt der Bildschirm nichts mehr an (bis zur Benutzerauswahl) - der PC stürzt öfters ab, wenn er ein Video laden will o.ä. Nach Virenfunden (s.o.) gings kurzzeitig wieder, jetzt wieder nicht mehr. Habe jetzt mal noch GMER scannen lassen. Ist sehr schnell erledigt gewesen Log: Code:
ATTFilter GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-07-28 09:59:12 Windows 5.1.2600 Service Pack 3 Running: pgtrnxzt.exe; Driver: C:\DOKUME~1\FAMILI~1\LOKALE~1\Temp\pxtdypow.sys ---- System - GMER 1.0.15 ---- SSDT F7C3DEA6 ZwCreateKey SSDT F7C3DE9C ZwCreateThread SSDT F7C3DEAB ZwDeleteKey SSDT F7C3DEB5 ZwDeleteValueKey SSDT F7C3DEBA ZwLoadKey SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwMapViewOfSection [0xF79B18D0] SSDT F7C3DE88 ZwOpenProcess SSDT F7C3DE8D ZwOpenThread SSDT F7C3DEC4 ZwReplaceKey SSDT F7C3DEBF ZwRestoreKey SSDT F7C3DEB0 ZwSetValueKey SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwShutdownSystem [0xF79B1E70] SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwTerminateProcess [0xF79B1E00] ---- Kernel code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF5F643A0, 0x592C35, 0xE8000020] .text tcpip.sys!IPTransmit + 10FC F3666D3A 6 Bytes CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) .text tcpip.sys!IPTransmit + 2A52 F3668690 6 Bytes CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) .text tcpip.sys!IPRegisterProtocol + 930 F367E454 6 Bytes CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) .text wanarp.sys F78253FD 4 Bytes CALL F731B350 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) .text wanarp.sys F7825402 2 Bytes [90, 90] {NOP ; NOP } ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) ---- Devices - GMER 1.0.15 ---- Device \Driver\Tcpip \Device\Ip wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) Device \Driver\Tcpip \Device\Tcp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB) Device \Driver\Tcpip \Device\Udp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) Device \Driver\Tcpip \Device\RawIp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) Device \Driver\Tcpip \Device\IPMULTICAST wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@j!s!i!`!r!`!e!d!\30!\30!t!e!s!m!s!y! 71230 ---- EOF - GMER 1.0.15 ---- Auch beim Neustarten hat der PC nicht reagiert (sich aber nicht vollständig aufgehängt). Im Task-Manager war lsass.exe mit 50% CPU-Auslastung drin, und bei den Anwendungen "SysFader" - keine Rückmeldung... Der Task-Manager hat dann auch nicht mehr reagiert, es half nur noch ein Kaltstart. da ich leider noch keine Reaktion erhalten habe und nicht weiß, bis wann ich eine Antwort bekommen könnte, habe ich mein Problem nun unter Windows XP Win32.Backdoor.Papras/A, TR/Spy.Browse.A (Trojan), JAVA/Agent.T.1; Grafikprobleme,... geschildert. Wenn mir dort zwischenzeitlich geholfen wird, ist in diesem Thread keine Antwort mehr nötig. Danke und nichts für ungut. (Natürlich freue ich mich auch weiterhin, wenn ich Hilfe bekomme.) Ist mein System noch infiziert? |
29.07.2010, 20:52 | #6 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Hallo, Zitat:
Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ --> Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? |
29.07.2010, 23:05 | #7 |
| Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Hallo Arne, danke für Deine Antwort! Hier die beiden Log-files: Extras.txt Code:
ATTFilter OTL Extras logfile created on: 30.07.2010 00:00:54 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\***\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.022,00 Mb Total Physical Memory | 328,00 Mb Available Physical Memory | 32,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 278,55 Gb Total Space | 65,66 Gb Free Space | 23,57% Space Free | Partition Type: NTFS Drive D: | 19,52 Gb Total Space | 5,46 Gb Free Space | 27,95% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MD8818 Current User Name: *** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation) "C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation) "C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation) "C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.) "C:\Programme\Trillian\trillian.exe" = C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios) "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen -- (Microsoft Corporation) "C:\Programme\WS_FTP\WS_FTP95.exe" = C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA 02173) "C:\Programme\TmNationsForever\TmForever.exe" = C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth "{08E4F3CE-A34E-4667-8DE9-147249FAE468}" = Mein Geld Professional "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{247A11CA-F5CE-4DD6-85E2-64850E64E064}" = USB2.0 CARD READER "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 21 "{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe 1.4.89.1 "{2808E975-BD01-47DD-9852-54E3C622BDDC}" = WLAN Monitor "{31671B31-682F-499E-00B9-7AD7D33C9E4F}" = Need For Speed Hot Pursuit 2 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows-Journal-Viewer "{446DBFFA-4088-48E3-8932-74316BA4CAE4}" = iTunes "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo Bonavista "{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works "{50D8FFDD-90CD-4859-841F-AA1961C7767A}" = QuickTime "{50E21B3A-FF06-412D-879B-DEA30815736E}" = OpenOffice.org 2.4 "{5A347920-4AFC-11D5-9FB0-800649886934}" = SDFormatter "{5B8072B3-A576-4C0B-99BC-FAA7145A1031}" = Nero 7 Essentials "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.0 "{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm "{782DDB70-3DF4-4366-00BF-E3767BCD173B}" = FIFA 2004 "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro "{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8DCBD4B1-DD30-4A9A-ADF7-FA3162B596C4}" = Windows Live Messenger "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D1C26BD-E792-4159-9D16-07EA222D8EF0}" = Windows Messenger 5.1 "{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A70800000002}" = Adobe Reader 7.0.8 - Deutsch "{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0CC1431-915D-4454-A045-232155BFD498}" = TVsweeper "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0 "{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0 "{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}" = PowerCinema Linux 5.0 "{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite "{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E40268F4-7E9F-4E07-B773-7FF64971F42E}" = WLAN Quick-Starter "{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink Wireless LAN-Karte "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F79A208D-D929-11D9-9D77-000129760D75}" = MagicDirector 1.2 "{F860F390-78F4-4B45-8C1A-0489618E315B}" = Sygate Personal Firewall "1F811665-E818-4956-9173-35CD47C9DCE0" = Otto "7A1E1C4F-CC6F-4BF0-BB81-7CFC3F655564" = GemMaster Mystic "7-Zip" = 7-Zip 4.65 "82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2004 "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued) "ALDI Sued Foto Manager D" = ALDI Sued Foto Manager (D) "ALDI Sued Foto Service D" = ALDI Sued Foto Service (D) "Atlantis - Sky Patrol" = Atlantis - Sky Patrol (remove only) "Audacity 1.3 Beta_is1" = Audacity 1.3.7 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Avira UnErase Personal" = Avira UnErase Personal "Biet-O-Matic v2.6.1" = Biet-O-Matic v2.6.1 "Big Fish Games Center" = Big Fish Games Center (remove only) "CCleaner" = CCleaner "Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint "Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox "Easy-WebPrint" = Easy-WebPrint "Europa Raser" = Europa Raser "Fairies EU" = Fairies EU (remove only) "ffdshow_is1" = ffdshow [rev 1473] [2007-09-10] "FIFA RTWC 98" = FIFA RTWC 98 "FileZilla Client" = FileZilla Client 3.3.3 "Fish Tycoon" = Fish Tycoon (remove only) "Free Download Manager_is1" = Free Download Manager 2.1 "GetRight_is1" = GetRight "Hidden Expedition Titanic" = Hidden Expedition Titanic (remove only) "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "ie8" = Windows Internet Explorer 8 "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager "InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2 "Internet Radio" = Internet Radio "KompoZer_is1" = KompoZer 0.77 "LAME for Audacity_is1" = LAME v3.98.2 for Audacity "LetsTrade" = LetsTrade Komponenten "Mah-Jomino" = Mah-Jomino (remove only) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "MediaNavigation.CDLabelPrint" = CD-LabelPrint "MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued (D) "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "Mystery Case Files - Huntsville" = Mystery Case Files - Huntsville (remove only) "Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only) "Mystic Inn" = Mystic Inn (remove only) "Need For Speed II SE" = Need For Speed II SE "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA Drivers" = NVIDIA Drivers "Poker Superstars II" = Poker Superstars II (remove only) "RealPlayer 6.0" = RealPlayer "TmNationsForever_is1" = TmNationsForever "Trillian" = Trillian "Virtual Villagers" = Virtual Villagers (remove only) "VLC media player" = VideoLAN VLC media player 0.8.6 "VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter "VRally3_is1" = VRally3 "Windows Media Format Runtime" = Windows Media Format Runtime "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.6.7 "WMCSetup" = Windows Media Connect "X10Hardware" = X10 Hardware(TM) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "SC07-PRO7" = Ski Challenge 2007 (Pro7) ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 19.07.2010 01:53:16 | Computer Name = MD8818 | Source = crypt32 | ID = 131080 Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen. . Error - 19.07.2010 01:53:16 | Computer Name = MD8818 | Source = crypt32 | ID = 131080 Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen. . Error - 19.07.2010 07:58:31 | Computer Name = MD8818 | Source = crypt32 | ID = 131080 Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. . Error - 19.07.2010 08:00:29 | Computer Name = MD8818 | Source = crypt32 | ID = 131080 Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. . Error - 19.07.2010 08:00:45 | Computer Name = MD8818 | Source = crypt32 | ID = 131080 Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen. . Error - 19.07.2010 08:19:25 | Computer Name = MD8818 | Source = crypt32 | ID = 131080 Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben. . Error - 19.07.2010 08:19:46 | Computer Name = MD8818 | Source = WmiAdapter | ID = 4099 Description = Dienst konnte nicht geöffnet werden. Error - 19.07.2010 08:48:20 | Computer Name = MD8818 | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung msimn.exe, Version 6.0.2900.5512, fehlgeschlagenes Modul riched20.dll, Version 5.30.23.1230, Fehleradresse 0x00005b3a. Error - 19.07.2010 09:05:25 | Computer Name = MD8818 | Source = Application Error | ID = 1001 Description = Fehlerhafter Speicherbereich 749919678. Error - 22.07.2010 03:18:18 | Computer Name = MD8818 | Source = COM+ | ID = 135761 Description = In der Laufzeitumgebung wurde ein inkonsistenter interner Status erkannt. Dies deutet auf eine potenzielle Instabilität des Prozesses hin. Diese Instabilität wird durch die in der COM+-Anwendung ausgeführten benutzerdefinierten Komponenten, die von ihnen verwendeten Komponenten oder durch andere Faktoren verursacht. Fehler in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector fail ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > Code:
ATTFilter OTL logfile created on: 30.07.2010 00:00:54 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\***\Desktop Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.022,00 Mb Total Physical Memory | 328,00 Mb Available Physical Memory | 32,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 278,55 Gb Total Space | 65,66 Gb Free Space | 23,57% Space Free | Partition Type: NTFS Drive D: | 19,52 Gb Total Space | 5,46 Gb Free Space | 27,95% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MD8818 Current User Name: *** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.bin (OpenOffice.org) PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.exe (OpenOffice.org) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) PRC - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe (AccSys GmbH) PRC - C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.) PRC - C:\Programme\SMSC\SetIcon.exe (Standard Microsystems Corp.) PRC - C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.) PRC - C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\WINDOWS\system32\SSSensor.dll (Sygate Technologies, Inc.) ========== Win32 Services (SafeList) ========== SRV - (TVTABRDZ) -- C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe File not found SRV - (RGZES) -- C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe File not found SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (srvcPVR) -- C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) SRV - (TVESched) TVEnhance Task Scheduler (TTS)) -- C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe () SRV - (TVECapSvc) TVEnhance Background Capture Service (TBCS) -- C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe () SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (accsvc) -- C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe (AccSys GmbH) SRV - (WMConnectCDS) -- C:\Programme\Windows Media Connect 2\wmccds.exe (Microsoft Corporation) SRV - (SmcService) -- C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.) SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\4.tmp File not found DRV - (DMSKSSRh) -- C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys File not found DRV - (catchme) -- C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys File not found DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc) DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.) DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.) DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.) DRV - (wpsdrvnt) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Sygate Technologies, Inc.) DRV - (Teefer) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys (Sygate Technologies, Inc.) DRV - (wg3n) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys (Sygate Technologies, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..extensions.enabledItems: {B0D70E72-2FC1-4b9f-A3D4-5921C854D906}:1.2 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.28 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.25 09:36:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.29 10:38:23 | 000,000,000 | ---D | M] [2009.08.31 09:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions [2010.07.29 11:05:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions [2010.07.24 10:25:54 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010.05.14 08:54:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009.06.15 09:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906} [2008.06.04 22:50:45 | 000,001,051 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\searchplugins\leo-eng-ger.xml [2010.07.29 11:05:00 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.07.29 10:38:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.06.26 10:03:55 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.06.26 10:03:55 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.06.26 10:03:55 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.06.26 10:03:55 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.06.26 10:03:55 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.08.14 15:04:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdmcks.dll () O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll () O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [InstantOn] C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe () O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\Home Cinema\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.) O4 - HKLM..\Run: [SetIcon] \Programme\SMSC\SetIcon.exe () O4 - HKLM..\Run: [SmcService] C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.) O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm () O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRDownload.htm () O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRBrowse.htm () O9 - Extra Button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Programme\Internet Radio\Radio.exe (EndicoSoft.com) O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab (Macromedia Authorware Web Player Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160402350437 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.29 13:36:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.07.29 23:58:09 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2010.07.29 12:10:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2010.07.29 11:55:23 | 000,000,000 | ---D | C] -- C:\bcf8b9367cd64455d6d3bc6c9f [2010.07.29 11:54:50 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2010.07.29 11:38:42 | 000,000,000 | ---D | C] -- C:\Programme\HijackThis [2010.07.29 10:39:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun [2010.07.29 10:39:00 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2010.07.29 10:38:22 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.07.29 10:38:22 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.07.29 10:38:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.07.29 10:38:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.07.25 13:53:37 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent [2010.07.18 21:47:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData [2010.07.18 21:42:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Avira [2010.07.18 21:06:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2010.07.08 15:31:46 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2010.07.08 15:31:34 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2010.07.08 15:30:26 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2010.07.08 15:29:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2010.07.07 19:29:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation [2010.07.07 19:29:04 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation [2010.07.07 19:28:13 | 002,632,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll [2010.07.07 19:28:13 | 002,165,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll [2010.07.07 19:28:13 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2010.07.07 19:28:10 | 010,256,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll [2010.07.07 19:28:10 | 004,554,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll [2010.07.07 19:28:01 | 000,000,000 | ---D | C] -- C:\NVIDIA [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.07.29 23:58:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2010.07.29 18:24:01 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job [2010.07.29 12:24:02 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job [2010.07.29 12:09:42 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010.07.29 12:09:42 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job [2010.07.29 12:09:42 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job [2010.07.29 12:07:52 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010.07.29 12:06:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.07.29 12:05:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.07.29 12:05:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.07.29 12:05:51 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys [2010.07.29 12:04:50 | 014,417,920 | ---- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.dat [2010.07.29 12:04:50 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini [2010.07.29 11:33:04 | 000,030,259 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\hjtscanlist.bat [2010.07.29 10:39:05 | 004,287,990 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2010.07.28 09:49:45 | 000,293,376 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\pgtrnxzt.exe [2010.07.27 11:31:55 | 000,038,912 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.27 09:17:57 | 001,056,220 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010.07.27 09:17:57 | 000,453,824 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2010.07.27 09:17:57 | 000,436,316 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010.07.27 09:17:57 | 000,082,866 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2010.07.27 09:17:57 | 000,069,636 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010.07.24 18:20:06 | 000,001,590 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Trillian.lnk [2010.07.22 18:24:18 | 000,045,819 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Reisekostenerstattung_Vorstellungsgespräch_mit Hinweis.doc.pdf [2010.07.22 17:52:24 | 000,515,871 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\bookmarks-2010-07-22.json [2010.07.20 11:18:36 | 000,000,658 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\CCleaner.lnk [2010.07.17 05:00:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010.07.17 05:00:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010.07.17 05:00:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010.07.17 02:42:29 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010.07.08 20:03:59 | 000,238,352 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.07.07 19:29:24 | 000,217,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010.07.07 19:29:24 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2010.07.07 19:29:21 | 000,217,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010.07.07 19:29:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2010.07.07 19:16:37 | 000,088,565 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010.07.06 07:01:39 | 000,010,752 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Brief Osterm..wps [2010.07.06 07:01:39 | 000,006,648 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\wklnhst.dat [2010.07.05 09:55:16 | 000,001,570 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2010.07.04 22:08:57 | 000,021,348 | ---- | M] () -- C:\Dokumente und Einstellungen\***\.recently-used.xbel [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.07.28 09:49:45 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\pgtrnxzt.exe [2010.07.22 18:24:18 | 000,045,819 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Reisekostenerstattung_Vorstellungsgespräch_mit Hinweis.doc.pdf [2010.07.22 17:52:23 | 000,515,871 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\bookmarks-2010-07-22.json [2010.07.22 09:32:02 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010.07.22 09:31:41 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job [2010.07.22 09:31:31 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job [2010.07.22 09:31:30 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job [2010.07.07 19:29:24 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2010.07.07 19:29:21 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2010.07.07 19:29:21 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2010.07.07 19:29:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2010.07.07 19:28:13 | 000,007,959 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb [2010.07.07 19:28:09 | 002,186,342 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2010.07.06 07:01:39 | 000,010,752 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Brief Osterm..wps [2010.07.04 22:08:57 | 000,021,348 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.recently-used.xbel [2009.08.15 20:49:40 | 000,000,065 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008.12.26 15:43:51 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2008.09.14 17:04:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI [2008.09.14 17:02:35 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL [2008.09.14 16:45:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL [2008.09.14 16:43:46 | 000,027,114 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2008.03.11 11:11:54 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll [2007.09.24 13:05:38 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI [2007.09.12 13:14:14 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2007.09.12 13:14:14 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2007.01.23 21:40:11 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\1114386310.sys [2007.01.03 02:27:51 | 000,000,509 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2006.12.12 01:31:24 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2006.12.02 16:37:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CatClient.INI [2006.10.31 14:16:45 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\midas.dll [2006.10.31 14:16:45 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll [2006.10.23 12:55:25 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006.10.23 11:14:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\CoInstaller7x.dll [2006.10.23 11:13:03 | 000,295,018 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll [2006.10.17 12:28:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll [2006.10.17 12:19:47 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2006.10.17 12:19:46 | 000,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2006.10.16 13:39:55 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006.10.16 13:07:13 | 000,000,187 | ---- | C] () -- C:\WINDOWS\WISO.INI [2006.10.10 17:08:56 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll [2006.10.09 14:01:38 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2006.10.09 13:55:55 | 000,009,708 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2006.10.09 13:55:55 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\EC23ACB85A.sys [2006.10.09 12:42:57 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006.09.29 14:24:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006.09.29 14:05:58 | 000,000,941 | ---- | C] () -- C:\WINDOWS\orun32.ini [2006.09.29 13:11:58 | 000,001,256 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006.09.20 08:34:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Buhl.ini [2005.08.05 14:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005.07.01 13:14:48 | 000,000,966 | ---- | C] () -- C:\WINDOWS\System32\Generic.ini [2005.07.01 10:38:06 | 000,000,232 | ---- | C] () -- C:\WINDOWS\SwapDrvrSP3.ini [2005.07.01 10:37:46 | 000,000,233 | ---- | C] () -- C:\WINDOWS\SwapDrvrSP2.ini [2004.09.28 23:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll [2002.03.04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll < End of report > Geändert von Joe007 (29.07.2010 um 23:11 Uhr) |
30.07.2010, 14:11 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Außerdem musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL SRV - (TVTABRDZ) -- C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe File not found SRV - (RGZES) -- C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe File not found DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\4.tmp File not found DRV - (DMSKSSRh) -- C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys File not found :Commands [purity] [resethosts] [emptytemp] Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ Logfiles bitte immer in CODE-Tags posten |
30.07.2010, 20:34 | #9 |
| Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Danke, hat geklappt, mit Neustart. Log: Code:
ATTFilter All processes killed ========== OTL ========== Service TVTABRDZ stopped successfully! Service TVTABRDZ deleted successfully! File C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe File not found not found. Service RGZES stopped successfully! Service RGZES deleted successfully! File C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe File not found not found. Service MEMSWEEP2 stopped successfully! Service MEMSWEEP2 deleted successfully! File C:\WINDOWS\System32\4.tmp File not found not found. Service DMSKSSRh stopped successfully! Service DMSKSSRh deleted successfully! File C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys File not found not found. ========== COMMANDS ========== C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 446 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 446 bytes User: *** ->Temp folder emptied: 588795 bytes ->Temporary Internet Files folder emptied: 1587748 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 111835230 bytes ->Flash cache emptied: 12772 bytes User: Gast ->Temp folder emptied: 587613 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 446 bytes User: *** ->Temp folder emptied: 722254 bytes ->Temporary Internet Files folder emptied: 414622175 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 85371689 bytes ->Flash cache emptied: 1028 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 442502 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 4787170 bytes %systemdrive% .tmp files removed: 15269892 bytes %systemroot% .tmp files removed: 3545272 bytes %systemroot%\System32 .tmp files removed: 2951 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3526790 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 613,00 mb OTL by OldTimer - Version 3.2.9.1 log created on 07302010_212549 Files\Folders moved on Reboot... Registry entries deleted on Reboot... |
30.07.2010, 20:37 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
30.07.2010, 21:10 | #11 |
| Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? ComboFix ausgeführt. Log Teil 1: Code:
ATTFilter ComboFix 10-07-30.01 - *** 30.07.2010 21:51:29.7.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.1022.349 [GMT 2:00] ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\cofi.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85EC5DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86145DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86225C04-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {864F4C7C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {0871AAA0-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C9F054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CD7DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CF3874-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D0426C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2CDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2D054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D3FDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4C694-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DAA404-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DAE4FC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DB5DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DB8CE4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DC9CE4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DD5054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DE3054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DE6654-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DEACE4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF5DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF896C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFA054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFA96C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFE054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0B5E4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1EDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E21DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E32A6C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E3FDDC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E57054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E5E29C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E66A3C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E8FDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E93054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA6DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EABDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EB8DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EC1844-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ED2DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ED3824-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE5054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE6594-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE75FC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE8DDC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EED96C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EF0AD4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EF1814-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFDDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFE4D4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFF74C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F01A7C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F054FC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F074D4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F0F054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F12684-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F12AAC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2798C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F37C24-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F46054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F49DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6CDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6F34C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7A664-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7C314-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FA5B64-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FAAA64-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FADDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FDAAD4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FE0DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86020A1C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8604EBD4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8608AC0C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86095A7C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8609C374-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AD1AC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AF734-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860B8DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860BA054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860BEA6C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C1944-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C9054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C92C4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860CB054-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860CD484-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D239C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D4054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D7C2C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860DA20C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860DFA44-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860E7054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860E7A74-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860EC32C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860ECC14-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860F5314-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FAA8C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FB054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FDDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86104DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8610852C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86111C8C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611333C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86116DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611ADDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F434-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F524-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F5A4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612344C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612440C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86125054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612BDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612D054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86132054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86136DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613734C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86138054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861381A4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861392AC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613C6B4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613D50C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86141054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614139C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86141794-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86143054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86144054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86144DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614BDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614D2F4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614D96C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614ECBC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614F2F4-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86150054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615397C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86154A64-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615545C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86155B5C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86158DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615C2F4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615D39C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615F2F4-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86163DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616427C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861643BC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616AA3C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616C39C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616D054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616D394-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616EDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616EDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616F054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86170054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861713C4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86172054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86172DDC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86174264-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86175054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86175B4C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8617656C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8617D054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86183DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86184DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86186804-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86188054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618A054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618D234-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618EC14-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86191054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86198DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619B25C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619C2A4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619E714-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A096C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A0DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A2BFC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A3DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861AE6DC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861AF054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B139C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B3A6C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B7DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C0324-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C0B4C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C1DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C2054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C3C2C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C62CC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861CB96C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861CC7CC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D0CE4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D2A6C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D4344-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D5DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861DC42C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861DCBD4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E23DC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E49AC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E5DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E6B24-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E6DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E7B4C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E7C4C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861EA424-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861EB054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F439C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F5CBC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F8054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FB4C4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FCCE4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FEDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86201DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86203624-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86204DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86206854-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86206DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620796C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86208DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620A33C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620DC2C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621139C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86213DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862152F4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86217C0C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86218054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621CC04-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621EDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F36C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F4FC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F5AC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86220874-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86221324-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862219A4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622439C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86225A74-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622797C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86229364-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622957C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86229DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622A464-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622A6CC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622ADDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622D37C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622EC04-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622EDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862325FC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86232784-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86234054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86234C6C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862376AC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623836C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86238C04-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862392CC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86239DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623CDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623F234-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86242464-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86243A14-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86244054-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862451BC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862456B4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86246284-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86246DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862491F4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86249434-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624ABF4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624D45C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624D88C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624E38C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624FDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624FDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86250324-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86256DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862599FC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625B054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625BDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625C054-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625C2AC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625D34C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625D544-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625DDDC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625F054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625F274-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86260DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86262B4C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86263054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86264C44-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86265394-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626637C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86266DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626740C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86268C0C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86269DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626ADDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626BDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626D6C4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626DDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626E3EC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626F61C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86270AB4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86271054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862727AC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86275184-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627528C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86276DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279A6C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279D8C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627C57C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627CBAC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627D3C4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627D554-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627DDB4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627EDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86280314-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628161C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86281C04-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86284054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86285C04-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628BDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628C5E4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628CDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628E3C4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628E484-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86291D54-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862923C4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86294DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629548C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86295DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86296A6C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86296DDC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629738C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86298A8C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86299494-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86299BFC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629B944-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629D62C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629DA94-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A0994-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A0DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A36AC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A3DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A4274-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A4DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A5CE4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A836C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A8374-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AADDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AB3DC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ACDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ACDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AE51C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AFA6C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B03EC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B43F4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B684C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B6DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B85FC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BADDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BBC34-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BEA8C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BF054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BF39C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C074C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C4DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C789C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C9DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CA36C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CBDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CC284-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CC38C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CD29C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CDA74-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CE7A4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CE8F4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D1DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D267C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D2DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D5DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6324-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D650C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6584-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6C9C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D75FC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D8434-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D866C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D868C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862DF30C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E3054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E58F4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E59F4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E6D8C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E8974-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E8A14-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E997C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EA39C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EB87C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EBDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EC324-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ECDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EDB54-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EE60C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF404-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF4F4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF96C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F0DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F2544-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F2554-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F62CC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F7B04-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F7DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F879C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F8DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FA764-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FB4AC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FEC6C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FFDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86300434-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630184C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86302DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86305264-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863055F4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86306AAC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630866C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86308BE4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86308DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630A28C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630A96C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630DD14-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630E324-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631230C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313A7C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86314D44-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863155FC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86315DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631780C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631F054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863226C4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86322B9C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86322BC4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86323334-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632429C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863242AC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86324A4C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632540C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632656C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632955C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632BDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632D1D4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632D1F4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632E38C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632E5BC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632EDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632F444-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86330DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86332DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86334054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863358EC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86336DDC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863385E4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86338DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86338DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633B054-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633B24C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633CBCC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633D9E4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633DAD4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633DDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863405FC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86340CA4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86340DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86343054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86343784-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634437C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634437C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344C3C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86345DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86346C44-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86347DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634894C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634C7EC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634CA24-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634E594-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634EDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634F054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634FC04-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635026C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863512F4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635272C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635341C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86354054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86354054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863544C4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863567EC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635687C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635736C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359604-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359854-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863599B4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635A054-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635ACA4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635B4B4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635CB74-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635D054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635E444-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635EB24-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86361DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86362B14-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86363054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636668C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86368DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636A054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636ADDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636E054-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86370054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863713D4-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86371DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637356C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86373D14-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86373DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863744A4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86377C24-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637B054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637B63C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637D1A4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637E484-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637EDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637F694-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637FDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863812FC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86381CCC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86385054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863852D4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86385DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863864DC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86388054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638863C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86388DDC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638ABEC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638ADDC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638E2AC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638E3AC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638F69C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638FC9C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863908E4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639697C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863996F4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86399714-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639A344-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639B58C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639CBC4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639EDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A05AC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A2604-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A27FC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A3904-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A4474-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A52A4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A572C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A5C3C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A6054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A623C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A7054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A7DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A9BE4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863AADDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863AEDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B0BF4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B1C6C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B3054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B4C04-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B548C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B7C9C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B86DC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B9054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BACA4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BB2CC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BBDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BCDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BD054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BEDB4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C463C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C671C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C935C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863CC9B4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863D5054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863DF654-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863E1054-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863E13A4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863ED924-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863EDDDC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F0DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F2C74-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F5054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F67C4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F8054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863FC054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863FD2E4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86412054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86412DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864181E4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86422D9C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8642627C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86428464-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864307EC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86433D0C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86438DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86444DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8644679C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864496EC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8644CBCC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86451524-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864525C4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8645459C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8645571C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86458054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86459054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86462054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86462054-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646872C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646BDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646DCE4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86470344-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86470664-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86472A94-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86476134-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8647A5FC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8647F9C4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864815A4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86486054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8648666C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864868CC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8648DD4C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86490054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649444C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649499C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86499054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649B664-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649BDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649FDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864A6DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B1CDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B3054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B7054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B96EC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864BD054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C2DDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C465C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C6A44-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C7054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D076C-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D29C4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D5DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D6054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864DBC74-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864DD98C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864E5054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864E5744-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EBDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EC3AC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864ECDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864ECDDC-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EDDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F034C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F3054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F9054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864FB3DC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86500054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86503054-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865087C4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650977C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650ABEC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650B054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650C4A4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650CC9C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86511DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8651BDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86542054-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8654FDB4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8655EDDC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8655F7D4-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86563274-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865685D4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656BBEC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656E4FC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656FB04-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657043C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86571DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86573314-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86573974-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86574054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657419C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86575054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657572C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657750C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865784AC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86578A6C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86578A6C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865795D4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657A724-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657E1E4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657E7A4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86581C0C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86582324-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86582494-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86583504-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86584054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86584974-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658AB5C-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658C424-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658C6EC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86590DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86594C0C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8659D29C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865B31FC-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865BDBD4-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865DCDDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86641BD4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667F374-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668D7EC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669D22C-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E7054-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FFCB4-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86739474-FFA4-00DE-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86757DDC-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86767054-FFA4-0100-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {B9A93C84-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {F78B8540-FFA4-00EF-0D24-347CA8A3377C} AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFDFF540-FFA4-00EF-0D24-347CA8A3377C} . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system\MSINET.OCX . ((((((((((((((((((((((( Dateien erstellt von 2010-06-28 bis 2010-07-30 )))))))))))))))))))))))))))))) . 2010-07-30 19:25 . 2010-07-30 19:25 -------- d-----w- C:\_OTL 2010-07-29 09:55 . 2010-07-29 10:04 -------- d-----w- C:\bcf8b9367cd64455d6d3bc6c9f 2010-07-29 09:54 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe 2010-07-29 09:38 . 2010-07-29 09:38 388096 ----a-r- c:\dokumente und einstellungen\***\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-07-29 08:39 . 2010-07-29 08:39 -------- d-----w- c:\programme\Gemeinsame Dateien\Java 2010-07-29 08:38 . 2010-07-29 08:38 503808 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3815a016-n\msvcp71.dll 2010-07-29 08:38 . 2010-07-29 08:38 499712 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3815a016-n\jmc.dll 2010-07-29 08:38 . 2010-07-29 08:38 348160 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3815a016-n\msvcr71.dll 2010-07-29 08:38 . 2010-07-29 08:38 61440 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7a5c831d-n\decora-sse.dll 2010-07-29 08:38 . 2010-07-29 08:38 12800 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7a5c831d-n\decora-d3d.dll 2010-07-29 08:38 . 2010-07-17 03:00 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-22 17:41 . 2010-07-22 17:41 -------- d-----w- c:\dokumente und einstellungen\gastuser\Anwendungsdaten\vlc 2010-07-22 15:48 . 2010-07-22 15:48 -------- d-----w- c:\dokumente und einstellungen\gastuser\Lokale Einstellungen\Anwendungsdaten\Mozilla 2010-07-18 21:58 . 2010-07-18 21:58 -------- d-----r- c:\dokumente und einstellungen\LocalService\Favoriten 2010-07-18 19:47 . 2010-07-29 12:02 -------- d-----w- c:\windows\system32\NtmsData 2010-07-18 19:42 . 2010-07-18 19:42 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\Avira 2010-07-18 19:07 . 2010-07-18 19:07 -------- d-----w- c:\windows\system32\wbem\Repository 2010-07-18 19:06 . 2010-07-18 19:06 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Avira 2010-07-08 13:31 . 2009-11-21 15:54 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll 2010-07-08 13:31 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe 2010-07-08 13:30 . 2010-05-06 10:31 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2010-07-08 13:29 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2010-07-07 17:29 . 2010-07-07 17:29 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation 2010-07-07 17:29 . 2010-07-07 17:29 217180 ----a-w- c:\windows\system32\nvdrsdb0.bin 2010-07-07 17:29 . 2010-07-07 17:29 1 ----a-w- c:\windows\system32\nvdrssel.bin 2010-07-07 17:29 . 2010-07-07 17:29 217180 ----a-w- c:\windows\system32\nvdrsdb1.bin 2010-07-07 17:29 . 2010-07-07 17:30 -------- d-----w- c:\programme\NVIDIA Corporation 2010-07-07 17:28 . 2010-06-07 23:57 61440 ----a-w- c:\windows\system32\OpenCL.dll 2010-07-07 17:28 . 2010-06-07 23:57 2632296 ----a-w- c:\windows\system32\nvcuvenc.dll 2010-07-07 17:28 . 2010-06-07 23:57 2165352 ----a-w- c:\windows\system32\nvcuvid.dll 2010-07-07 17:28 . 2010-06-07 23:57 4554752 ----a-w- c:\windows\system32\nvcuda.dll 2010-07-07 17:28 . 2010-06-07 23:57 10256384 ----a-w- c:\windows\system32\nvcompiler.dll 2010-07-07 17:28 . 2010-06-07 23:57 2186342 ----a-w- c:\windows\system32\nvdata.bin 2010-07-07 17:28 . 2010-07-07 17:28 -------- d-----w- C:\NVIDIA . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-30 19:30 . 2006-12-03 18:11 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\OpenOffice.org2 2010-07-29 09:04 . 2007-11-05 07:05 188152 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\FlashGot.exe 2010-07-29 08:38 . 2009-11-13 22:26 -------- d-----w- c:\programme\Java 2010-07-27 07:17 . 2006-03-24 12:00 82866 ----a-w- c:\windows\system32\perfc007.dat 2010-07-27 07:17 . 2006-03-24 12:00 453824 ----a-w- c:\windows\system32\perfh007.dat 2010-07-24 16:40 . 2006-12-15 22:18 -------- d-----w- c:\programme\Trillian 2010-07-24 08:32 . 2007-10-22 06:15 1 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\OpenOffice.org2\user\uno_packages\cache\stamp.sys 2010-07-23 18:44 . 2010-06-16 09:27 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\FileZilla 2010-07-22 16:30 . 2006-10-09 11:55 -------- d-----w- c:\programme\Google 2010-07-21 22:04 . 2008-03-11 09:13 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\BOM 2010-07-21 21:26 . 2008-03-11 09:11 -------- d-----w- c:\programme\Biet-O-Matic 2010-07-20 09:29 . 2009-08-09 12:30 -------- d-----w- c:\programme\Trend Micro 2010-07-20 09:18 . 2009-11-13 11:50 -------- d-----w- c:\programme\CCleaner 2010-07-18 19:02 . 2009-09-02 08:10 -------- d-----w- c:\programme\Avira 2010-07-13 22:25 . 2007-01-23 17:40 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\Free Download Manager 2010-07-06 05:01 . 2006-12-02 14:21 6648 ----a-w- c:\dokumente und einstellungen\***\Anwendungsdaten\wklnhst.dat 2010-06-16 09:27 . 2010-06-16 09:27 -------- d-----w- c:\programme\FileZilla FTP Client 2010-06-15 22:29 . 2009-09-07 08:21 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\gtk-2.0 2010-06-14 14:31 . 2006-09-29 11:34 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-12 07:28 . 2010-06-12 07:14 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\TmForever 2010-06-12 07:12 . 2010-06-12 07:10 -------- d-----w- c:\programme\TmNationsForever 2010-06-07 23:57 . 2006-10-16 10:21 600680 ----a-w- c:\windows\system32\nvudisp.exe 2010-06-07 23:57 . 2006-10-13 15:05 15192064 ----a-w- c:\windows\system32\nvoglnt.dll 2010-06-07 23:57 . 2006-10-13 15:05 232040 ----a-w- c:\windows\system32\nvcodins.dll 2010-06-07 23:57 . 2006-10-13 15:05 232040 ----a-w- c:\windows\system32\nvcod.dll 2010-06-07 23:57 . 2006-10-13 15:05 1359872 ----a-w- c:\windows\system32\nvapi.dll 2010-06-07 23:57 . 2006-10-13 15:05 10531200 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2010-06-07 23:57 . 2006-10-13 15:05 6300544 ----a-w- c:\windows\system32\nv4_disp.dll 2010-06-02 20:37 . 2007-07-21 11:29 -------- d-----w- c:\dokumente und einstellungen\***\Anwendungsdaten\dvdcss 2010-05-28 10:58 . 2006-10-16 10:21 600680 ----a-w- c:\windows\system32\NVUNINST.EXE 2010-05-19 11:10 . 2009-08-08 20:19 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-05-06 10:31 . 2006-03-24 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-02 08:05 . 2006-03-24 12:00 1851392 ----a-w- c:\windows\system32\win32k.sys 2002-03-11 08:06 . 2002-03-11 08:06 1822520 ----a-w- c:\programme\instmsiw.exe 2002-03-11 07:45 . 2002-03-11 07:45 1708856 ----a-w- c:\programme\instmsia.exe 2007-01-23 19:40 . 2007-01-23 19:40 56 --sh--r- c:\windows\system32\1114386310.sys 2006-10-09 11:55 . 2006-10-09 11:55 8 --sh--r- c:\windows\system32\EC23ACB85A.sys 2007-01-23 19:40 . 2006-10-09 11:55 9708 --sha-w- c:\windows\system32\KGyGaAvL.sys . |
30.07.2010, 21:10 | #12 |
| Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Log Teil 2: Code:
ATTFilter ((((((((((((((((((((((((((((( SnapShot_2009-11-22_08.35.55 ))))))))))))))))))))))))))))))))))))))))) . + 2007-11-07 01:19 . 2007-11-07 01:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll - 2007-11-07 00:19 . 2007-11-07 00:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll - 2008-07-29 06:05 . 2008-07-29 06:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll + 2008-07-29 07:05 . 2008-07-29 07:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll - 2008-07-29 06:05 . 2008-07-29 06:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll + 2008-07-29 07:05 . 2008-07-29 07:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll + 2008-07-29 07:05 . 2008-07-29 07:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll - 2008-07-29 06:05 . 2008-07-29 06:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll + 2008-07-29 07:05 . 2008-07-29 07:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll - 2008-07-29 06:05 . 2008-07-29 06:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll - 2008-07-29 06:05 . 2008-07-29 06:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll + 2008-07-29 07:05 . 2008-07-29 07:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll - 2008-07-29 06:05 . 2008-07-29 06:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll + 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll + 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll - 2008-07-29 06:05 . 2008-07-29 06:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll - 2008-07-29 06:05 . 2008-07-29 06:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll + 2008-07-29 07:05 . 2008-07-29 07:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll + 2008-07-29 07:05 . 2008-07-29 07:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll - 2008-07-29 06:05 . 2008-07-29 06:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll - 2008-07-29 06:05 . 2008-07-29 06:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll + 2008-07-29 07:05 . 2008-07-29 07:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll - 2008-07-29 06:05 . 2008-07-29 06:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll + 2008-07-29 07:05 . 2008-07-29 07:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll - 2008-07-29 04:07 . 2008-07-29 04:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll + 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll + 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll - 2008-07-29 04:07 . 2008-07-29 04:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll + 2010-07-30 19:27 . 2010-07-30 19:27 16384 c:\windows\Temp\Perflib_Perfdata_63c.dat + 2010-06-12 07:13 . 2005-12-05 16:07 61136 c:\windows\system32\xinput9_1_0.dll + 2010-06-12 07:13 . 2006-03-31 10:39 62672 c:\windows\system32\xinput1_1.dll + 2010-06-12 07:13 . 2006-02-03 06:41 14032 c:\windows\system32\x3daudio1_0.dll - 2007-01-29 08:58 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe + 2007-01-29 08:58 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe + 2006-03-24 12:00 . 2009-10-21 05:38 75776 c:\windows\system32\strmfilt.dll - 2006-03-24 12:00 . 2008-04-14 02:22 75776 c:\windows\system32\strmfilt.dll + 2010-07-07 17:29 . 2006-10-06 14:38 81920 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvwddi.dll + 2010-07-07 17:29 . 2006-10-06 14:38 86016 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvmctray.dll + 2010-07-07 17:29 . 2006-10-06 14:38 35840 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcod.dll + 2006-03-24 12:00 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll - 2006-03-24 12:00 . 2008-04-14 02:22 79872 c:\windows\system32\raschap.dll + 2010-03-30 22:16 . 2010-03-30 22:16 99176 c:\windows\system32\PresentationHostProxy.dll - 2006-03-24 12:00 . 2009-11-19 18:55 69636 c:\windows\system32\perfc009.dat + 2006-03-24 12:00 . 2010-07-27 07:17 69636 c:\windows\system32\perfc009.dat - 2006-10-13 15:05 . 2006-10-06 14:38 81920 c:\windows\system32\nvwddi.dll + 2010-06-07 15:35 . 2010-06-07 15:35 81920 c:\windows\system32\nvwddi.dll + 2009-11-06 23:07 . 2009-11-06 23:07 49488 c:\windows\system32\netfxperf.dll + 2009-11-06 23:07 . 2009-11-06 23:07 11600 c:\windows\system32\mui\0409\mscorees.dll + 2004-08-04 00:57 . 2009-11-27 17:11 17920 c:\windows\system32\msyuv.dll + 2006-03-24 12:00 . 2009-11-27 16:08 28672 c:\windows\system32\msvidc32.dll + 2006-03-24 12:00 . 2009-11-27 16:08 11264 c:\windows\system32\msrle32.dll - 2006-03-24 12:00 . 2008-04-14 02:22 11264 c:\windows\system32\msrle32.dll + 2006-11-07 20:03 . 2010-05-06 10:31 55296 c:\windows\system32\msfeedsbs.dll - 2006-11-07 20:03 . 2009-08-29 07:54 55296 c:\windows\system32\msfeedsbs.dll - 2006-03-24 12:00 . 2009-08-29 07:54 25600 c:\windows\system32\jsproxy.dll + 2006-03-24 12:00 . 2010-05-06 10:31 25600 c:\windows\system32\jsproxy.dll + 2004-08-04 00:57 . 2009-11-27 16:08 48128 c:\windows\system32\iyuv_32.dll + 2006-03-24 12:00 . 2009-10-21 05:38 25088 c:\windows\system32\httpapi.dll + 2006-03-24 12:00 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll - 2006-03-24 12:00 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll - 2009-09-02 08:10 . 2009-05-11 08:12 28520 c:\windows\system32\drivers\ssmdrv.sys + 2009-09-02 08:10 . 2009-05-11 08:12 28520 c:\windows\system32\drivers\ssmdrv.sys + 2009-08-14 13:34 . 2010-04-29 13:39 38224 c:\windows\system32\drivers\mbamswissarmy.sys - 2009-08-14 13:34 . 2009-09-10 13:54 38224 c:\windows\system32\drivers\mbamswissarmy.sys + 2009-08-14 13:34 . 2010-04-29 13:39 20952 c:\windows\system32\drivers\mbam.sys + 2009-09-02 08:10 . 2009-05-11 10:49 17016 c:\windows\system32\drivers\avgntmgr.sys + 2009-09-02 08:10 . 2010-02-16 12:24 60936 c:\windows\system32\drivers\avgntflt.sys + 2009-09-02 08:10 . 2009-05-11 10:49 51992 c:\windows\system32\drivers\avgntdd.sys - 2009-11-19 10:54 . 2009-08-29 07:54 12800 c:\windows\system32\dllcache\xpshims.dll + 2009-11-19 10:54 . 2010-05-06 10:31 12800 c:\windows\system32\dllcache\xpshims.dll + 2009-10-21 05:38 . 2009-10-21 05:38 75776 c:\windows\system32\dllcache\strmfilt.dll + 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll + 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll + 2006-03-24 12:00 . 2009-11-27 16:08 28672 c:\windows\system32\dllcache\msvidc32.dll + 2009-11-27 16:08 . 2009-11-27 16:08 11264 c:\windows\system32\dllcache\msrle32.dll - 2007-05-09 07:29 . 2009-08-29 07:54 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2007-05-09 07:29 . 2010-05-06 10:31 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2006-03-24 12:00 . 2010-05-06 10:31 25600 c:\windows\system32\dllcache\jsproxy.dll - 2006-03-24 12:00 . 2009-08-29 07:54 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\system32\dllcache\iyuv_32.dll + 2009-10-21 05:38 . 2009-10-21 05:38 25088 c:\windows\system32\dllcache\httpapi.dll + 2009-06-16 14:36 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll - 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll + 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll + 2010-01-13 14:00 . 2010-01-13 14:00 86528 c:\windows\system32\dllcache\cabview.dll + 2009-06-10 14:13 . 2009-11-27 16:08 85504 c:\windows\system32\dllcache\avifil32.dll - 2009-06-10 14:13 . 2009-06-10 14:13 85504 c:\windows\system32\dllcache\avifil32.dll + 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll + 2006-03-24 12:00 . 2009-12-14 07:08 33280 c:\windows\system32\csrsrv.dll + 2006-11-29 16:30 . 2010-07-28 15:03 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat - 2006-11-29 16:30 . 2009-11-21 07:01 32768 c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat - 2006-11-29 16:30 . 2009-11-21 07:01 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2010-05-19 11:08 . 2010-07-28 15:03 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2006-03-24 12:00 . 2010-01-13 14:00 86528 c:\windows\system32\cabview.dll - 2006-03-24 12:00 . 2009-06-10 14:13 85504 c:\windows\system32\avifil32.dll + 2006-03-24 12:00 . 2009-11-27 16:08 85504 c:\windows\system32\avifil32.dll + 2006-03-24 12:00 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll - 2008-07-29 18:16 . 2008-07-29 18:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll + 2010-04-07 21:48 . 2010-04-07 21:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2010-03-23 03:31 . 2010-03-23 03:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2010-04-01 09:42 . 2010-04-01 09:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll - 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2010-03-31 12:51 . 2010-03-31 12:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2010-03-31 12:51 . 2010-03-31 12:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll - 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll - 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2010-03-31 12:51 . 2010-03-31 12:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2010-03-31 13:32 . 2010-03-31 13:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe - 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2010-03-31 13:32 . 2010-03-31 13:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll - 2003-02-20 17:19 . 2003-02-20 17:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll + 2006-09-29 11:32 . 2010-02-09 16:22 81920 c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Security.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll + 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll + 2009-11-06 23:07 . 2009-11-06 23:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe + 2010-06-12 07:13 . 2005-03-18 14:23 12800 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll + 2010-06-12 07:13 . 2005-03-18 14:23 53248 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll + 2010-04-15 08:14 . 2010-04-15 08:14 22528 c:\windows\Installer\434208.msi + 2010-07-08 13:36 . 2010-07-08 13:36 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe + 2010-04-15 08:16 . 2010-04-15 08:16 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe + 2010-04-15 08:16 . 2010-04-15 08:16 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe + 2010-04-15 08:16 . 2010-04-15 08:16 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe + 2010-04-15 08:16 . 2010-04-15 08:16 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe + 2010-04-15 08:16 . 2010-04-15 08:16 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe + 2010-04-15 08:16 . 2010-04-15 08:16 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe + 2010-04-15 08:16 . 2010-04-15 08:16 25214 c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\ARPPRODUCTICON.exe + 2010-07-08 13:55 . 2009-08-29 07:54 12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll + 2010-07-08 13:55 . 2009-08-29 07:54 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll + 2010-07-08 13:55 . 2009-08-29 07:54 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll + 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\Driver Cache\i386\msyuv.dll + 2009-11-27 16:08 . 2009-11-27 16:08 48128 c:\windows\Driver Cache\i386\iyuv_32.dll + 2010-07-08 14:01 . 2010-07-08 14:01 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_afad9ea9\System.Drawing.Design.dll + 2010-07-08 14:01 . 2010-07-08 14:01 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_f86b29aa\CustomMarshalers.dll + 2010-07-08 14:01 . 2010-07-08 14:01 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ea1b4fbde0e772748c6ac42d627cf684\UIAutomationProvider.ni.dll + 2010-07-08 14:03 . 2010-07-08 14:03 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\f46915dfc57bc7e49c5402e9b8f7ec18\System.Windows.Presentation.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1464c662c302ea6372a885161b983732\System.Web.DynamicData.Design.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll + 2010-07-08 14:00 . 2010-07-08 14:00 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe + 2010-07-08 13:59 . 2010-07-08 13:59 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\0375dfa28e2f6ef7e89df9edede4b83d\PresentationCFFRasterizer.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\4a52287444c36c89310856b38ff52fe0\Microsoft.Vsa.ni.dll - 2009-11-19 18:55 . 2009-11-19 18:55 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2010-07-08 13:58 . 2010-07-08 13:58 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2010-07-08 13:42 . 2010-07-08 13:42 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll - 2009-11-19 11:10 . 2009-11-19 11:10 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll + 2010-07-08 13:58 . 2010-07-08 13:58 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2009-11-19 18:55 . 2009-11-19 18:55 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2009-11-19 18:55 . 2009-11-19 18:55 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2010-07-08 13:58 . 2010-07-08 13:58 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2010-07-08 13:58 . 2010-07-08 13:58 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2009-11-19 18:55 . 2009-11-19 18:55 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2010-07-08 13:58 . 2010-07-08 13:58 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2009-11-19 18:55 . 2009-11-19 18:55 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2009-11-19 18:55 . 2009-11-19 18:55 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2010-07-08 13:58 . 2010-07-08 13:58 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2009-11-19 18:55 . 2009-11-19 18:55 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2010-07-08 13:58 . 2010-07-08 13:58 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2009-11-19 18:55 . 2009-11-19 18:55 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2010-07-08 13:58 . 2010-07-08 13:58 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2009-11-19 18:55 . 2009-11-19 18:55 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2010-07-08 13:58 . 2010-07-08 13:58 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2009-11-19 18:55 . 2009-11-19 18:55 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2010-07-08 13:58 . 2010-07-08 13:58 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2010-07-08 13:58 . 2010-07-08 13:58 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2009-11-19 18:55 . 2009-11-19 18:55 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2009-11-19 18:55 . 2009-11-19 18:55 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2010-07-08 13:58 . 2010-07-08 13:58 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2009-11-19 18:55 . 2009-11-19 18:55 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2010-07-08 13:58 . 2010-07-08 13:58 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2010-07-08 14:01 . 2010-07-08 14:01 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll + 2010-07-08 14:02 . 2010-07-08 14:02 81920 c:\windows\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\System.Security.dll + 2010-06-12 07:13 . 2010-06-12 07:13 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2010-06-12 07:13 . 2010-06-12 07:13 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll - 2009-11-19 18:55 . 2009-11-19 18:55 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2010-07-08 13:58 . 2010-07-08 13:58 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2001-08-18 04:54 . 2009-11-27 16:08 8704 c:\windows\system32\tsbyuv.dll + 2001-08-18 04:54 . 2009-11-27 16:08 8704 c:\windows\system32\dllcache\tsbyuv.dll + 2009-11-27 16:08 . 2009-11-27 16:08 8704 c:\windows\Driver Cache\i386\tsbyuv.dll - 2009-11-19 18:55 . 2009-11-19 18:55 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2010-07-08 13:58 . 2010-07-08 13:58 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2009-11-19 18:55 . 2009-11-19 18:55 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2010-07-08 13:58 . 2010-07-08 13:58 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2009-11-19 18:55 . 2009-11-19 18:55 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2010-07-08 13:58 . 2010-07-08 13:58 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll - 2009-11-19 18:55 . 2009-11-19 18:55 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2010-07-08 13:58 . 2010-07-08 13:58 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2010-07-08 13:58 . 2010-07-08 13:58 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2009-11-19 18:55 . 2009-11-19 18:55 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2010-07-08 13:58 . 2010-07-08 13:58 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2009-11-19 18:55 . 2009-11-19 18:55 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2008-07-29 06:05 . 2008-07-29 06:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll + 2008-07-29 07:05 . 2008-07-29 07:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll - 2008-07-29 06:05 . 2008-07-29 06:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll + 2008-07-29 07:05 . 2008-07-29 07:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll + 2008-07-29 02:54 . 2008-07-29 02:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll - 2008-07-29 01:54 . 2008-07-29 01:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll - 2008-07-29 06:05 . 2008-07-29 06:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll + 2008-07-29 07:05 . 2008-07-29 07:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll + 2010-06-12 07:13 . 2006-05-31 05:24 230168 c:\windows\system32\xactengine2_2.dll + 2010-06-12 07:13 . 2006-03-31 10:39 229584 c:\windows\system32\xactengine2_1.dll + 2010-06-12 07:13 . 2006-02-03 06:42 230096 c:\windows\system32\xactengine2_0.dll + 2006-03-24 12:00 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll + 2006-03-24 12:00 . 2009-08-25 09:17 354816 c:\windows\system32\winhttp.dll + 2006-03-24 12:00 . 2010-03-10 06:15 420352 c:\windows\system32\vbscript.dll - 2006-03-24 12:00 . 2009-03-08 03:33 420352 c:\windows\system32\vbscript.dll - 2006-03-24 12:00 . 2009-06-16 14:36 119808 c:\windows\system32\t2embed.dll + 2006-03-24 12:00 . 2009-10-15 16:28 119808 c:\windows\system32\t2embed.dll - 2006-03-24 12:00 . 2008-04-14 02:22 474624 c:\windows\system32\shlwapi.dll + 2006-03-24 12:00 . 2009-12-08 09:23 474624 c:\windows\system32\shlwapi.dll + 2010-07-07 17:29 . 2006-10-06 14:38 159810 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvsvc32.exe + 2010-07-07 17:29 . 2006-10-06 14:38 212992 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvapi.dll + 2006-03-24 12:00 . 2009-10-12 13:38 150528 c:\windows\system32\rastls.dll + 2010-03-30 22:10 . 2010-03-30 22:10 295264 c:\windows\system32\PresentationHost.exe - 2006-03-24 12:00 . 2009-11-19 18:55 436316 c:\windows\system32\perfh009.dat + 2006-03-24 12:00 . 2010-07-27 07:17 436316 c:\windows\system32\perfh009.dat - 2006-03-24 12:00 . 2009-08-29 07:54 206848 c:\windows\system32\occache.dll + 2006-03-24 12:00 . 2010-05-06 10:31 206848 c:\windows\system32\occache.dll + 2006-03-24 12:00 . 2009-10-13 10:32 271360 c:\windows\system32\oakley.dll - 2006-03-24 12:00 . 2008-04-14 02:22 271360 c:\windows\system32\oakley.dll + 2010-06-07 15:35 . 2010-06-07 15:35 154728 c:\windows\system32\nvsvc32.exe + 2010-06-07 15:35 . 2010-06-07 15:35 126976 c:\windows\system32\nvrszht.dll + 2010-06-07 15:35 . 2010-06-07 15:35 229376 c:\windows\system32\nvrszhc.dll + 2010-06-07 15:35 . 2010-06-07 15:35 258048 c:\windows\system32\nvrstr.dll + 2010-06-07 15:35 . 2010-06-07 15:35 253952 c:\windows\system32\nvrsth.dll + 2010-06-07 15:35 . 2010-06-07 15:35 253952 c:\windows\system32\nvrssv.dll + 2010-06-07 15:35 . 2010-06-07 15:35 258048 c:\windows\system32\nvrssl.dll + 2010-06-07 15:35 . 2010-06-07 15:35 258048 c:\windows\system32\nvrssk.dll + 2010-06-07 15:35 . 2010-06-07 15:35 270336 c:\windows\system32\nvrsru.dll + 2010-06-07 15:35 . 2010-06-07 15:35 270336 c:\windows\system32\nvrsptb.dll + 2010-06-07 15:35 . 2010-06-07 15:35 274432 c:\windows\system32\nvrspt.dll + 2010-06-07 15:35 . 2010-06-07 15:35 258048 c:\windows\system32\nvrspl.dll + 2010-06-07 15:35 . 2010-06-07 15:35 253952 c:\windows\system32\nvrsno.dll + 2010-06-07 15:35 . 2010-06-07 15:35 274432 c:\windows\system32\nvrsnl.dll + 2010-06-07 15:35 . 2010-06-07 15:35 266240 c:\windows\system32\nvrsko.dll + 2010-06-07 15:35 . 2010-06-07 15:35 270336 c:\windows\system32\nvrsja.dll + 2010-06-07 15:35 . 2010-06-07 15:35 282624 c:\windows\system32\nvrsit.dll + 2010-06-07 15:35 . 2010-06-07 15:35 262144 c:\windows\system32\nvrshu.dll + 2010-06-07 15:35 . 2010-06-07 15:35 331776 c:\windows\system32\nvrshe.dll + 2010-06-07 15:35 . 2010-06-07 15:35 286720 c:\windows\system32\nvrsfr.dll + 2010-06-07 15:35 . 2010-06-07 15:35 249856 c:\windows\system32\nvrsfi.dll + 2010-06-07 15:35 . 2010-06-07 15:35 274432 c:\windows\system32\nvrsesm.dll + 2010-06-07 15:35 . 2010-06-07 15:35 282624 c:\windows\system32\nvrses.dll + 2010-06-07 15:35 . 2010-06-07 15:35 249856 c:\windows\system32\nvrseng.dll + 2010-06-07 15:35 . 2010-06-07 15:35 282624 c:\windows\system32\nvrsel.dll + 2010-06-07 15:35 . 2010-06-07 15:35 278528 c:\windows\system32\nvrsde.dll + 2010-06-07 15:35 . 2010-06-07 15:35 253952 c:\windows\system32\nvrsda.dll + 2010-06-07 15:35 . 2010-06-07 15:35 249856 c:\windows\system32\nvrscs.dll + 2010-06-07 15:35 . 2010-06-07 15:35 335872 c:\windows\system32\nvrsar.dll + 2010-06-07 15:35 . 2010-06-07 15:35 110696 c:\windows\system32\nvmctray.dll + 2010-06-07 15:35 . 2010-06-07 15:35 277608 c:\windows\system32\nvmccs.dll + 2010-06-07 15:35 . 2010-06-07 15:35 145000 c:\windows\system32\nvcolor.exe - 2006-03-24 12:00 . 2009-03-08 03:32 611840 c:\windows\system32\mstime.dll + 2006-03-24 12:00 . 2010-05-06 10:31 611840 c:\windows\system32\mstime.dll - 2006-09-29 11:30 . 2008-04-14 02:22 346624 c:\windows\system32\mspaint.exe + 2006-09-29 11:30 . 2009-12-17 07:40 346624 c:\windows\system32\mspaint.exe + 2006-11-07 20:03 . 2010-05-06 10:31 599040 c:\windows\system32\msfeeds.dll + 2009-11-06 23:07 . 2009-11-06 23:07 297808 c:\windows\system32\mscoree.dll + 2010-06-16 07:38 . 2010-06-16 07:38 231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe - 2006-03-24 12:00 . 2009-06-22 06:45 726528 c:\windows\system32\jscript.dll + 2006-03-24 12:00 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll + 2010-07-29 08:38 . 2010-07-17 03:00 153376 c:\windows\system32\javaws.exe - 2009-11-13 22:27 . 2009-11-13 22:26 145184 c:\windows\system32\javaw.exe + 2010-07-29 08:38 . 2010-07-17 03:00 145184 c:\windows\system32\javaw.exe - 2009-11-13 22:27 . 2009-11-13 22:26 145184 c:\windows\system32\java.exe + 2010-07-29 08:38 . 2010-07-17 03:00 145184 c:\windows\system32\java.exe + 2006-09-29 11:34 . 2010-01-29 14:59 691712 c:\windows\system32\inetcomm.dll - 2006-09-29 11:34 . 2008-04-11 19:04 691712 c:\windows\system32\inetcomm.dll + 2006-03-24 12:00 . 2010-05-06 10:31 184320 c:\windows\system32\iepeers.dll - 2006-03-24 12:00 . 2009-08-29 07:54 184320 c:\windows\system32\iepeers.dll + 2006-03-24 12:00 . 2010-05-06 10:31 387584 c:\windows\system32\iedkcs32.dll - 2006-03-24 12:00 . 2009-08-29 07:54 387584 c:\windows\system32\iedkcs32.dll + 2006-03-24 12:00 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe - 2006-03-24 12:00 . 2009-08-28 10:35 173056 c:\windows\system32\ie4uinit.exe + 2006-09-29 12:23 . 2010-07-08 18:03 238352 c:\windows\system32\FNTCACHE.DAT + 2006-03-24 12:00 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys + 2006-03-24 12:00 . 2009-12-31 16:50 353792 c:\windows\system32\drivers\srv.sys + 2006-03-24 12:00 . 2010-02-24 13:11 455680 c:\windows\system32\drivers\mrxsmb.sys + 2006-03-24 12:00 . 2009-10-20 16:20 265728 c:\windows\system32\drivers\http.sys + 2009-09-02 08:10 . 2010-03-01 08:05 124784 c:\windows\system32\drivers\avipbb.sys + 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll - 2006-03-24 12:00 . 2009-08-29 07:54 916480 c:\windows\system32\dllcache\wininet.dll + 2006-03-24 12:00 . 2010-05-06 10:31 916480 c:\windows\system32\dllcache\wininet.dll + 2008-12-16 12:30 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll + 2008-05-09 10:54 . 2010-03-10 06:15 420352 c:\windows\system32\dllcache\vbscript.dll - 2008-05-09 10:54 . 2009-03-08 03:33 420352 c:\windows\system32\dllcache\vbscript.dll + 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys - 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\system32\dllcache\t2embed.dll + 2009-06-16 14:36 . 2009-10-15 16:28 119808 c:\windows\system32\dllcache\t2embed.dll + 2008-10-16 07:07 . 2009-12-31 16:50 353792 c:\windows\system32\dllcache\srv.sys + 2009-01-07 17:20 . 2009-12-08 09:23 474624 c:\windows\system32\dllcache\shlwapi.dll - 2009-01-07 17:20 . 2009-01-07 17:20 474624 c:\windows\system32\dllcache\shlwapi.dll + 2009-10-12 13:38 . 2009-10-12 13:38 150528 c:\windows\system32\dllcache\rastls.dll - 2006-03-24 12:00 . 2009-08-29 07:54 206848 c:\windows\system32\dllcache\occache.dll + 2006-03-24 12:00 . 2010-05-06 10:31 206848 c:\windows\system32\dllcache\occache.dll + 2009-10-13 10:32 . 2009-10-13 10:32 271360 c:\windows\system32\dllcache\oakley.dll - 2006-03-24 12:00 . 2009-03-08 03:32 611840 c:\windows\system32\dllcache\mstime.dll + 2006-03-24 12:00 . 2010-05-06 10:31 611840 c:\windows\system32\dllcache\mstime.dll + 2009-12-17 07:40 . 2009-12-17 07:40 346624 c:\windows\system32\dllcache\mspaint.exe + 2007-05-09 07:29 . 2010-05-06 10:31 599040 c:\windows\system32\dllcache\msfeeds.dll + 2008-11-12 21:54 . 2010-02-24 13:11 455680 c:\windows\system32\dllcache\mrxsmb.sys + 2008-05-09 10:54 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll - 2008-05-09 10:54 . 2009-06-22 06:45 726528 c:\windows\system32\dllcache\jscript.dll + 2008-08-16 07:31 . 2010-01-29 14:59 691712 c:\windows\system32\dllcache\inetcomm.dll - 2008-08-16 07:31 . 2008-04-11 19:04 691712 c:\windows\system32\dllcache\inetcomm.dll + 2009-11-19 10:54 . 2010-05-06 10:31 247808 c:\windows\system32\dllcache\ieproxy.dll + 2006-03-24 12:00 . 2010-05-06 10:31 184320 c:\windows\system32\dllcache\iepeers.dll - 2006-03-24 12:00 . 2009-08-29 07:54 184320 c:\windows\system32\dllcache\iepeers.dll + 2006-03-24 12:00 . 2010-05-06 10:31 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2006-03-24 12:00 . 2009-08-29 07:54 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2006-03-24 12:00 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe - 2006-03-24 12:00 . 2009-08-28 10:35 173056 c:\windows\system32\dllcache\ie4uinit.exe + 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys + 2010-04-20 05:29 . 2010-04-20 05:29 285696 c:\windows\system32\dllcache\atmfd.dll + 2010-02-12 04:33 . 2010-02-12 04:33 100864 c:\windows\system32\dllcache\6to4svc.dll + 2006-03-24 12:00 . 2010-04-20 05:29 285696 c:\windows\system32\atmfd.dll - 2006-03-24 12:00 . 2008-04-14 02:20 285696 c:\windows\system32\atmfd.dll + 2006-03-24 12:00 . 2010-02-12 04:33 100864 c:\windows\system32\6to4svc.dll + 2010-03-30 22:16 . 2010-03-30 22:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll + 2010-04-07 21:48 . 2010-04-07 21:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll - 2008-07-29 18:16 . 2008-07-29 18:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll + 2010-04-07 21:48 . 2010-04-07 21:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll + 2010-03-23 03:31 . 2010-03-23 03:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll - 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2010-02-09 10:22 . 2010-02-09 10:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll - 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll + 2010-03-31 12:51 . 2010-03-31 12:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll - 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll + 2010-03-31 12:49 . 2010-03-31 12:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2010-03-31 13:32 . 2010-03-31 13:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2010-06-12 07:13 . 2006-03-31 09:27 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2006-02-03 05:40 578560 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2005-12-05 15:20 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2005-09-28 12:11 577536 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2005-07-22 15:21 577024 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2005-05-26 13:15 576000 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2005-03-18 15:23 567296 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2005-02-05 17:32 563712 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2005-03-18 14:23 223232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll + 2010-06-12 07:13 . 2005-03-18 14:23 178176 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll + 2010-06-12 07:13 . 2005-03-18 14:23 364544 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll + 2010-06-12 07:13 . 2005-03-18 14:23 159232 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll + 2010-06-12 07:13 . 2005-03-18 14:23 145920 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll + 2010-06-12 07:13 . 2005-03-18 14:23 473600 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll + 2010-02-24 22:14 . 2010-02-24 22:14 543232 c:\windows\Installer\b8b66.msp + 2010-07-08 13:36 . 2010-07-08 13:36 429568 c:\windows\Installer\b8b5a.msi + 2010-07-29 08:39 . 2010-07-29 08:39 180224 c:\windows\Installer\308b4d.msi + 2010-07-08 13:55 . 2009-08-29 07:54 916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll + 2010-07-08 13:55 . 2010-02-22 14:22 388984 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll + 2010-07-08 13:55 . 2008-07-08 13:00 234872 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe + 2010-07-08 13:55 . 2009-08-29 07:54 206848 c:\windows\ie8updates\KB982381-IE8\occache.dll + 2010-07-08 13:55 . 2009-03-08 03:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll + 2010-07-08 13:55 . 2009-08-29 07:54 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll + 2010-07-08 13:55 . 2009-08-29 07:54 246272 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll + 2010-07-08 13:55 . 2009-08-29 07:54 184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll + 2010-07-08 13:55 . 2009-03-08 03:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll + 2010-07-08 13:55 . 2009-08-29 07:54 387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll + 2010-07-08 13:55 . 2009-08-28 10:35 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe + 2010-07-08 13:45 . 2009-03-08 03:33 420352 c:\windows\ie8updates\KB981332-IE8\vbscript.dll + 2010-07-08 13:45 . 2009-05-26 11:40 388984 c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll + 2010-07-08 13:45 . 2009-05-26 11:40 234872 c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe + 2010-07-08 14:03 . 2008-07-08 13:00 388984 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll + 2010-07-08 14:03 . 2008-07-08 13:00 234872 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe + 2010-07-08 14:03 . 2009-06-22 06:45 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll + 2008-11-12 21:54 . 2010-02-24 13:11 455680 c:\windows\Driver Cache\i386\mrxsmb.sys + 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\Driver Cache\i386\http.sys + 2010-07-08 14:02 . 2010-07-08 14:02 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b7482fc9\System.Drawing.dll + 2010-07-08 14:02 . 2010-07-08 14:02 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_69663f97\System.Drawing.Design.dll + 2010-07-08 14:02 . 2010-07-08 14:02 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_30ce2e99\CustomMarshalers.dll + 2010-07-08 13:48 . 2010-07-08 13:48 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe + 2010-07-08 14:01 . 2010-07-08 14:01 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b3a9fac9aea3ad913781fafbdcbb0cae\WindowsFormsIntegration.ni.dll + 2010-07-08 14:01 . 2010-07-08 14:01 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\4131a3627fec69291dbaed236f30dc65\UIAutomationClient.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\747e84d81d1de2041661f0f71b04734a\System.Xml.Linq.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e8ef769b3e899e62b26daadee50b97ed\System.Web.Extensions.Design.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ad04fe1182e55e7c01066b62a4bee6b5\System.Web.Entity.Design.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\f90965b9d9a6a6604c9a66f57c37c026\System.Net.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e6bd59fec415e273c173170c6508180a\System.Management.Instrumentation.ni.dll + 2010-07-08 13:47 . 2010-07-08 13:47 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e3eb86170cba4c80e6e22ca33c63c218\System.IO.Log.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cfa48936affc9a5fb89f0bf66cc52a47\System.IdentityModel.Selectors.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.Wrapper.dll + 2010-07-08 13:49 . 2010-07-08 13:49 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.ni.dll + 2010-07-08 13:45 . 2010-07-08 13:45 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\aeba6820f20655dec7fe0fe05aaeb818\System.Drawing.Design.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9ef70079beca3a9982a3aa76ebc0ddd8\System.DirectoryServices.Protocols.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\277619716d9136216065bea970365c65\System.DirectoryServices.AccountManagement.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\90b67e13866b176ae6cbdb23144f724d\System.Data.Services.Client.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\131a477d41a8669b15696128b94c2636\System.Data.Services.Design.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\d4990681ce373d81a52b231ee4c4afea\System.Data.Entity.Design.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\9e9d66a3a0e16fceead505c25af569eb\System.Data.DataSetExtensions.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\39e4f9a276fb12125d8a1444d8b65a84\System.Configuration.Install.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\849916c5cb3ff7763d15a3976766c2f6\System.AddIn.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\f38a426b90e6c526dcb2c435c7380450\SMSvcHost.ni.exe + 2010-07-08 13:48 . 2010-07-08 13:48 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6cabc7d1700c224e8b41ff2f96a3087c\SMDiagnostics.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5c8f5ca36498f43980d64820d8186c8a\ServiceModelReg.ni.exe + 2010-07-08 14:00 . 2010-07-08 14:00 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a10c2c7e38291c3ada631ad13e762818\PresentationFramework.Aero.ni.dll + 2010-07-08 14:00 . 2010-07-08 14:00 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7579c76fa81eb309d3170b62467be58d\PresentationFramework.Luna.ni.dll + 2010-07-08 14:00 . 2010-07-08 14:00 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bef0992fb684e71dbfab5c0a99316af\PresentationFramework.Classic.ni.dll + 2010-07-08 14:00 . 2010-07-08 14:00 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2f6687d394813d760496f60acf046384\PresentationFramework.Royale.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7700963610c1af364aa934c3c824b7b4\MSBuild.ni.exe + 2010-07-08 13:48 . 2010-07-08 13:48 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c74d4c69c49992dfb23ba512081dc3de\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a6a9f24b1a8984eaafbabb1ee968e359\Microsoft.Build.Utilities.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\2fa81d363cb1496be2427d848a867409\Microsoft.Build.Utilities.v3.5.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c4c360df9c1024ebc3f0de77f5cf8b1c\Microsoft.Build.Engine.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c9386dcd89c2518a74115f3bfd861830\Microsoft.Build.Conversion.v3.5.ni.dll + 2010-07-08 13:47 . 2010-07-08 13:47 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\abb62e3ed74c974f0282bc7ea5d3f1c1\ComSvcConfig.ni.exe + 2010-07-08 13:48 . 2010-07-08 13:48 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\6d34f00b6a782d15bec70d6cdb00b5e8\AspNetMMCExt.ni.dll - 2009-11-19 18:55 . 2009-11-19 18:55 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2010-07-08 13:58 . 2010-07-08 13:58 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2009-11-19 18:55 . 2009-11-19 18:55 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2010-07-08 13:58 . 2010-07-08 13:58 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2010-07-08 13:58 . 2010-07-08 13:58 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2009-11-19 18:55 . 2009-11-19 18:55 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2009-11-19 18:55 . 2009-11-19 18:55 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2010-07-08 13:58 . 2010-07-08 13:58 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2010-07-08 13:42 . 2010-07-08 13:42 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll + 2010-07-08 13:58 . 2010-07-08 13:58 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2009-11-19 18:55 . 2009-11-19 18:55 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2010-07-08 13:58 . 2010-07-08 13:58 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2009-11-19 18:55 . 2009-11-19 18:55 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2009-11-19 18:55 . 2009-11-19 18:55 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2010-07-08 13:58 . 2010-07-08 13:58 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2009-11-19 18:55 . 2009-11-19 18:55 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2010-07-08 13:58 . 2010-07-08 13:58 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2010-07-08 13:42 . 2010-07-08 13:42 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2010-07-08 13:58 . 2010-07-08 13:58 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2009-11-19 18:55 . 2009-11-19 18:55 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2010-07-08 13:58 . 2010-07-08 13:58 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2009-11-19 18:55 . 2009-11-19 18:55 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2010-07-08 13:58 . 2010-07-08 13:58 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2009-11-19 18:55 . 2009-11-19 18:55 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2009-11-19 18:55 . 2009-11-19 18:55 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2010-07-08 13:58 . 2010-07-08 13:58 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2009-11-19 18:55 . 2009-11-19 18:55 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2010-07-08 13:58 . 2010-07-08 13:58 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2010-07-08 13:58 . 2010-07-08 13:58 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2009-11-19 18:55 . 2009-11-19 18:55 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2010-07-08 13:58 . 2010-07-08 13:58 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2009-11-19 18:55 . 2009-11-19 18:55 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2010-07-08 13:42 . 2010-07-08 13:42 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll - 2009-11-19 11:10 . 2009-11-19 11:10 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll + 2010-07-08 13:58 . 2010-07-08 13:58 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2009-11-19 18:55 . 2009-11-19 18:55 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2010-07-08 13:58 . 2010-07-08 13:58 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2009-11-19 18:55 . 2009-11-19 18:55 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2010-07-08 13:58 . 2010-07-08 13:58 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2009-11-19 18:55 . 2009-11-19 18:55 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2009-11-19 18:55 . 2009-11-19 18:55 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2010-07-08 13:58 . 2010-07-08 13:58 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2009-11-19 18:55 . 2009-11-19 18:55 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2010-07-08 13:58 . 2010-07-08 13:58 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2009-11-19 18:55 . 2009-11-19 18:55 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2010-07-08 13:58 . 2010-07-08 13:58 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2010-07-08 13:58 . 2010-07-08 13:58 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2009-11-19 18:55 . 2009-11-19 18:55 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2009-11-19 18:55 . 2009-11-19 18:55 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2010-07-08 13:58 . 2010-07-08 13:58 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2009-11-19 18:55 . 2009-11-19 18:55 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2010-07-08 13:58 . 2010-07-08 13:58 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2010-07-08 13:58 . 2010-07-08 13:58 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - 2009-11-19 18:55 . 2009-11-19 18:55 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2010-07-08 13:58 . 2010-07-08 13:58 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2009-11-19 18:55 . 2009-11-19 18:55 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2010-06-12 07:13 . 2010-06-12 07:13 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2010-06-12 07:13 . 2010-06-12 07:13 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2010-06-12 07:13 . 2010-06-12 07:13 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2010-06-12 07:13 . 2010-06-12 07:13 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll + 2010-06-12 07:13 . 2010-06-12 07:13 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2010-06-12 07:13 . 2010-06-12 07:13 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2010-06-12 07:13 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2010-06-12 07:13 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2010-06-12 07:13 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2010-06-12 07:13 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2010-06-12 07:13 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2010-06-12 07:13 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2010-06-12 07:13 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2010-06-12 07:13 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2006-03-24 12:00 . 2009-11-21 15:54 471552 c:\windows\AppPatch\aclayers.dll + 2008-07-29 07:05 . 2008-07-29 07:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll - 2008-07-29 06:05 . 2008-07-29 06:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll - 2008-07-29 06:05 . 2008-07-29 06:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll + 2008-07-29 07:05 . 2008-07-29 07:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll + 2009-07-20 22:03 . 2009-07-20 22:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll + 2006-03-24 12:00 . 2010-04-03 02:27 2334720 c:\windows\system32\WMVCore.dll + 2006-03-24 12:00 . 2010-05-06 10:31 1209344 c:\windows\system32\urlmon.dll + 2007-02-16 08:03 . 2010-07-18 19:07 1072116 c:\windows\system32\Restore\rstrlog.dat + 2010-07-07 17:29 . 2006-10-06 14:38 5644288 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvoglnt.dll + 2010-07-07 17:29 . 2006-10-06 14:38 7700480 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcpl.dll + 2010-07-07 17:29 . 2006-10-06 14:38 3992608 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nv4_mini.sys + 2010-07-07 17:29 . 2006-10-06 14:38 4526592 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nv4_disp.dll + 2006-03-24 12:00 . 2010-02-05 18:25 1297408 c:\windows\system32\quartz.dll + 2006-03-24 12:00 . 2010-02-16 19:04 2148864 c:\windows\system32\ntoskrnl.exe + 2004-08-04 00:50 . 2010-02-16 19:04 2027008 c:\windows\system32\ntkrnlpa.exe + 2008-09-18 22:04 . 2009-07-31 08:02 1372672 c:\windows\system32\msxml6.dll + 2009-07-20 22:05 . 2009-07-20 22:05 1348432 c:\windows\system32\msxml4.dll + 2006-03-24 12:00 . 2009-07-31 04:32 1172480 c:\windows\system32\msxml3.dll + 2006-03-24 12:00 . 2010-05-06 10:31 5950976 c:\windows\system32\mshtml.dll + 2010-01-27 01:07 . 2010-06-16 07:38 5612496 c:\windows\system32\Macromed\Flash\NPSWF32.dll + 2006-10-17 10:57 . 2010-05-06 10:31 1985536 c:\windows\system32\iertutil.dll - 2006-10-17 10:57 . 2009-08-29 07:54 1985536 c:\windows\system32\iertutil.dll + 2006-03-24 12:00 . 2010-04-03 02:27 2334720 c:\windows\system32\dllcache\WMVCore.dll + 2008-10-16 07:07 . 2010-05-02 08:05 1851392 c:\windows\system32\dllcache\win32k.sys + 2006-03-24 12:00 . 2010-05-06 10:31 1209344 c:\windows\system32\dllcache\urlmon.dll + 2008-05-07 05:10 . 2010-02-05 18:25 1297408 c:\windows\system32\dllcache\quartz.dll + 2008-10-16 07:07 . 2010-02-17 12:04 2192256 c:\windows\system32\dllcache\ntoskrnl.exe + 2008-10-16 07:07 . 2010-02-16 19:04 2027008 c:\windows\system32\dllcache\ntkrpamp.exe + 2008-10-16 07:07 . 2010-02-16 19:04 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-10-16 07:07 . 2010-02-16 19:04 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe + 2008-09-18 22:04 . 2009-07-31 08:02 1372672 c:\windows\system32\dllcache\msxml6.dll + 2008-11-12 21:54 . 2009-07-31 04:32 1172480 c:\windows\system32\dllcache\msxml3.dll + 2009-08-14 17:38 . 2010-01-29 14:59 1315328 c:\windows\system32\dllcache\msoe.dll - 2009-08-14 17:38 . 2009-07-10 13:26 1315328 c:\windows\system32\dllcache\msoe.dll + 2006-03-24 12:00 . 2010-05-06 10:31 5950976 c:\windows\system32\dllcache\mshtml.dll - 2007-05-09 07:29 . 2009-08-29 07:54 1985536 c:\windows\system32\dllcache\iertutil.dll + 2007-05-09 07:29 . 2010-05-06 10:31 1985536 c:\windows\system32\dllcache\iertutil.dll + 2009-11-06 23:06 . 2009-11-06 23:06 1130824 c:\windows\system32\dfshim.dll + 2010-06-12 07:13 . 2006-03-31 10:40 2388176 c:\windows\system32\d3dx9_30.dll + 2010-06-12 07:13 . 2006-02-03 06:43 2332368 c:\windows\system32\d3dx9_29.dll + 2010-06-12 07:13 . 2005-12-05 16:09 2323664 c:\windows\system32\d3dx9_28.dll + 2010-06-12 07:13 . 2005-07-22 17:59 2319568 c:\windows\system32\d3dx9_27.dll + 2010-06-12 07:13 . 2005-05-26 13:34 2297552 c:\windows\system32\d3dx9_26.dll + 2010-06-12 07:13 . 2005-03-18 15:19 2337488 c:\windows\system32\d3dx9_25.dll + 2010-06-12 07:13 . 2005-02-05 17:45 2222800 c:\windows\system32\d3dx9_24.dll + 2010-04-07 21:48 . 2010-04-07 21:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll + 2010-03-23 03:32 . 2010-03-23 03:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll - 2008-11-25 03:59 . 2008-11-25 03:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2010-03-23 03:32 . 2010-03-23 03:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2010-04-01 09:42 . 2010-04-01 09:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll - 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll - 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll + 2010-04-01 09:42 . 2010-04-01 09:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll + 2010-03-31 12:50 . 2010-03-31 12:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll + 2010-03-31 12:50 . 2010-03-31 12:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2010-04-01 09:42 . 2010-04-01 09:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2010-06-12 07:13 . 2004-12-01 13:53 2846720 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2004-09-29 10:38 2676224 c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll + 2010-04-11 20:17 . 2010-04-11 20:17 2607104 c:\windows\Installer\b8b73.msp + 2010-04-11 20:17 . 2010-04-11 20:17 4210688 c:\windows\Installer\b8b72.msp + 2010-04-15 08:16 . 2010-04-15 08:16 1235968 c:\windows\Installer\43420f.msi + 2010-07-29 09:38 . 2010-07-29 09:38 1094656 c:\windows\Installer\35acad.msi + 2009-11-08 22:25 . 2009-11-08 22:25 1935360 c:\windows\Installer\1e7595.msp + 2010-07-08 13:55 . 2009-08-29 07:54 1208832 c:\windows\ie8updates\KB982381-IE8\urlmon.dll + 2010-07-08 13:55 . 2009-10-22 09:16 5939712 c:\windows\ie8updates\KB982381-IE8\mshtml.dll + 2010-07-08 13:55 . 2009-08-29 07:54 1985536 c:\windows\ie8updates\KB982381-IE8\iertutil.dll + 2008-10-16 07:07 . 2010-02-17 12:04 2192256 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2008-10-16 07:07 . 2010-02-16 19:04 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2008-10-16 07:07 . 2010-02-16 19:04 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2008-10-16 07:07 . 2010-02-16 19:04 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2010-07-08 14:02 . 2010-07-08 14:02 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_61899a3e\System.dll + 2010-07-08 14:01 . 2010-07-08 14:01 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_0c3a21de\System.dll + 2010-07-08 14:02 . 2010-07-08 14:02 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_d75f9eaa\System.Xml.dll + 2010-07-08 14:01 . 2010-07-08 14:01 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_0406f836\System.Xml.dll + 2010-07-08 14:02 . 2010-07-08 14:02 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_befc6435\System.Windows.Forms.dll + 2010-07-08 14:01 . 2010-07-08 14:01 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_0a075b53\System.Windows.Forms.dll + 2010-07-08 14:02 . 2010-07-08 14:02 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_e78bb713\System.Drawing.dll + 2010-07-08 14:02 . 2010-07-08 14:02 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_fd40100a\System.Design.dll + 2010-07-08 14:02 . 2010-07-08 14:02 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_8a8a4e89\System.Design.dll + 2010-07-08 14:02 . 2010-07-08 14:02 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_beec7aec\mscorlib.dll + 2010-07-08 14:02 . 2010-07-08 14:02 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_31f06c26\mscorlib.dll + 2010-07-08 13:59 . 2010-07-08 13:59 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d63164ac4ed5adabc6a1b0fdf07eee05\WindowsBase.ni.dll + 2010-07-08 14:01 . 2010-07-08 14:01 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\d8549ce90b26cdc3071224ab6f020189\UIAutomationClientsideProviders.ni.dll + 2010-07-08 13:42 . 2010-07-08 13:42 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll + 2010-07-08 13:45 . 2010-07-08 13:45 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\016b75f60a18535c8d6b3e5d861ab559\System.WorkflowServices.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6dacae37d337004345518976fb57099e\System.Workflow.Runtime.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c7b832bbc5bb11c6c7f128c801ce90d7\System.Workflow.ComponentModel.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\b9ea6ea910293cd6f13f765775867ebd\System.Workflow.Activities.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8ef8d556899a4a10b7f288a80925489f\System.Web.Services.ni.dll + 2010-07-08 13:50 . 2010-07-08 13:50 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\5dfda43f1991ee6ba345d62b2be4801c\System.Web.Mobile.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f08b3b8cdf548e3dfe61f342536175eb\System.Web.Extensions.ni.dll + 2010-07-08 13:45 . 2010-07-08 13:45 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2d6a5dbee4506bf643b853e41668afa3\System.Speech.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\169fe0ad9d59982a2a6b89779c09885b\System.ServiceModel.Web.ni.dll + 2010-07-08 13:47 . 2010-07-08 13:47 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll + 2010-07-08 14:01 . 2010-07-08 14:01 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\af217ef58e5558991f331d482c2bdba6\System.Printing.ni.dll + 2010-07-08 13:47 . 2010-07-08 13:47 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\ad4fb86064d7a1ebcb9ee997e7208ac1\System.IdentityModel.ni.dll + 2010-07-08 13:45 . 2010-07-08 13:45 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7deab2494d53763cd83c567e71e0d8e0\System.DirectoryServices.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\b81efadfee7702624b713c6d86f7e369\System.Deployment.ni.dll + 2010-07-08 13:44 . 2010-07-08 13:44 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f71abf392c5ca05a4e46a5d1c4c72856\System.Data.SqlXml.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\5e6311aff5ada83d0f854922fa62faf6\System.Data.Services.ni.dll + 2010-07-08 13:44 . 2010-07-08 13:44 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3ba3367d03779ad6e76c5d4cdfe572a\System.Data.Linq.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6abf820d8ec57a0561c3367727d274df\System.Data.Entity.ni.dll + 2010-07-08 13:44 . 2010-07-08 13:44 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e98726349766935ec0e9b980f19a046a\System.Core.ni.dll + 2010-07-08 14:01 . 2010-07-08 14:01 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\57abb757c1f38586390dcc63bf056322\ReachFramework.ni.dll + 2010-07-08 14:00 . 2010-07-08 14:00 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\0095ba60255d4addaf5b8ebee697a027\PresentationUI.ni.dll + 2010-07-08 13:42 . 2010-07-08 13:42 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\20ef773b20f6ce721ae60e5c2c2e8f80\PresentationBuildTasks.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\935b855860088a86bb65d37a19f059cc\Microsoft.VisualBasic.ni.dll + 2010-07-08 13:47 . 2010-07-08 13:47 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\7a266de493d30eed21cb60ebe300be53\Microsoft.Transactions.Bridge.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\9db8f9f7fe63ca4451bb5316a3ebb009\Microsoft.JScript.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\c96be82d6cb00367db4e3553272165ef\Microsoft.Build.Tasks.v3.5.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3815de5b052187b5d9375681a6784255\Microsoft.Build.Tasks.ni.dll + 2010-07-08 13:48 . 2010-07-08 13:48 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\43fc6723d08e9ce88701c29653efd224\Microsoft.Build.Engine.ni.dll + 2010-07-08 13:59 . 2010-07-08 13:59 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2010-07-08 13:58 . 2010-07-08 13:58 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2010-07-08 13:58 . 2010-07-08 13:58 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2009-11-19 18:55 . 2009-11-19 18:55 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2010-07-08 13:58 . 2010-07-08 13:58 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - 2009-11-19 18:55 . 2009-11-19 18:55 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2010-07-08 13:42 . 2010-07-08 13:42 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll + 2010-07-08 13:58 . 2010-07-08 13:58 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2009-11-19 18:55 . 2009-11-19 18:55 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2010-07-08 13:59 . 2010-07-08 13:59 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2010-07-08 13:58 . 2010-07-08 13:58 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2009-11-19 18:54 . 2009-11-19 18:55 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2010-07-08 13:58 . 2010-07-08 13:58 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2009-11-19 18:55 . 2009-11-19 18:55 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2009-11-19 11:10 . 2009-11-19 11:10 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2010-07-08 13:59 . 2010-07-08 13:59 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - 2009-11-19 18:55 . 2009-11-19 18:55 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2010-07-08 13:58 . 2010-07-08 13:58 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2009-10-22 12:11 . 2009-10-22 12:11 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2010-07-08 14:01 . 2010-07-08 14:01 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2010-07-08 14:01 . 2010-07-08 14:01 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll - 2009-10-22 12:11 . 2009-10-22 12:11 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll + 2010-06-12 07:13 . 2010-06-12 07:13 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-12 07:13 . 2010-06-12 07:13 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2010-06-07 15:35 . 2010-06-07 15:35 13902440 c:\windows\system32\nvcpl.dll + 2006-09-29 12:35 . 2010-07-02 19:39 34045896 c:\windows\system32\MRT.exe + 2006-11-07 20:03 . 2010-05-06 10:31 11076096 c:\windows\system32\ieframe.dll + 2006-10-13 15:05 . 2010-06-07 23:57 10531200 c:\windows\system32\dllcache\nv4_mini.sys + 2007-05-09 07:29 . 2010-05-06 10:31 11076096 c:\windows\system32\dllcache\ieframe.dll + 2010-04-02 17:29 . 2010-04-02 17:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp + 2010-04-11 20:17 . 2010-04-11 20:17 14599680 c:\windows\Installer\b8b82.msp + 2010-04-02 10:30 . 2010-04-02 10:30 17456640 c:\windows\Installer\1e75c0.msp + 2010-03-30 23:23 . 2010-03-30 23:23 15638528 c:\windows\Installer\1e75a2.msp + 2010-07-08 13:55 . 2009-08-29 07:54 11069440 c:\windows\ie8updates\KB982381-IE8\ieframe.dll + 2010-07-08 13:45 . 2010-07-08 13:45 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll + 2010-07-08 13:49 . 2010-07-08 13:49 11797504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll + 2010-07-08 13:47 . 2010-07-08 13:47 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll + 2010-07-08 13:45 . 2010-07-08 13:45 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f352c5cb50bee105e4c873ca050f9f46\System.Design.ni.dll + 2010-07-08 14:00 . 2010-07-08 14:00 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\560662ada034afb6ec78a152bd9a47b5\PresentationFramework.ni.dll + 2010-07-08 14:00 . 2010-07-08 14:00 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f5dff344ac6ac923b5ade8ba1ab9382\PresentationCore.ni.dll . -- Snapshot auf jetziges Datum zurückgesetzt -- . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "RTHDCPL"="RTHDCPL.EXE" [2006-10-09 16236032] "NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "SetIcon"="\Programme\SMSC\SetIcon.exe" [2004-04-28 42496] "LanguageShortcut"="c:\programme\Home Cinema\PowerDVD\Language\Language.exe" [2006-05-18 49152] "InstantOn"="c:\programme\CyberLink\PowerCinema Linux\ion_install.exe" [2006-06-21 93640] "QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2006-10-25 282624] "SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-02-24 2372760] "SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\programme\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 57393] "IndexSearch"="c:\programme\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 40960] "SetDefPrt"="c:\programme\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152] "ControlCenter2.0"="c:\programme\Brother\ControlCenter2\brctrcen.exe" [2004-11-11 864256] "avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792] "SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-05-14 248552] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-06-07 110696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\dokumente und einstellungen\***\Startmen\Programme\Autostart\ OpenOffice.org 2.4.lnk - c:\programme\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox] 2004-01-14 01:10 409600 ----a-w- c:\programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2006-10-30 08:36 256576 ----a-w- c:\programme\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVBroadcast] 2006-10-19 22:43 814080 ----a-w- c:\programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService] 2006-10-19 13:00 151552 ----a-w- c:\programme\Home Cinema\TV Enhance\TVEService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wlconfig] 2006-03-06 12:45 1347584 ------w- c:\programme\WLAN Monitor\WLConfig.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=3 (0x3) "TVTABRDZ"=3 (0x3) "TVESched"=2 (0x2) "TVECapSvc"=2 (0x2) "gupdate"=2 (0x2) "srvcPVR"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Programme\\Messenger\\msmsgs.exe"= "c:\\Programme\\MSN Messenger\\msnmsgr.exe"= "c:\\WINDOWS\\system32\\fxsclnt.exe"= "c:\\Programme\\NetMeeting\\Conf.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programme\\iTunes\\iTunes.exe"= "c:\\Programme\\Trillian\\trillian.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "c:\\Programme\\WS_FTP\\WS_FTP95.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Programme\\TmNationsForever\\TmForever.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [08.08.2009 20:21 64288] R2 accsvc;AccSys WiFi Component;c:\programme\Gemeinsame Dateien\AccSys\accsvc.exe [11.12.2006 23:52 147456] R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [02.09.2009 10:10 135336] R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [17.10.2006 12:28 1105664] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [23.10.2006 12:37 7040] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programme\Lavasoft\Ad-Aware\AAWService.exe [24.09.2009 13:17 1181328] S4 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [15.04.2010 10:13 136176] S4 srvcPVR;Sceneo PVR Service;c:\programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe [31.10.2006 14:16 1441280] S4 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [23.10.2006 12:50 282709] S4 TVESched;TVEnhance Task Scheduler (TTS));c:\programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [23.10.2006 12:50 122971] . Inhalt des "geplante Tasks" Ordners 2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 1).job - c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10] 2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 2).job - c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10] 2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 3).job - c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10] 2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 4).job - c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10] 2010-07-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = about:blank mWindow Title = Arcor AG & Co. KG IE: Alles mit FDM herunterladen - file://c:\programme\Free Download Manager\dlall.htm IE: Auswahl mit FDM herunterladen - file://c:\programme\Free Download Manager\dlselected.htm IE: Datei mit FDM herunterladen - file://c:\programme\Free Download Manager\dllink.htm IE: Download with GetRight - c:\programme\GetRight\GRdownload.htm IE: Easy-WebPrint - Drucken - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html IE: Easy-WebPrint - Schnelldruck - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint - Vorschau - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint - Zu Druckliste hinzufügen - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Open with GetRight Browser - c:\programme\GetRight\GRbrowse.htm IE: {{1F958B09-3312-7f0e-9723-4C1324C57B20} - c:\programme\Internet Radio\Radio.exe FF - ProfilePath - c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\ FF - prefs.js: browser.startup.homepage - about:blank FF - plugin: c:\programme\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\programme\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\programme\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\programme\Mozilla Firefox\plugins\np-mswmp.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX Richtlinien ---- c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\programme\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\programme\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\programme\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - Entfernte verwaiste Registrierungseinträge - - - - MSConfigStartUp-BullGuard - c:\programme\BullGuard Software\BullGuard\bullguard.exe ************************************************************************** Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: ************************************************************************** . Zeit der Fertigstellung: 2010-07-30 22:01:46 ComboFix-quarantined-files.txt 2010-07-30 20:01 ComboFix2.txt 2009-11-22 10:48 ComboFix3.txt 2009-11-22 09:00 ComboFix4.txt 2009-11-22 08:37 ComboFix5.txt 2010-07-30 19:49 Vor Suchlauf: 20 Verzeichnis(se), 71.067.766.784 Bytes frei Nach Suchlauf: 22 Verzeichnis(se), 71.036.264.448 Bytes frei - - End Of File - - 84BC0F6BD07F607C36B253AA1B2C0E02 |
31.07.2010, 13:54 | #13 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus Anschließend den bootkit_remover herunterladen. Entpacke das Tool in einen eigenen Ordner auf dem Desktop und führe in diesem Ordner die Datei remove.exe aus. Wenn Du Windows Vista oder Windows 7 verwendest, musst Du die remover.exe über ein Rechtsklick => als Administrator ausführen Ein schwarzes Fenster wird sich öffnen und automatisch nach bösartigen Veränderungen im MBR suchen. Poste dann bitte, ob es Veränderungen gibt und wenn ja in welchem device. Am besten alles posten was die remover.exe ausgibt.
__________________ Logfiles bitte immer in CODE-Tags posten |
31.07.2010, 21:56 | #14 |
| Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? So, habe GMER ausgeführt, ist nicht abgestürzt. Hat aber ewig gedauert, mehr als 5 Stunden diesmal... Log: Code:
ATTFilter GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-07-31 22:07:23 Windows 5.1.2600 Service Pack 3 Running: pgtrnxzt.exe; Driver: C:\DOKUME~1\***\LOKALE~1\Temp\pxtdypow.sys ---- System - GMER 1.0.15 ---- SSDT F7C24126 ZwCreateKey SSDT F7C2411C ZwCreateThread SSDT F7C2412B ZwDeleteKey SSDT F7C24135 ZwDeleteValueKey SSDT F7C2413A ZwLoadKey SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwMapViewOfSection [0xF79C18D0] SSDT F7C24108 ZwOpenProcess SSDT F7C2410D ZwOpenThread SSDT F7C24144 ZwReplaceKey SSDT F7C2413F ZwRestoreKey SSDT F7C24130 ZwSetValueKey SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwShutdownSystem [0xF79C1E70] SSDT \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) ZwTerminateProcess [0xF79C1E00] ---- Kernel code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF5EB33A0, 0x592C35, 0xE8000020] .text tcpip.sys!IPTransmit + 10FC F35B5D3A 6 Bytes CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) .text tcpip.sys!IPTransmit + 2A52 F35B7690 6 Bytes CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) .text tcpip.sys!IPRegisterProtocol + 930 F35CD454 6 Bytes CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) .text wanarp.sys F77853FD 4 Bytes CALL F731B350 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) .text wanarp.sys F7785402 2 Bytes [90, 90] {NOP ; NOP } ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.) ---- Devices - GMER 1.0.15 ---- Device \Driver\Tcpip \Device\Ip wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) Device \Driver\Tcpip \Device\Tcp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB) Device \Driver\Tcpip \Device\Udp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) Device \Driver\Tcpip \Device\RawIp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) Device \Driver\Tcpip \Device\IPMULTICAST wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.) AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@j!s!i!`!r!`!e!d!\30!\30!t!e!s!m!s!y! 71230 ---- Files - GMER 1.0.15 ---- File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\az_multimedia.css 5530 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\mediaplayer.swf 33571 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\scripts.js 3514 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\scripts_prog.js 1146 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\swf_object.js 9320 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\ufo.js 10964 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\3_0_gross_augsburg.gif 4864 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\et_mmedetect.js 3397 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\et_overlay.php 886 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\overlay_get_clicks.js 6443 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\scripts.js 871 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\scripts_prog.js 1146 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\styles.css 5870 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\SK neu 03112009\Dateien\Artikel,-Maerchenhafte-Geschichten-und-schoene-alte-Volkslieder-_arid,1228169_regid,1_puid,2_pageid,4492-Dateien\puid1_pageid6_regid10_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\ET_MME~1.JS 3397 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\SK neu 03112009\Dateien\Artikel,-Maerchenhafte-Geschichten-und-schoene-alte-Volkslieder-_arid,1228169_regid,1_puid,2_pageid,4492-Dateien\puid1_pageid6_regid10_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\OVERLA~1.JS 6443 bytes File C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\SK neu 03112009\Dateien\Artikel,-Maerchenhafte-Geschichten-und-schoene-alte-Volkslieder-_arid,1228169_regid,1_puid,2_pageid,4492-Dateien\puid1_pageid6_regid10_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\styles.css 5870 bytes ---- EOF - GMER 1.0.15 ---- Konnte den PC dann (wie oben) nicht mehr manuell herunterfahren -> Kaltstart. Habe dann OSAM ausgeführt, folgendes Log: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 h**p://www.online-solutions.ru/en/ Saved at 22:40:40 on 31.07.2010 OS: Windows XP Professional Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.8 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Boot Execute] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )----- "BootExecute" - ? - C:\WINDOWS\system32\lsdelete.exe (File found, but it contains no detailed information) [Common] -----( %SystemRoot%\Tasks )----- "Ad-Aware Update (Daily 1).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe "Ad-Aware Update (Daily 2).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe "Ad-Aware Update (Daily 3).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe "Ad-Aware Update (Daily 4).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe "Ad-Aware Update (Weekly).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "ddbaccpl.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbaccpl.cpl "ddbacctm.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbacctm.cpl "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "SERVICE.CPL" - "Davilex Software bv" - C:\WINDOWS\system32\SERVICE.CPL "xhidcpl.cpl" - ? - C:\WINDOWS\system32\xhidcpl.cpl (File found, but it contains no detailed information) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "Avira AntiVir PersonalEdition Classic Konfiguration" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl (File not found) "Nero BurnRights" - "Nero AG" - C:\Programme\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl "QuickTime" - "Apple Computer, Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl "Windows Media Connect" - "Microsoft Corporation" - C:\Programme\Windows Media Connect 2\wmccpl.dll [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "AEGIS Protocol (IEEE 802.1x) v3.4.10.0" (AegisP) - "Meetinghouse Data Communications" - C:\WINDOWS\System32\DRIVERS\AegisP.sys "avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "catchme" (catchme) - ? - C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys (File not found) "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "Lbd" (Lbd) - "Lavasoft AB" - C:\WINDOWS\System32\DRIVERS\Lbd.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "MHN-Treiber" (MHNDRV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mhndrv.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "SyGate for NT, wg3n" (wg3n) - "Sygate Technologies, Inc." - C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys "Teefer for NT" (Teefer) - "Sygate Technologies, Inc." - C:\WINDOWS\System32\Drivers\Teefer.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) "wpsdrvnt" (wpsdrvnt) - "Sygate Technologies, Inc." - C:\WINDOWS\system32\drivers\wpsdrvnt.sys [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} "Microsoft Windows Media Player" - "Microsoft Corporation" - C:\WINDOWS\inf\unregmp2.exe /ShowWMP {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - ? - (File not found | COM-object registry key not found) {1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - ? - (File not found | COM-object registry key not found) {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Computer, Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} "Meine freigegebenen Ordner" - "Microsoft Corporation" - C:\Programme\MSN Messenger\fsshext.8.0.0812.00.dll {B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll {7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - ? - (File not found | COM-object registry key not found) {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll {640167b4-59b0-47a6-b335-a6b3c0695aea} "Portable Media Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\audiodev.dll {cc86590a-b60a-48e6-996b-41d25ed39a1e} "Portable Media Devices Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\audiodev.dll {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Programme\Real\RealPlayer\rpshell.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} "WMP Add To Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {8DD448E6-C188-4aed-AF92-44956194EB1F} "WMP Burn Audio CD Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} "WMP Play As Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- <binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab {15B782AF-55D8-11D1-B477-006097098764} "Macromedia Authorware Web Player Control" - "Macromedia, Inc." - C:\WINDOWS\system32\macromed\authorwa\awswax.ocx / h**p://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} "MUWebControl Class" - "Microsoft Corporation" - C:\WINDOWS\system32\muweb.dll / h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152 {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} "Office Update Installation Engine" - "Microsoft Corporation" - C:\WINDOWS\opuc.dll / h**p://office.microsoft.com/officeupdate/content/opuc3.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx / h**p://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab {17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\LegitCheckControl.DLL / h**p://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "Internet Radio by Endicosoft.com" - "EndicoSoft.com" - C:\Programme\Internet Radio\Radio.exe -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {327C2873-E90D-4c37-AA9D-10AC9BABA46C} "Easy-WebPrint" - ? - C:\Programme\Canon\Easy-WebPrint\Toolband.dll <binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll {CC59E0F9-7E43-44FA-9FAA-8377850BF205} "FDMIECookiesBHO Class" - ? - C:\Programme\Free Download Manager\iefdmcks.dll {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} "Google Dictionary Compression sdch" - "Google Inc." - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\desktop.ini "OpenOffice.org 2.4.lnk" - ? - C:\Programme\OpenOffice.org 2.4\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min "ControlCenter2.0" - "Brother Industries, Ltd." - C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun "IndexSearch" - "ScanSoft, Inc." - C:\Programme\ScanSoft\PaperPort\IndexSearch.exe "InstantOn" - ? - "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c " (File not found) "LanguageShortcut" - ? - "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe" "NeroFilterCheck" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe "NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup "NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "PaperPort PTD" - "ScanSoft, Inc." - C:\Programme\ScanSoft\PaperPort\pptd40nt.exe "QuickTime Task" - "Apple Computer, Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime "SetDefPrt" - "Brother Industories, Ltd." - C:\Programme\Brother\Brmfl04g\BrStDvPt.exe "SetIcon" - ? - \Programme\SMSC\SetIcon.exe (File not found) "SmcService" - "Sygate Technologies, Inc." - C:\PROGRA~1\Sygate\SPF\smc.exe -startgui "SSBkgdUpdate" - "Scansoft, Inc." - "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFCreator" - ? - C:\WINDOWS\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "AccSys WiFi Component" (accsvc) - "AccSys GmbH" - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe "Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Programme\CyberLink\Shared Files\RichVideo.exe "HID Input Service" (HidServ) - ? - C:\WINDOWS\System32\hidserv.dll (File not found) "iPod Service" (iPod Service) - "Apple Computer, Inc." - C:\Programme\iPod\bin\iPodService.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe "Lavasoft Ad-Aware Service" (Lavasoft Ad-Aware Service) - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe "LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe "Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE "Messenger Sharing USN Journal Reader-Service" (usnsvc) - "Microsoft Corporation" - C:\Programme\MSN Messenger\usnsvc.dll "MHN" (MHN) - "Microsoft Corporation" - C:\WINDOWS\System32\mhn.dll "NVIDIA Display Driver Service" (NVSvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe "Sygate Personal Firewall" (SmcService) - "Sygate Technologies, Inc." - C:\Programme\Sygate\SPF\smc.exe "Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Media Connect-Dienst" (WMConnectCDS) - "Microsoft Corporation" - C:\Programme\Windows Media Connect 2\wmccds.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe "X10 Device Network Service" (x10nets) - "X10" - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit h**p://forum.online-solutions.ru Code:
ATTFilter (...) Program version: 1.1.0.0 OS Version: Microsoft windows XP Professional Service Pack 3 (build 2600) System volume is \\.\C. \\.\C. -> \\.\PhysicalDrive0 at offset 0x00000000'00007e00 Boot sector MD5 is: cd38df3ac5b49526a61408de03ef0647 Size 298 GB Device Name \\.\Physical Drive0 MBR Status Unknown boot code Unknown boot code has been found on some of your physical disks. To inspect the boot code manually, dump the master boot sector: remover.exe dump <device_name> [output_file] To disinfect the master boot sector, use the following command: remover.exe fix <device_name> Done: Press any key to quit... |
01.08.2010, 19:21 | #15 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? Zuerst mal bitte - falls noch nicht getan - die Datei remover.exe (vom BootkitRemover) vom Desktop nach c:\windows\system32 kopieren! Danach die Konsole starten über Start, Ausführen, cmd eintippen, ok. Den Text im folgenden Codefeld eintippen und mit Enter/Return ausführen: Code:
ATTFilter remover.exe fix \\.\PhysicalDrive0
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? |
anschluss, antivir guard, anzeige, awareness, beim starten, bildschirm, blockiert, c:\windows\system32\rundll32.exe, c:\windows\system32\services.exe, dllhost.exe, druck, dsl, einstellungen, entfernen, forum, geforce, grafikkarte, guard, install.exe, jusched.exe, kompatibilität, launch, maus, media center, neue, nicht sicher, nt.exe, nvidia, prima, probleme, required, router, sanduhr, sched.exe, sekunden, starten, system, treiber, trojan, wichtig |