Mag sein, aber den nicht:

Zitat:

DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys []

Und den nicht:

Zitat:

S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc21.tmp []

Es finden sich zuviele Hinweise auf Befall. Also überlege dir nochmal, ob du weiter bereinigen möchtest. Als nächstes käme ComboFix zum Einsatz.

ciao, andreas

Also, hab mich grad über Combofix schlau gemacht...

In meinen Augen ist das kein Nachteil, es sei denn ich hatte die falsche Quelle...


Oder gibt's dabei irgendwelche Risiken? Schlimmer als neu aufsetzen kann's ja eig nicht werden...

Warte bis Malwarebytes durchgelaufen ist und poste das Log. Dann:

Solltest du noch irgendetwas mit dem Computer verbinden, wie Memorysticks, Speicherkarten, Digitalkameras, Handy, externe Laufwerke, ... dann stecke vor dem Scan alles an.

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

• Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.

• Dann folgende Anleitung durchlesen und abarbeiten -> CCleaner Systembereinigung

• Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

• Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
  Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

• Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

ciao, andreas

Edit:

Zitat:

Schlimmer als neu aufsetzen kann's ja eig nicht werden...

Es dauert einfach länger.

Der Scan läuft jetzt seit 2h...

Um 23Uhr werde ich abbrechen, falls er dann noch nicht fertig ist.

Lasse dann über Nacht Handy und USB-Stick angeschlossen und den Scan durchlaufen. Das Ergebnis stelle ich dann morgen früh (wenns fertig ist) hier rein.

MfG und nochmals vielen Dank für deine Hilfe

PS: Combofix und CCleaner kann ich schon installieren, nehme ich an?

Zitat:

Combofix und CCleaner kann ich schon installieren, nehme ich an?

Ja.

Zitat:

Lasse dann über Nacht Handy und USB-Stick angeschlossen und den Scan durchlaufen.

ComboFix ist schnell, maximal 20 Minuten.

Als nächstes werden wir deinstallieren, damit die Scanner, die noch zum Einsatz kommen, schneller durch sind. Du hast da ca. 10 verschiedene Javaversionen installiert.

ciao, andreas

Derzeit läuft noch der Maleware Scan, oder verzichten wir auf den?

Der läuft bei mir mittlerweile 2:50h...


Soll ich Java einfach einmal deinstallieren und neu draufmachen oder bleiben dann Reste drauf?

Zitat:

Der läuft bei mir mittlerweile 2:50h...

Ich habe hier schon Logs mit 26h gesehen.

Da ist soviel Müll auf dem Rechner, das mich wundert, dass er überhaupt noch läuft.

Zitat:

Soll ich Java einfach einmal deinstallieren und neu draufmachen oder bleiben dann Reste drauf?

Wenn du es sauber haben möchtest, deinstalliere alle, entferne die Reste mit JavaRa und installiere die aktuelle.

ciao, andreas

Hmm, wenn man vom Teufel spricht:

Zitat:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4557

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

07.09.2010 23:13:12
mbam-log-2010-09-07 (23-13-12).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|Q:\|)
Durchsuchte Objekte: 334811
Laufzeit: 2 Stunde(n), 45 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\WINDOWS\wintybrd.png (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\wintybrdf.jpg (Malware.Trace) -> Quarantined and deleted successfully.

CCleaner ist auch schon durch, werde jetzt noch den Combofix-Scan machen.
Dann muss ich aber auch erstmal weg, muss morgen früh hoch :S

Sry, dass es so lang gedauert hat, aber der hat fast eine Stunde für die Logs gebraucht:
[QUOTE]





Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 10-09-07.01 - Ich 07.09.2010  23:27:27.1.2 - FAT32x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1534.1025 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Ich\Desktop\cofi.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81C58DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81C9D65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81CB2DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {81CCC5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {FF792804-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {FFBC2BDC-FFA4-0117-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {7C920732-0013-0000-180A-960000009600}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BA13DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BAAA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BAE65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB1BC4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB4A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BB7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BC5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81BFF054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C10984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1752C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1E5DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C1FA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C20C0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C35DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C37A44-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4A83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4BDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C4D684-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C52054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C57554-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C579AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C5D984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C67BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6B054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6B65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C6E70C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C7147C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C728BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C75AC4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C83A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C89BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8CBD4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8DA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8DB5C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C8E3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C90B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C90DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C91A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C92A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9347C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C95A2C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C974C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9783C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9947C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9BA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9C27C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9C394-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9CB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9CDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9D7BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9E324-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9E34C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81C9F83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA0A94-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA1054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA13F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA15DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA229C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA265C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA2A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA33F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA3BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA4054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA668C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA72EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA76FC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7754-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7D0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA8544-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CA9894-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA48C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA4CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAA844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAAC2C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAB83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CABDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CACA3C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CACDAC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAD79C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CADC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAE3B4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAE92C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAEBF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAF054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAF9A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CAFD44-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB0ABC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB157C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB1664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB1BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2254-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB27CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2984-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2AE4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2C14-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB2CA4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB34A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB34F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB3DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4BEC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB4C24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB5054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB580C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB6A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB72F4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB774C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB7BF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB848C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB8D8C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB9A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CB9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBA2AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBA72C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBADDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBB83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBBB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBBDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBC5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBC83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBCBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBCDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBD564-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBD874-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDC74-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBDDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBE67C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBE83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBEB54-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBF65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBFA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CBFDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC08E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC0B14-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1854-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1A64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC1DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC365C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC3C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC45C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC483C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC485C-FFA4-0117-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC4BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC64CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC66EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC6DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC747C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC783C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC7B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC7BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC884C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC8DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC947C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC9BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CC9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA7D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCA84C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCBB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCC47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCC85C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCD484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCDDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCE7CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCE83C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCEA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCF47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCF65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFA34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CCFBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD0574-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD05AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD240C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD266C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD2A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD2A24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD3664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD43E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD447C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4494-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4A34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD4AF4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD55D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD58D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD5DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD6C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD6DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD7534-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD75E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD883C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD8BFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9944-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9A8C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CD9DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA49C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDA864-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDABFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDAC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDB47C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDB99C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDBDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC87C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDC97C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDCBBC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDCBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDD65C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDD7A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDDBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDEA24-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDEDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF404-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF684-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CDF7AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE0DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1784-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1B64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE1C34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE2344-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE2A3C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE3A34-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE4C04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE6494-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE6A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE7A64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE7DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CE8DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEA86C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEB5C4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEB864-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CECAD4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEEBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CEEDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFAA1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFB7B4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFBD1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81CFC054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0165C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D017BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D047A4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D06844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0C484-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0D054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0DBFC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D0E67C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D11DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D12A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D14DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D17DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D1C7BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D1FDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D20A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D236EC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D26844-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2A694-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2DB04-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D2EB64-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D37A9C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D3BDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D47DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D4BC0C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D4E3E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D545AC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D619BC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D79A1C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D8ADDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81D9570C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81DB96DC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {81DCFDDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823A3664-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C63E4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C7AB4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823C85CC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {823D1B5C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {82622694-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8285C43C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8286643C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FDC609D4-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FF59096C-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FF68F054-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFBC3DDC-FFA4-0105-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFDFF540-FFA4-0105-0D24-347CA8A3377C}
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\jestertb.dll
c:\windows\mdll.dl
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\autorun.ini
c:\windows\system32\Ijl11.dll

.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_usnjsvc


(((((((((((((((((((((((   Dateien erstellt von 2010-08-07 bis 2010-09-07  ))))))))))))))))))))))))))))))
.

2010-09-07 19:12 . 2010-09-07 19:12	--------	d-----w-	c:\programme\trend micro
2010-09-07 19:11 . 2010-09-07 19:11	--------	d-----w-	C:\rsit
2010-09-07 15:06 . 2010-09-07 15:06	--------	d-----w-	c:\windows\system32\Adobe
2010-09-07 15:00 . 2009-05-18 22:17	26600	----a-r-	c:\windows\system32\drivers\GEARAspiWDM.sys
2010-09-07 15:00 . 2008-04-17 21:12	107368	----a-r-	c:\windows\system32\GEARAspi.dll
2010-09-07 15:00 . 2010-09-07 15:00	60808	----a-w-	c:\windows\system32\S32EVNT1.DLL
2010-09-07 15:00 . 2010-09-07 15:00	124976	----a-w-	c:\windows\system32\drivers\SYMEVENT.SYS
2010-09-07 15:00 . 2010-09-07 15:00	--------	d-----w-	c:\programme\Symantec
2010-09-07 15:00 . 2010-09-07 15:00	--------	d-----w-	c:\programme\Gemeinsame Dateien\Symantec Shared
2010-09-07 14:59 . 2010-09-07 14:59	--------	d-----w-	c:\windows\system32\drivers\N360
2010-09-07 14:59 . 2010-09-07 14:59	--------	d-----w-	c:\programme\Windows Sidebar
2010-09-07 14:59 . 2010-09-07 14:59	--------	d-----w-	c:\programme\Norton 360
2010-09-07 14:59 . 2010-09-07 14:59	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton
2010-09-07 14:59 . 2010-09-07 14:59	--------	d-----w-	c:\programme\NortonInstaller
2010-09-07 14:56 . 2010-09-07 14:56	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\NortonInstaller
2010-09-06 21:29 . 2010-09-06 21:29	--------	d-----w-	C:\_OTL
2010-09-06 20:16 . 2010-09-06 20:16	--------	d-----w-	c:\dokumente und einstellungen\Ich\Anwendungsdaten\Malwarebytes
2010-09-06 20:16 . 2010-04-29 13:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-06 20:16 . 2010-09-06 20:16	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-06 20:16 . 2010-04-29 13:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-09-06 14:35 . 2010-09-06 14:35	--------	d-----w-	c:\dokumente und einstellungen\Ich\Anwendungsdaten\Mp3tag
2010-09-06 14:07 . 2010-09-06 14:07	--------	d-----w-	c:\dokumente und einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-09-02 18:30 . 2010-09-02 18:30	159072	----a-w-	c:\dokumente und einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2010-09-01 19:27 . 2010-09-01 19:27	--------	d-----w-	c:\dokumente und einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
2010-09-01 02:05 . 2010-09-01 02:05	--------	d-----w-	c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\NokiaAccount
2010-09-01 01:50 . 2010-09-01 01:50	--------	d-----w-	c:\windows\Globalization
2010-09-01 01:50 . 2010-09-01 01:50	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaMusic
2010-09-01 01:50 . 2010-09-01 01:50	--------	d-----w-	c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Nokia
2010-09-01 01:44 . 2008-08-26 08:26	18816	----a-w-	c:\windows\system32\drivers\pccsmcfd.sys
2010-09-01 01:44 . 2010-09-01 01:44	--------	d-----w-	c:\programme\PC Connectivity Solution
2010-09-01 01:43 . 2010-02-26 12:32	662016	----a-w-	c:\windows\system32\nmwcdcocls.dll
2010-09-01 01:43 . 2010-02-26 12:32	18176	----a-w-	c:\windows\system32\drivers\ccdcmb.sys
2010-09-01 01:43 . 2010-02-26 12:19	1461992	----a-w-	c:\windows\system32\wdfcoinstaller01009.dll
2010-09-01 01:40 . 2010-09-01 01:40	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
2010-08-21 16:33 . 2010-08-21 16:33	--------	d-----w-	C:\FOUND.069
2010-08-11 02:42 . 2010-08-11 02:42	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
2010-08-11 02:41 . 2010-08-11 02:41	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Blizzard
2010-08-11 02:41 . 2010-08-11 02:41	--------	d-----w-	c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Blizzard Entertainment
2010-08-11 02:39 . 2010-08-11 02:39	--------	d-----w-	c:\programme\World of Warcraft Trial

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 21:35 . 2006-01-09 17:41	4661	----a-w-	c:\windows\bthservsdp.dat
2010-09-07 15:00 . 2010-09-07 15:00	805	----a-w-	c:\windows\system32\drivers\SYMEVENT.INF
2010-09-07 15:00 . 2010-09-07 15:00	7443	----a-w-	c:\windows\system32\drivers\SYMEVENT.CAT
2010-09-06 20:19 . 2005-10-22 05:13	505354	----a-w-	c:\windows\system32\perfh007.dat
2010-09-06 20:19 . 2005-10-22 05:13	104430	----a-w-	c:\windows\system32\perfc007.dat
2010-09-02 18:40 . 2007-01-26 14:46	71688	----a-w-	c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2010-09-01 02:13 . 2010-09-01 02:13	0	---ha-w-	c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-09-01 02:12 . 2010-09-01 02:12	0	---ha-w-	c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-09-01 02:07 . 2010-09-01 02:07	0	---ha-w-	c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-09-01 02:07 . 2010-09-01 02:07	0	---ha-w-	c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-31 17:49 . 2010-07-31 17:49	--------	d-----w-	c:\programme\Gemeinsame Dateien\Skype
2010-07-17 03:00 . 2010-04-25 20:54	423656	----a-w-	c:\windows\system32\deployJava1.dll
2010-07-02 17:53 . 2010-07-02 17:53	17	----a-w-	c:\windows\system32\shortcut_ex.dat
2007-05-31 17:43 . 2007-05-31 17:43	703258	----a-w-	c:\programme\JUN2007_d3dx10_34_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43	701218	----a-w-	c:\programme\JUN2007_d3dx10_34_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43	1611772	----a-w-	c:\programme\JUN2007_d3dx9_34_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43	200646	----a-w-	c:\programme\JUN2007_XACT_x64.cab
2007-05-31 17:43 . 2007-05-31 17:43	1610203	----a-w-	c:\programme\JUN2007_d3dx9_34_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43	155892	----a-w-	c:\programme\JUN2007_XACT_x86.cab
2007-05-31 17:43 . 2007-05-31 17:43	44687	----a-w-	c:\programme\dxdllreg_x86.cab
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 08:32	279944	----a-w-	c:\programme\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\programme\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-16 68856]
"Google Update"="c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" [2009-01-06 133104]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"Steam"="d:\programme\steam\steam.exe" [2010-09-02 1242448]
"ICQ"="d:\programme\ICQ7.0\ICQ.exe" [2010-08-22 133432]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SWHelper"="c:\windows\system32\Macromed\Shockwave 10\PostUpdate.exe" [2009-12-07 53248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"type32"="c:\programme\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]
"ToADiMon.exe"="d:\programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe" [2005-06-27 278528]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" [2005-07-01 14477312]
"IntelliPoint"="c:\programme\Microsoft IntelliPoint\ipoint.exe" [2008-06-10 1406024]
"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"QuickTime Task"="d:\programme\QuickTime\QTTask.exe" [2009-11-10 417792]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"InfoCockpit"="d:\programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE" [2005-11-29 847872]

c:\dokumente und einstellungen\Ich\Startmen�\Programme\Zubeh”r\Autostart\
WKCALREM.LNK - c:\programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe [2004-7-12 15360]

c:\dokumente und einstellungen\All Users\Startmen�\Programme\Autostart\
Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Adobe Reader Speed Launch.lnk - c:\programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Ich^Startmenü^Programme^Zubehör^Autostart^Registration .LNK]
path=c:\dokumente und einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart\Registration .LNK
backup=c:\windows\pss\Registration .LNKStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ Malwarebytes Anti-Malware  (reboot)]
2010-04-29 13:39	1090952	----a-w-	d:\programme\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 02:22	1695232	------w-	c:\programme\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2010-03-04 13:10	2192672	----a-w-	c:\programme\Nokia\Ovi Player\NokiaOviPlayer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
2005-05-11 16:15	45056	----a-w-	c:\programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Profiler]
2004-01-28 07:19	159744	----a-w-	c:\programme\Saitek\Software\Profiler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-07-14 23:07	32768	----a-w-	c:\programme\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiSmart]
2004-01-28 07:19	98304	----a-w-	c:\programme\Saitek\Software\SaiSmart.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Programme\\LucasArts\\Star Wars Battlefront II\\GameData\\BattlefrontII.exe"=
"c:\\WINDOWS\\System32\\LEXPPS.EXE"=
"c:\\WINDOWS\\System32\\dplaysvr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\Programme\\T-Online\\T-Online_Software_6\\Browser\\browser.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"d:\\Programme\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"d:\\Programme\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"d:\\Programme\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Programme\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programme\\Java\\jre6\\bin\\java.exe"=
"d:\\Programme\\SiSoftware\\SiSoftware Sandra Lite 2009.SP3c\\RpcAgentSrv.exe"=
"d:\\Programme\\Counter-Strike 1.6\\hl.exe"=
"d:\\Programme\\Azureus\\Azureus.exe"=
"d:\\Programme\\LucasArts\\Star Wars Empire at War\\GameData\\sweaw.exe"=
"c:\\Programme\\Microsoft Games\\Rise Of Legends\\legends.exe"=
"d:\\Programme\\ICQ6.5\\ICQ.exe"=
"c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Programme\\SiSoftware\\SiSoftware Sandra Lite 2009.SP3c\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Programme\\TMbot\\TM.EXE"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"d:\\Programme\\Anno 1701\\Anno1701.exe"=
"d:\\Programme\\ICQ7.0\\ICQ.exe"=
"d:\\Programme\\ICQ7.0\\aolload.exe"=
"d:\\Programme\\Steam\\Steam.exe"=
"c:\\Dokumente und Einstellungen\\Ich\\Desktop\\Counter-Strike Source\\hl2.exe"=
"d:\\Programme\\League of Legends\\Air\\LolClient.exe"=
"d:\\Programme\\League of Legends\\Game\\League of Legends.exe"=
"c:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"=
"d:\\Programme\\Steam\\SteamApps\\weithoff007\\counter-strike source\\hl2.exe"=
"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"c:\\Programme\\MSN Messenger\\livecall.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"58096:TCP"= 58096:TCP:Pando Media Booster
"58096:UDP"= 58096:UDP:Pando Media Booster
"6965:TCP"= 6965:TCP:League of Legends Launcher
"6965:UDP"= 6965:UDP:League of Legends Launcher

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R3 DMSKSSRh;DMSKSSRh;c:\dokume~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys [x]
R3 MIINPazX;MIINPazX NDIS Protocol Driver;c:\progra~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS [2006-05-22 17152]
R3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver;d:\progra~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS [x]
R3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
R3 ovt530;TM507A USB Camera;c:\windows\system32\Drivers\ov530vid.sys [2005-03-15 161792]
R3 SaiH0464;SaiH0464;c:\windows\system32\DRIVERS\SaiH0464.sys [2004-01-30 55808]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;d:\programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\RpcAgentSrv.exe [2009-05-17 98488]
R3 ultradfg;ultradfg;c:\windows\system32\DRIVERS\ultradfg.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-06-15 717296]
S0 SI3112r;ATI-437A Serial ATA Controller;c:\windows\system32\DRIVERS\SI3112r.sys [2005-06-01 97920]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0402000.00C\SYMDS.SYS [2009-10-15 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100810.004\BHDrvx86.sys [2010-08-09 692272]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-26 501888]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-29 116784]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 cvhsvc;Client Virtualization Handler;c:\programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
S2 ICQ Service;ICQ Service;c:\programme\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 N360;Norton 360;c:\programme\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-26 126392]
S2 sftlist;Application Virtualization Client;c:\programme\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447832]
S3 AVerA700;A700 service;c:\windows\system32\DRIVERS\AVerBDA3x.sys [2006-05-05 985472]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-09-07 102448]
S3 IDSxpx86;IDSxpx86;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100906.001\IDSxpx86.sys [2010-08-26 331640]
S3 sftfs;sftfs;c:\programme\Microsoft Application Virtualization Client\drivers\sftfsXP.sys [2009-09-23 543064]
S3 sftplay;sftplay;c:\programme\Microsoft Application Virtualization Client\drivers\sftplayXP.sys [2009-09-23 190312]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirxp.sys [2009-09-23 21864]
S3 sftvol;sftvol;c:\programme\Microsoft Application Virtualization Client\drivers\sftvolXP.sys [2009-09-23 14680]
S3 sftvsa;Application Virtualization Service Agent;c:\programme\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]


--- Andere Dienste/Treiber im Speicher ---

*Deregistered* - mchInjDrv
.
Inhalt des "geplante Tasks" Ordners

2009-04-08 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\programme\Microsoft IntelliPoint\ipoint.exe [2008-06-10 10:56]

2010-06-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job
- c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2009-01-06 12:14]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://fullarticles.net
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\dokumente und einstellungen\Ich\Anwendungsdaten\Mozilla\Firefox\Profiles\7wx31l7l.default\
FF - prefs.js: browser.startup.homepage - schueler.cc|travian.at|youtube.com
FF - component: c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - plugin: c:\dokumente und einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\progra~1\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nppl3260.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprjplug.dll
FF - plugin: c:\program files\Real\RealPlayer\Netscape6\nprpjplug.dll
FF - plugin: c:\programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\programme\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: d:\programme\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\programme\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
d:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
d:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

SafeBoot-Wdf01000.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Free Quick Keylogger - d:\programme\WideStep Software\Free Quick Keylogger\qpanel.exe
MSConfigStartUp-RGSC - d:\programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-09-07 23:43
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\programme\Norton 360\Engine\4.2.0.12\ccSvcHst.exe\" /s \"N360\" /m \"c:\programme\Norton 360\Engine\4.2.0.12\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\c:\windows\TEMP\mc21.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-3598312876-1066895871-4027723870-1007\Software\SecuROM\License information*]
"datasecu"=hex:14,a9,b3,2e,57,83,53,50,3e,4d,f7,4d,65,e2,a6,0e,a0,97,26,59,86,
   b2,78,ae,34,bc,91,30,93,2b,a1,54,3d,20,76,99,d5,8b,cd,f3,d2,81,16,33,7a,61,\
"rkeysecu"=hex:38,0d,cf,b4,b4,16,7c,95,9c,04,ff,65,61,55,70,2b

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\Ü¥*º€Y]
"DisplayName"="??"
"DeviceDesc"="??"
"ProviderName"="?\11???\11\08"
"MFG"="?\08???"
"ReinstallString"=".10.1000.5"
"DeviceInstanceIds"=multi:"c:\\ati\\support\\5-7-igp_xp-2k_dd_cp_wdm_sb_gart_24085\\sbdrv\\smbus\\smbusati.inf\00"

[HKEY_LOCAL_MACHINE\software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5f,09,a0,6d,3a,b3,05,61,38,ea,47,b9,62,61,0b,7f,ab,c5,9e,c3,08,14,e7,
   1a,52,8e,51,0d,8b,d9,db,e6,8e,de,37,68,00,62,56,83,e0,a1,39,51,2b,08,58,6f,\
"??"=hex:64,25,87,22,fe,95,be,27,30,77,e7,7a,0a,b3,1c,5e
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(848)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(908)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll

- - - - - - - > 'explorer.exe'(504)
c:\programme\TuneUp WinStyler\WinStylerThemeHelper.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programme\ArcSoft\Software Suite\PhotoImpression\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programme\TuneUp WinStyler\WinStylerThemeSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\system32\UAService7.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\programme\Microsoft IntelliPoint\dpupdchk.exe
c:\programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-09-07  23:51:28 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-09-07 21:51

Vor Suchlauf: 20 Verzeichnis(se), 15.310.290.944 Bytes frei
Nach Suchlauf: 92 Verzeichnis(se), 15.194.652.672 Bytes frei

WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - 0236787CB6691F35BA9B2EE3988C9752
         

--- --- ---

Zitat:

Sry, dass es so lang gedauert hat

Bei dem Log wundert mich das nicht wirklich. Aber ich habe dich gewarnt.

1.) Deinstalliere:

• Adobe Flash Player 9 ActiveX (veraltet)
• Adobe Reader 7.1.0 (gnadenlos veraltet)
• Apple Software Update (unnütz)
• Avira AntiVir Personal - Free Antivirus (vermurkst dir die Registry, wird im Anschluss wieder installiert)
• Ask Toolbar (Adware)
• AVG Anti-Rootkit Free (hat es dir geholfen?)
• Azureus (Haupteinfallstor für Schädlinge)
• DAEMON Tools Toolbar (schädlich, ok, meine Meinung)
• Google Toolbar for Internet Explorer (schädlich, ok, meine Meinung)
• ICQ Toolbar (schädlich, ok, meine Meinung)
• Mozilla Firefox (3.5.11) (veraltet)
• Mozilla Thunderbird (2.0.0.24) (veraltet)
• Norton 360 (Müll, ok, meine Meinung, auch wenn du damit einen partiellen Erfolg erzielt hast)
• Registry CleanUP 2007 1.5 (potentiell gefährlich)

2.) Download und Ausführung des Norton-Entfernungsprogramms

3.) http://dlpro.antivir.com/down/window...cleaner_de.zip

4.) Poste aktuelle Logs von OTL und RSIT.

ciao, andreas

Ok, wird erledigt.

Aber wenn ich alle Virenprogramme deinstalliere, ist mein PC dann nicht ganz ohne Schutz?

LG

PS: AVG Rootkit war Müll^^

Klicke auf die letzten beiden Links in meiner Signatur. Und dann schau zusätzlich, was ich noch in diesem Thread posten werde => http://www.trojaner-board.de/90434-n...-fast-tot.html

(Gemeint ist der Absatz mit Zynismus).

ciao, andreas

Ah ok, habe ich wieder was gelernt

Wirst du nur noch in dem anderen Thread posten? Oder soll ich dort nur zusätzlich gucken?

LG

Zitat:

Oder soll ich dort nur zusätzlich gucken?

Ja. Dort werde ich ein Scan von VT posten, der beweist, dass AVPs grundsätzlich sinnlos sind und nichts mit Sicherheit zu tun haben. Sie dienen lediglich als Unterstützung. BTW: Ich benutze keines von diesen, mich schützt ausschließlich brain.exe.

Falls du wissen möchtest, was brain.exe ist (dem hat kein AVP gemeldet, dass dort ein Schädling ist, nur sein brain.exe hat angeschlagen) => http://www.trojaner-board.de/76270-t...ser-datei.html

ciao, andreas

Hehee

RSIT Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ich at 2010-09-08 18:59:49
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 20 GB (26%) free of 74 GB
Total RAM: 1534 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:54, on 08.09.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
C:\WINDOWS\system32\rundll32.exe
D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\Microsoft IntelliType Pro\itype.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Microsoft IntelliType Pro\dpupdchk.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Dokumente und Einstellungen\Ich\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Programme\trend micro\Ich.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ToADiMon.exe] D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [itype] "C:\Programme\Microsoft IntelliType Pro\itype.exe"
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "d:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "D:\Programme\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [SWHelper] "C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe" 1014020
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [InfoCockpit] D:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_21.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_21.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - hxxp://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135673099383
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 9142 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3598312876-1066895871-4027723870-1007Core1cb0cc11dcdc67c.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Programme\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programme\Java\jre6\bin\ssv.dll [2010-08-04 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-08-19 1294336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-07 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Programme\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ToADiMon.exe"=D:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe [2005-06-27 278528]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-07-01 14477312]
"StartCCC"=C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]
"QuickTime Task"=D:\Programme\QuickTime\QTTask.exe [2009-11-11 417792]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"itype"=C:\Programme\Microsoft IntelliType Pro\itype.exe [2010-07-21 1778064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-16 68856]
"Google Update"=C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2009-01-06 133104]
"Steam"=d:\programme\steam\steam.exe [2010-09-02 1242448]
"ICQ"=D:\Programme\ICQ7.0\ICQ.exe [2010-08-22 133432]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Programme\Skype\Phone\Skype.exe [2010-09-01 16700808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SWHelper"=C:\WINDOWS\system32\Macromed\Shockwave 10\PostUpdate.exe [2009-12-07 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ Malwarebytes Anti-Malware  (reboot)]
D:\Programme\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
C:\Programme\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
c:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Profiler]
C:\Programme\Saitek\Software\Profiler.exe [2004-01-28 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiSmart]
C:\Programme\Saitek\Software\SaiSmart.exe [2004-01-28 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Ich^Startmenü^Programme^Zubehör^Autostart^Registration .LNK]
C:\Programme\Ubisoft\Peter Jackson's King Kong - The Official Game of the Movie\RegistrationReminder.exe -d 803617 -l german -r 7 -g  -c us -i 2309 []

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
Microsoft Office.lnk - C:\Programme\Microsoft Office\Office10\OSA.EXE

C:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Zubehör\Autostart
WKCALREM.LNK - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkCalRem.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-04 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe"="D:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII"
"C:\WINDOWS\System32\LEXPPS.EXE"="C:\WINDOWS\System32\LEXPPS.EXE:*:Disabled:LEXPPS"
"C:\WINDOWS\System32\dplaysvr.exe"="C:\WINDOWS\System32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe"="D:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe:*:Disabled:T-Online Browser 6.0"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Disabled:Windows Messenger"
"C:\Programme\TeamViewer\Version4\TeamViewer.exe"="C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Programme\Java\jre6\bin\java.exe"="C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Programme\Counter-Strike 1.6\hl.exe"="D:\Programme\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Programme\Azureus\Azureus.exe"="D:\Programme\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Programme\Microsoft Games\Rise Of Legends\legends.exe"="C:\Programme\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends"
"D:\Programme\ICQ6.5\ICQ.exe"="D:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe"="D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Programme\TMbot\TM.EXE"="C:\Programme\TMbot\TM.EXE:*:Enabled:TMbot"
"D:\Programme\Anno 1701\Anno1701.exe"="D:\Programme\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701"
"D:\Programme\ICQ7.0\ICQ.exe"="D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Programme\ICQ7.0\aolload.exe"="D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"D:\Programme\Steam\Steam.exe"="D:\Programme\Steam\Steam.exe:*:Enabled:Steam"
"C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe"="C:\Dokumente und Einstellungen\Ich\Desktop\Counter-Strike Source\hl2.exe:*:Disabled:hl2"
"D:\Programme\League of Legends\Air\LolClient.exe"="D:\Programme\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"D:\Programme\League of Legends\Game\League of Legends.exe"="D:\Programme\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Programme\Pando Networks\Media Booster\PMB.exe"="C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe"="D:\Programme\Steam\SteamApps\weithoff007\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Temp\7zS1B3.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\Ich\Lokale Einstellungen\Temp\7zS1B3.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programme\ICQ7.0\ICQ.exe"="D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"D:\Programme\ICQ7.0\aolload.exe"="D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Programme\Pando Networks\Media Booster\PMB.exe"="C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2010-09-08 16:32:15 ----D---- C:\Programme\Microsoft IntelliType Pro
2010-09-08 06:46:17 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Skype
2010-09-08 06:46:12 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype
2010-09-08 03:34:26 ----HD---- C:\WINDOWS\$NtUninstallKB982214$
2010-09-08 03:34:20 ----HD---- C:\WINDOWS\$NtUninstallKB2115168$
2010-09-08 03:34:14 ----HD---- C:\WINDOWS\$NtUninstallKB2229593$
2010-09-08 03:33:23 ----HD---- C:\WINDOWS\$NtUninstallKB981852$
2010-09-08 03:32:21 ----HD---- C:\WINDOWS\$NtUninstallKB2079403$
2010-09-08 03:18:13 ----HD---- C:\WINDOWS\$NtUninstallKB2160329$
2010-09-08 03:17:48 ----HD---- C:\WINDOWS\$NtUninstallKB980436$
2010-09-08 03:03:52 ----HD---- C:\WINDOWS\$NtUninstallKB2286198$
2010-09-08 03:03:23 ----HD---- C:\WINDOWS\$NtUninstallKB981997$
2010-09-08 03:02:59 ----A---- C:\WINDOWS\imsins.BAK
2010-09-08 03:02:24 ----HD---- C:\WINDOWS\$NtUninstallKB982665$
2010-09-08 01:05:55 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\InstallShield
2010-09-08 00:54:39 ----SHD---- C:\Recycled
2010-09-07 23:51:29 ----A---- C:\ComboFix.txt
2010-09-07 23:25:36 ----A---- C:\Boot.bak
2010-09-07 23:25:31 ----RASHD---- C:\cmdcons
2010-09-07 23:21:19 ----A---- C:\WINDOWS\zip.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\SWSC.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\SWREG.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\sed.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\PEV.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\NIRCMD.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\MBR.exe
2010-09-07 23:21:19 ----A---- C:\WINDOWS\grep.exe
2010-09-07 23:20:37 ----D---- C:\WINDOWS\ERDNT
2010-09-07 23:16:35 ----D---- C:\Qoobox
2010-09-07 21:12:19 ----D---- C:\Programme\trend micro
2010-09-07 21:11:23 ----D---- C:\rsit
2010-09-07 17:06:29 ----D---- C:\WINDOWS\system32\Adobe
2010-09-07 16:59:37 ----D---- C:\Programme\Windows Sidebar
2010-09-07 16:59:36 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
2010-09-07 16:56:10 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
2010-09-06 23:29:18 ----D---- C:\_OTL
2010-09-06 22:16:47 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Malwarebytes
2010-09-06 22:16:28 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-06 22:16:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-06 22:16:21 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-06 16:35:22 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Mp3tag
2010-09-06 16:07:54 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\DVDVideoSoftIEHelpers
2010-09-02 20:38:39 ----A---- C:\WINDOWS\ModemLog_Standardmodem über Bluetooth-Verbindung.txt
2010-09-01 21:27:52 ----D---- C:\Dokumente und Einstellungen\Ich\Anwendungsdaten\Nokia Ovi Suite
2010-09-01 04:12:41 ----HD---- C:\WINDOWS\$NtUninstallWudf01009$
2010-09-01 04:06:53 ----HD---- C:\WINDOWS\$NtUninstallWdf01009$
2010-09-01 03:50:49 ----D---- C:\WINDOWS\Globalization
2010-09-01 03:50:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
2010-09-01 03:44:21 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-09-01 03:44:11 ----D---- C:\Programme\PC Connectivity Solution
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-09-01 03:43:22 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-09-01 03:40:39 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
2010-08-21 18:33:32 ----D---- C:\FOUND.069
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-20 03:55:24 ----A---- C:\WINDOWS\system32\java.exe
2010-08-11 04:42:15 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard Entertainment
2010-08-11 04:41:24 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Blizzard

======List of files/folders modified in the last 1 months======

2010-09-08 03:30:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-08 01:05:16 ----A---- C:\WINDOWS\BRVIDEO.INI
2010-09-08 01:05:16 ----A---- C:\WINDOWS\Brownie.ini
2010-09-08 01:05:16 ----A---- C:\WINDOWS\BRDIAG.INI
2010-09-07 23:40:32 ----A---- C:\WINDOWS\system.ini
2010-09-07 23:25:38 ----RASH---- C:\boot.ini
2010-09-07 17:13:46 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS\system32\DRIVERS\amdide.sys [2007-10-12 9096]
R0 gagp30kx;Microsoft Allgemeiner AGPv3.0-Filter für K8-Prozessorplattformen; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 ohci1394;VIA OHCI-konformer IEEE 1394-Hostcontroller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 SI3112r;ATI-437A Serial ATA Controller; C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2005-06-01 97920]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2005-06-01 10240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-04 3488768]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
R3 BthEnum;Bluetooth-Auflistungsdienst; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BTHMODEM;Bluetooth-Modemkommunikationstreiber; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
R3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidBth;Microsoft Bluetooth-HID-Miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25856]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-07-01 3134976]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-10-22 6144]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2010-07-21 21520]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 21248]
R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 SaiMini;SaiMini; C:\WINDOWS\system32\DRIVERS\SaiMini.sys [2004-01-28 15232]
R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiNtBus.sys [2004-01-28 26624]
R3 sftfs;sftfs; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftfsXP.sys []
R3 sftplay;sftplay; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftplayXP.sys []
R3 Sftredir;Sftredir; C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys [2009-09-23 21864]
R3 sftvol;sftvol; \??\C:\Programme\Microsoft Application Virtualization Client\drivers\sftvolXP.sys []
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-07-01 230272]
S2 int15.sys;int15.sys; \??\C:\Programme\Acer\eRecovery\int15.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-08 2319680]
S3 AVerA700;A700 service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2006-05-05 985472]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 catchme;catchme; \??\C:\cofi\catchme.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\Ich\LOKALE~1\Temp\DMSKSSRh.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 MIINPazX;MIINPazX NDIS Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS []
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver; \??\D:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS []
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 ovt530;TM507A USB Camera; C:\WINDOWS\System32\Drivers\ov530vid.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys []
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
S3 rtl8139;NT-Treiber für Realtek RTL8139(A/B/C)-basierten PCI-Fast Ethernet-Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SaiH0464;SaiH0464; C:\WINDOWS\system32\DRIVERS\SaiH0464.sys [2004-01-30 55808]
S3 SANDRA;SANDRA; \??\D:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 mchInjDrv;mchInjDrv; \??\C:\WINDOWS\TEMP\mc21.tmp []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-15 717296]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-04 602112]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cvhsvc;Client Virtualization Handler; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2002-02-14 299008]
R2 sftlist;Application Virtualization Client; C:\Programme\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447832]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2006-03-11 221184]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-02 138168]
R3 sftvsa;Application Virtualization Service Agent; C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-03 593920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S2 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Programme\TuneUp WinStyler\WinStylerThemeSvc.exe [2004-05-04 117760]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office  Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 osppsvc;Office Software Protection Platform; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
         

--- --- ---