Trojaner-Board - Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen? (https://www.trojaner-board.de/88411-win32-backdoor-papras-a-tr-spy-browse-a-trojan-fuehrt-grafikkartenproblemen.html)

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?

Hallo Forum, hallo Helfer,

ich habe mal wieder ein Problem...

Mein System:
Windows XP
AntiVir
Sygate Personal Firewall
Internetzugang über einen Router (Arcor DSL WLAN-Modem 200)

Am besten schildere ich erstmal die Symptome:
- Maus: nicht mehr weiß mit schwarzem Rand sondern zusätzlich mit schwarzen Strichen im weißen Bereich, auch bei der Sanduhr analog
- Probleme beim anzeigen von Videos, es können keine Videos abgespielt werden
- Probleme bei der Anzeige bestimmter Programme/Emails: Z.B. dauert die Anzeige von AntiVir Personal sehr lange, sprich es scheint sehr lange zu laden, beim Starten oder wenn man einen Menüpunkt anklickt usw.; selbiges bei Emails in Outlook Express, und zwar dann, wenn eine Email Daten/Bilder aus dem Internet nachladen will (obwohl Outlook diese blockiert) - das Laden dieser Emails dauert ebenfalls sehr sehr lange
- der Antivir Guard ließ sich nicht mehr aktivieren, habe anschließend AntiVir deinstalliert und Antivir 10 installiert (drüberinstallieren ging nicht), der Guard ist nun wieder aktiviert
- beim Starten/Booten zeigt der Bildschirm nichts mehr an
- gelegentlich stürzt der PC ab, wenn er e. Video laden will o.ä.

Diese Probleme sind sukzessive aufgetreten. Ich habe zunächst auf Probleme mit der Grafikkarte (nvidia Geforce 7650 GS) getippt und einen neuen Treiber installiert. Danach gings vorübergehend wieder.
Dann habe ich den PC mal komplett vom Stromnetz getrennt, und nach einigen Stunden wieder angesteckt - danach gings (vorrübergehend) wieder, jetzt hilft es jedoch nichts mehr. (das hatte ich vor ein paar Monaten schon mal gemacht, als der Bildschirm etwa alle 5-7 Sekunden für 2-3 Sekunden schwarz geworden war, damals hat das geholfen).

Viren-/Malware-Fund von Antivir:

Code:

Die Datei 'C:\System Volume Information\_restore{BDB02021-8C9D-4BD9-BAB5-977838CC146D}\RP111\A0039550.dll'

enthielt einen Virus oder unerwünschtes Programm 'TR/Spy.Browse.A' [trojan].

Durchgeführte Aktion(en):

Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e0ad2f7.qua' verschoben!

Adaware hat auch mal was gefunden: Win32.Backdoor.Papras/A
Der Guard/Ad-Watch hat angeschlagen und versucht, das zu entfernen, hat auch gescannt, jedoch bin ich mir nicht sicher, ob das geklappt hat, ich hatte den Eindruck, er würde immer wieder von vorne beginnen.
log:

Code:

Logfile created: 14.07.2010 11:24:51

Lavasoft Ad-Aware version: 8.1.4

Extended engine: 329338072

Extended engine version: 

User performing scan: ***
 

*********************** Definitions database information ***********************

Lavasoft definition file: 149.317

Genotype definition file version: 2010/07/02 07:55:37
 

******************************** Scan results: *********************************

Scan profile name: Intelligenter Scan  (ID: smart)

Objects scanned: 25190

Objects detected: 1
 
 

Type              Detected

==========================

Processes.......:        1

Registry entries:        0

Hostfile entries:        0

Files...........:        0

Folders.........:        0

LSPs............:        0

Cookies.........:        0

Browser hijacks.:        0

MRU objects.....:        0
 
 
 

Quarantined items:

Description: c:\windows\system32\diskshta.dll Family Name: Win32.Backdoor.Papras/A Engine: 1 Clean status: Reboot required Item ID: 0 Family ID: 0
 

Scan and cleaning complete: Finished correctly after 128 seconds
 

*********************************** Settings ***********************************
 

Scan profile:

ID: smart, enabled:1, value: Intelligenter Scan

  ID: folderstoscan, enabled:1, value: 

  ID: useantivirus, enabled:1, value: true

  ID: sections, enabled:1

    ID: scancriticalareas, enabled:1, value: true

    ID: scanrunningapps, enabled:1, value: true

    ID: scanregistry, enabled:1, value: true

    ID: scanlsp, enabled:1, value: true

    ID: scanads, enabled:1, value: false

    ID: scanhostsfile, enabled:1, value: false

    ID: scanmru, enabled:1, value: false

    ID: scanbrowserhijacks, enabled:1, value: true

    ID: scantrackingcookies, enabled:1, value: true

      ID: closebrowsers, enabled:1, value: false

  ID: filescanningoptions, enabled:1

    ID: archives, enabled:1, value: false

    ID: onlyexecutables, enabled:1, value: true

    ID: skiplargerthan, enabled:1, value: 20480

    ID: scanrootkits, enabled:1, value: true

      ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict

    ID: usespywareheuristics, enabled:1, value: true
 

Scan global:

ID: global, enabled:1

  ID: addtocontextmenu, enabled:1, value: true

  ID: playsoundoninfection, enabled:1, value: false

    ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav
 

Scheduled scan settings:

<Empty>
 

Update settings:

ID: updates, enabled:1

  ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently

  ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall

  ID: schedules, enabled:1, value: true

    ID: updatedaily1, enabled:1, value: Daily 1

      ID: time, enabled:1, value: Tue Nov 10 12:22:00 2009

      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

      ID: weekdays, enabled:1

        ID: monday, enabled:1, value: false

        ID: tuesday, enabled:1, value: false

        ID: wednesday, enabled:1, value: false

        ID: thursday, enabled:1, value: false

        ID: friday, enabled:1, value: false

        ID: saturday, enabled:1, value: false

        ID: sunday, enabled:1, value: false

      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

      ID: scanprofile, enabled:1, value: 

      ID: auto_deal_with_infections, enabled:1, value: false

    ID: updatedaily2, enabled:1, value: Daily 2

      ID: time, enabled:1, value: Tue Nov 10 18:22:00 2009

      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

      ID: weekdays, enabled:1

        ID: monday, enabled:1, value: false

        ID: tuesday, enabled:1, value: false

        ID: wednesday, enabled:1, value: false

        ID: thursday, enabled:1, value: false

        ID: friday, enabled:1, value: false

        ID: saturday, enabled:1, value: false

        ID: sunday, enabled:1, value: false

      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

      ID: scanprofile, enabled:1, value: 

      ID: auto_deal_with_infections, enabled:1, value: false

    ID: updatedaily3, enabled:1, value: Daily 3

      ID: time, enabled:1, value: Tue Nov 10 00:22:00 2009

      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

      ID: weekdays, enabled:1

        ID: monday, enabled:1, value: false

        ID: tuesday, enabled:1, value: false

        ID: wednesday, enabled:1, value: false

        ID: thursday, enabled:1, value: false

        ID: friday, enabled:1, value: false

        ID: saturday, enabled:1, value: false

        ID: sunday, enabled:1, value: false

      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

      ID: scanprofile, enabled:1, value: 

      ID: auto_deal_with_infections, enabled:1, value: false

    ID: updatedaily4, enabled:1, value: Daily 4

      ID: time, enabled:1, value: Tue Nov 10 06:22:00 2009

      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly

      ID: weekdays, enabled:1

        ID: monday, enabled:1, value: false

        ID: tuesday, enabled:1, value: false

        ID: wednesday, enabled:1, value: false

        ID: thursday, enabled:1, value: false

        ID: friday, enabled:1, value: false

        ID: saturday, enabled:1, value: false

        ID: sunday, enabled:1, value: false

      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

      ID: scanprofile, enabled:1, value: 

      ID: auto_deal_with_infections, enabled:1, value: false

    ID: updateweekly1, enabled:1, value: Weekly

      ID: time, enabled:1, value: Tue Nov 10 12:22:00 2009

      ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly

      ID: weekdays, enabled:1

        ID: monday, enabled:1, value: false

        ID: tuesday, enabled:1, value: true

        ID: wednesday, enabled:1, value: false

        ID: thursday, enabled:1, value: false

        ID: friday, enabled:1, value: true

        ID: saturday, enabled:1, value: false

        ID: sunday, enabled:1, value: false

      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31

      ID: scanprofile, enabled:1, value: 

      ID: auto_deal_with_infections, enabled:1, value: false

  ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
 

Appearance settings:

ID: appearance, enabled:1

  ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource

  ID: showtrayicon, enabled:1, value: true

  ID: language, enabled:1, value: de, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

  ID: autoentertainmentmode, enabled:1, value: true

  ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
 

Realtime protection settings:

ID: realtime, enabled:1

  ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant

  ID: modules, enabled:1

    ID: processprotection, enabled:1, value: true

    ID: registryprotection, enabled:1, value: true

    ID: networkprotection, enabled:1, value: true

  ID: layers, enabled:1

    ID: useantivirus, enabled:1, value: true

    ID: usespywareheuristics, enabled:1, value: true
 
 

****************************** System information ******************************

Computer name: MD8818

Processor name: Intel(R) Core(TM)2 CPU          6300  @ 1.86GHz

Processor identifier: x86 Family 6 Model 15 Stepping 6

Processor speed: ~1861MHZ

Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 3846, number of processors 2, processor features: [MMX,SSE,SSE2]

Physical memory available: 466587648 bytes

Physical memory total: 1072082944 bytes

Virtual memory available: 1884852224 bytes

Virtual memory total: 2147352576 bytes

Memory load: 56%

Microsoft Windows XP Professional Service Pack 3 (build 2600)

Windows startup mode:
 

Running processes:

PID: 464 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 536 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 560 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 604 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 616 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 804 name: C:\WINDOWS\system32\nvsvc32.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 872 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 920 name: C:\WINDOWS\system32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT

PID: 988 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 1036 name: C:\Programme\Sygate\SPF\smc.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 1152 name: C:\WINDOWS\system32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT

PID: 1432 name: C:\WINDOWS\system32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT

PID: 1576 name: C:\Programme\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 1664 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 1748 name: C:\Programme\Avira\AntiVir Desktop\sched.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 1792 name: C:\WINDOWS\system32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT

PID: 2012 name: C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 2028 name: C:\Programme\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 176 name: C:\WINDOWS\eHome\ehRecvr.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 192 name: C:\WINDOWS\eHome\ehSched.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 352 name: C:\Programme\Java\jre6\bin\jqs.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 424 name: C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 328 name: C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE owner: SYSTEM domain: NT-AUTORITÄT

PID: 524 name: C:\Programme\CyberLink\Shared Files\RichVideo.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 1128 name: C:\WINDOWS\system32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT

PID: 1348 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 2056 name: C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 2144 name: C:\WINDOWS\ehome\mcrdsvc.exe owner: LOKALER DIENST domain: NT-AUTORITÄT

PID: 2916 name: C:\WINDOWS\system32\dllhost.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 2980 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 3128 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 3276 name: C:\WINDOWS\system32\wbem\wmiapsrv.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 3308 name: C:\WINDOWS\System32\alg.exe owner: LOKALER DIENST domain: NT-AUTORITÄT

PID: 3504 name: C:\WINDOWS\ehome\ehtray.exe owner: *** domain: MD8818

PID: 3512 name: C:\WINDOWS\RTHDCPL.EXE owner: *** domain: MD8818

PID: 3528 name: C:\Programme\SMSC\SetIcon.exe owner: *** domain: MD8818

PID: 3544 name: C:\Programme\QuickTime\qttask.exe owner: *** domain: MD8818

PID: 3608 name: C:\Programme\ScanSoft\PaperPort\pptd40nt.exe owner: *** domain: MD8818

PID: 3628 name: C:\WINDOWS\eHome\ehmsas.exe owner: *** domain: MD8818

PID: 3852 name: C:\Programme\Brother\ControlCenter2\brctrcen.exe owner: *** domain: MD8818

PID: 3864 name: C:\Programme\Avira\AntiVir Desktop\avgnt.exe owner: *** domain: MD8818

PID: 3980 name: C:\Programme\Java\jre6\bin\jusched.exe owner: *** domain: MD8818

PID: 4000 name: C:\WINDOWS\system32\RUNDLL32.EXE owner: *** domain: MD8818

PID: 4056 name: C:\WINDOWS\system32\ctfmon.exe owner: *** domain: MD8818

PID: 520 name: C:\Programme\OpenOffice.org 2.4\program\soffice.exe owner: *** domain: MD8818

PID: 1216 name: C:\Programme\OpenOffice.org 2.4\program\soffice.BIN owner: *** domain: MD8818

PID: 3176 name: C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe owner: *** domain: MD8818

PID: 3772 name: C:\Programme\Lavasoft\Ad-Aware\Ad-Aware.exe owner: *** domain: MD8818

PID: 2084 name: C:\WINDOWS\system32\wuauclt.exe owner: SYSTEM domain: NT-AUTORITÄT

PID: 2716 name: C:\WINDOWS\explorer.exe owner: *** domain: MD8818

PID: 3808 name: C:\WINDOWS\system32\imapi.exe owner: SYSTEM domain: NT-AUTORITÄT
 

Startup items:

Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}

          imagepath: Browseui preloader

Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}

          imagepath: Component Categories cache daemon

Name: PostBootReminder

          imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}

Name: CDBurn

          imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}

Name: WebCheck

          imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

Name: SysTray

          imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}

Name: CTFMON.EXE

          imagepath: C:\WINDOWS\system32\CTFMON.EXE

Name: ehTray

          imagepath: C:\WINDOWS\ehome\ehtray.exe

Name: RTHDCPL

          imagepath: RTHDCPL.EXE

Name: NeroFilterCheck

          imagepath: C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe

Name: SetIcon

          imagepath: \Programme\SMSC\SetIcon.exe

Name: LanguageShortcut

          imagepath: "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe"

Name: InstantOn

          imagepath: "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c "

Name: QuickTime Task

          imagepath: "C:\Programme\QuickTime\qttask.exe" -atboottime

Name: SmcService

          imagepath: C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

Name: SSBkgdUpdate

          imagepath: "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

Name: PaperPort PTD

          imagepath: C:\Programme\ScanSoft\PaperPort\pptd40nt.exe

Name: IndexSearch

          imagepath: C:\Programme\ScanSoft\PaperPort\IndexSearch.exe

Name: SetDefPrt

          imagepath: C:\Programme\Brother\Brmfl04g\BrStDvPt.exe

Name: ControlCenter2.0

          imagepath: C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun

Name: avgnt

          imagepath: "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min

Name: SunJavaUpdateSched

          imagepath: "C:\Programme\Java\jre6\bin\jusched.exe"

Name: nwiz

          imagepath: C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet

Name: NvCplDaemon

          imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

Name: NvMediaCenter

          imagepath: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

Name: 

          imagepath: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
 

Bootexecute items:

Name: 

          imagepath: autocheck autochk *

Name: 

          imagepath: lsdelete
 

Running services:

Name: accsvc

          displayname: AccSys WiFi Component

Name: ALG

          displayname: Gatewaydienst auf Anwendungsebene

Name: AntiVirSchedulerService

          displayname: Avira AntiVir Planer

Name: AntiVirService

          displayname: Avira AntiVir Guard

Name: AudioSrv

          displayname: Windows Audio

Name: Browser

          displayname: Computerbrowser

Name: COMSysApp

          displayname: COM+-Systemanwendung

Name: CryptSvc

          displayname: CryptSvc

Name: DcomLaunch

          displayname: DCOM-Server-Prozessstart

Name: Dhcp

          displayname: DHCP-Client

Name: dmserver

          displayname: Verwaltung logischer Datenträger

Name: Dnscache

          displayname: DNS-Client

Name: ehRecvr

          displayname: Media Center Receiver Service

Name: ehSched

          displayname: Media Center-Planerdienst

Name: ERSvc

          displayname: Fehlerberichterstattungsdienst

Name: Eventlog

          displayname: Ereignisprotokoll

Name: EventSystem

          displayname: COM+-Ereignissystem

Name: FastUserSwitchingCompatibility

          displayname: Kompatibilität für schnelle Benutzerumschaltung

Name: helpsvc

          displayname: Hilfe und Support

Name: HidServ

          displayname: HID Input Service

Name: JavaQuickStarterService

          displayname: Java Quick Starter

Name: lanmanserver

          displayname: Server

Name: lanmanworkstation

          displayname: Arbeitsstationsdienst

Name: Lavasoft Ad-Aware Service

          displayname: Lavasoft Ad-Aware Service

Name: LightScribeService

          displayname: LightScribeService Direct Disc Labeling Service

Name: LmHosts

          displayname: TCP/IP-NetBIOS-Hilfsprogramm

Name: McrdSvc

          displayname: Media Center Extender Service

Name: MDM

          displayname: Machine Debug Manager

Name: Netman

          displayname: Netzwerkverbindungen

Name: Nla

          displayname: NLA (Network Location Awareness)

Name: NVSvc

          displayname: NVIDIA Display Driver Service

Name: PlugPlay

          displayname: Plug & Play

Name: PolicyAgent

          displayname: IPSEC-Dienste

Name: ProtectedStorage

          displayname: Geschützter Speicher

Name: RasMan

          displayname: RAS-Verbindungsverwaltung

Name: RemoteRegistry

          displayname: Remote-Registrierung

Name: RichVideo

          displayname: Cyberlink RichVideo Service(CRVS)

Name: RpcSs

          displayname: Remoteprozeduraufruf (RPC)

Name: SamSs

          displayname: Sicherheitskontenverwaltung

Name: Schedule

          displayname: Taskplaner

Name: seclogon

          displayname: Secondary Logon

Name: SENS

          displayname: Systemereignisbenachrichtigung

Name: SharedAccess

          displayname: Windows-Firewall/Gemeinsame Nutzung der Internetverbindung

Name: ShellHWDetection

          displayname: Shellhardwareerkennung

Name: SmcService

          displayname: Sygate Personal Firewall

Name: Spooler

          displayname: Druckwarteschlange

Name: srservice

          displayname: Systemwiederherstellungsdienst

Name: SSDPSRV

          displayname: SSDP Discovery Service

Name: stisvc

          displayname: Windows-Bilderfassung (WIA)

Name: TapiSrv

          displayname: Telefonie

Name: TermService

          displayname: Terminaldienste

Name: Themes

          displayname: Designs

Name: TrkWks

          displayname: Überwachung verteilter Verknüpfungen (Client)

Name: W32Time

          displayname: Windows-Zeitgeber

Name: WebClient

          displayname: WebClient

Name: winmgmt

          displayname: Windows-Verwaltungsinstrumentation

Name: WmiApSrv

          displayname: WMI-Leistungsadapter

Name: wscsvc

          displayname: Sicherheitscenter

Name: wuauserv

          displayname: Automatische Updates

Name: WZCSVC

          displayname: Konfigurationsfreie drahtlose Verbindung

Name: x10nets

          displayname: X10 Device Network Service

Ich denke, es ist jetzt zwangsläufig an der Zeit, den PC mal neu aufzusetzen. Vorher muss ich natürlich aber erst noch alle aktuellen Daten und Einstellungen sichern. Daher wäre es wohl wichtig, dass der PC vorher viren-/malwarefrei ist.

Daher wäre es prima, wenn ihr mir nochmal helfen könnt. Werde im Anschluss nacher noch die logs posten.

Danke,
Joe

Avira AntiRootkit log:

Code:

Avira AntiRootkit Tool (1.1.0.1)
 

========================================================================================================

 - Scan started Sonntag, 18. Juli 2010 - 17:36:21

========================================================================================================
 

--------------------------------------------------------------------------------------------------------

   Configuration:

--------------------------------------------------------------------------------------------------------

 - [X] Scan files

 - [X] Scan registry

 - [X] Scan processes

 - [ ] Fast scan

 - Working disk total size : 278.55 GB

 - Working disk free size : 49.24 GB (17 %)

--------------------------------------------------------------------------------------------------------
 

Scan task finished. No hidden objects detected!
 

--------------------------------------------------------------------------------------------------------

Files: 0/255370

Registry items: 0/400154

Processes: 0/50

Scan time: 00:10:35

--------------------------------------------------------------------------------------------------------

Active processes:

  - bgyjfaoc.exe     (PID 3444) (Avira AntiRootkit Tool)

  - System           (PID 4)

  - smss.exe         (PID 460)

  - csrss.exe        (PID 532)

  - winlogon.exe     (PID 556)

  - services.exe     (PID 600)

  - lsass.exe        (PID 612)

  - nvsvc32.exe      (PID 800)

  - svchost.exe      (PID 868)

  - svchost.exe      (PID 916)

  - svchost.exe      (PID 984)

  - Smc.exe          (PID 1036)

  - svchost.exe      (PID 1148)

  - svchost.exe      (PID 1284)

  - explorer.exe     (PID 1432)

  - AAWService.exe   (PID 1488)

  - spoolsv.exe      (PID 1636)

  - sched.exe        (PID 1704)

  - svchost.exe      (PID 1748)

  - accsvc.exe       (PID 1832)

  - ehrecvr.exe      (PID 1880)

  - ehSched.exe      (PID 1908)

  - jqs.exe          (PID 2000)

  - LSSrvc.exe       (PID 2044)

  - MDM.EXE          (PID 340)

  - RichVideo.exe    (PID 520)

  - svchost.exe      (PID 1008)

  - svchost.exe      (PID 1192)

  - X10nets.exe      (PID 1556)

  - mcrdsvc.exe      (PID 2144)

  - dllhost.exe      (PID 2752)

  - wmiapsrv.exe     (PID 2796)

  - unsecapp.exe     (PID 2844)

  - wmiprvse.exe     (PID 2952)

  - alg.exe          (PID 3016)

  - ehtray.exe       (PID 3508)

  - RTHDCPL.exe      (PID 3524)

  - ehmsas.exe       (PID 3580)

  - SetIcon.exe      (PID 3592)

  - qttask.exe       (PID 3616)

  - pptd40nt.exe     (PID 3668)

  - brctrcen.exe     (PID 3780)

  - avgnt.exe        (PID 3856)

  - jusched.exe      (PID 3944)

  - rundll32.exe     (PID 3984)

  - ctfmon.exe       (PID 4008)

  - soffice.exe      (PID 516)

  - soffice.bin      (PID 500)

  - AAWTray.exe      (PID 2676)

  - avirarkd.exe     (PID 3876)

========================================================================================================

 - Scan finished  Sonntag, 18. Juli 2010 - 17:46:57

========================================================================================================

MAM hat auch nichts gefunden:

Code:

Malwarebytes' Anti-Malware 1.46

w*w.malwarebytes.org
 

Datenbank Version: 4288
 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702
 

19.07.2010 02:28:34

mbam-log-2010-07-19 (02-28-34).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Durchsuchte Objekte: 375180

Laufzeit: 2 Stunde(n), 3 Minute(n), 53 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 0
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

(Keine bösartigen Objekte gefunden)

RSIT log.txt:

Code:

Logfile of random's system information tool 1.08 (written by random/random)

Run by *** at 2010-07-20 11:29:34

Microsoft Windows XP Professional Service Pack 3

System drive C: has 54 GB (19%) free of 285 GB

Total RAM: 1022 MB (36% free)
 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:29:51, on 20.07.2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal
 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programme\Sygate\SPF\smc.exe

C:\WINDOWS\Explorer.EXE

C:\Programme\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programme\Avira\AntiVir Desktop\sched.exe

C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe

C:\Programme\Avira\AntiVir Desktop\avguard.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Programme\Java\jre6\bin\jqs.exe

C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe

C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Programme\Avira\AntiVir Desktop\avshadow.exe

C:\Programme\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Programme\SMSC\SetIcon.exe

C:\Programme\QuickTime\qttask.exe

C:\Programme\ScanSoft\PaperPort\pptd40nt.exe

C:\Programme\Brother\ControlCenter2\brctrcen.exe

C:\Programme\Avira\AntiVir Desktop\avgnt.exe

C:\Programme\Java\jre6\bin\jusched.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Programme\OpenOffice.org 2.4\program\soffice.exe

C:\Programme\OpenOffice.org 2.4\program\soffice.BIN

C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe

C:\Dokumente und Einstellungen\***\Desktop\RSIT.exe

C:\Programme\trend micro\***.exe
 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdmcks.dll

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [SetIcon] \Programme\SMSC\SetIcon.exe

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [InstantOn] "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c "

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04g\BrStDvPt.exe

O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun

O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe

O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlall.htm

O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Programme\Free Download Manager\dllink.htm

O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm

O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm

O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Programme\Internet Radio\Radio.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=h**p://w*w.aldi.com/

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160402350437

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe

O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: RGZES - Unknown owner - C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
 

--

End of file - 9364 bytes
 

======Scheduled tasks folder======
 

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job

C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job

C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job

C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
 

======Registry dump======
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-10 761840]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]

FDMIECookiesBHO Class - C:\Programme\Free Download Manager\iefdmcks.dll [2006-08-20 81920]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-11-14 41760]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-14 73728]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Programme\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]
 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-09 16236032]

"NeroFilterCheck"=C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

"SetIcon"=\Programme\SMSC\SetIcon.exe [2004-04-28 42496]

"LanguageShortcut"=C:\Programme\Home Cinema\PowerDVD\Language\Language.exe [2006-05-18 49152]

"InstantOn"=C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe [2006-06-21 93640]

"QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2006-10-25 282624]

"SmcService"=C:\PROGRA~1\Sygate\SPF\smc.exe [2004-02-24 2372760]

"SSBkgdUpdate"=C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]

"PaperPort PTD"=C:\Programme\ScanSoft\PaperPort\pptd40nt.exe [2004-03-09 57393]

"IndexSearch"=C:\Programme\ScanSoft\PaperPort\IndexSearch.exe [2004-03-09 40960]

"SetDefPrt"=C:\Programme\Brother\Brmfl04g\BrStDvPt.exe [2004-11-11 49152]

"ControlCenter2.0"=C:\Programme\Brother\ControlCenter2\brctrcen.exe [2004-11-11 864256]

"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-11-14 149280]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]

"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696]
 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BullGuard]

C:\Programme\BullGuard Software\BullGuard\bullguard.exe -boot []
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]

C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Programme\iTunes\iTunesHelper.exe [2006-10-30 256576]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVBroadcast]

C:\Programme\Sceneo\Bonavista\SERVICES\ODSBC\ODSBCApp.exe [2006-10-20 814080]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]

C:\Programme\Home Cinema\TV Enhance\TVEService.exe [2006-10-19 151552]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wlconfig]

C:\Programme\WLAN Monitor\wlconfig.exe [2006-03-06 1347584]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"gusvc"=3

"TVTABRDZ"=3

"TVESched"=2

"TVECapSvc"=2

"gupdate"=2

"srvcPVR"=2
 

C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart

OpenOffice.org 2.4.lnk - C:\Programme\OpenOffice.org 2.4\program\quickstart.exe
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDriveAutoRun"=67108863

"NoDrives"=0
 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

"NoDriveAutoRun"=67108863

"NoDriveTypeAutoRun"=323

"NoDrives"=0
 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung"

"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger"

"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger"

"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax"

"C:\Programme\NetMeeting\Conf.exe"="C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Programme\Trillian\trillian.exe"="C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian"

"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen"

"C:\Programme\WS_FTP\WS_FTP95.exe"="C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Programme\TmNationsForever\TmForever.exe"="C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung"

"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger"

"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger"

"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax"

"C:\Programme\NetMeeting\Conf.exe"="C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
 

======List of files/folders created in the last 1 months======
 

2010-07-18 21:47:57 ----D---- C:\WINDOWS\system32\NtmsData

2010-07-18 21:42:49 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Avira

2010-07-18 21:06:13 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira

2010-07-08 16:03:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$

2010-07-08 16:03:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$

2010-07-08 16:03:27 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$

2010-07-08 16:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979904$

2010-07-08 16:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$

2010-07-08 16:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$

2010-07-08 16:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$

2010-07-08 16:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$

2010-07-08 16:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$

2010-07-08 16:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$

2010-07-08 16:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$

2010-07-08 16:00:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$

2010-07-08 15:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$

2010-07-08 15:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$

2010-07-08 15:56:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$

2010-07-08 15:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$

2010-07-08 15:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$

2010-07-08 15:55:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$

2010-07-08 15:55:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$

2010-07-08 15:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$

2010-07-08 15:45:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$

2010-07-08 15:45:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$

2010-07-08 15:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$

2010-07-08 15:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

2010-07-08 15:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$

2010-07-08 15:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$

2010-07-08 15:44:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$

2010-07-08 15:44:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$

2010-07-08 15:44:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$

2010-07-08 15:44:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$

2010-07-08 15:29:44 ----N---- C:\WINDOWS\system32\browserchoice.exe

2010-07-07 19:29:31 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation

2010-07-07 19:29:04 ----D---- C:\Programme\NVIDIA Corporation

2010-07-07 19:28:13 ----A---- C:\WINDOWS\system32\OpenCL.dll

2010-07-07 19:28:13 ----A---- C:\WINDOWS\system32\nvcuvid.dll

2010-07-07 19:28:13 ----A---- C:\WINDOWS\system32\nvcuvenc.dll

2010-07-07 19:28:10 ----A---- C:\WINDOWS\system32\nvcuda.dll

2010-07-07 19:28:10 ----A---- C:\WINDOWS\system32\nvcompiler.dll

2010-07-07 19:28:01 ----D---- C:\NVIDIA
 

======List of files/folders modified in the last 1 months======
 

2010-07-20 11:29:51 ----D---- C:\Programme\Trend Micro

2010-07-20 11:29:21 ----D---- C:\WINDOWS\Prefetch

2010-07-20 11:21:31 ----D---- C:\WINDOWS\Debug

2010-07-20 11:21:31 ----D---- C:\WINDOWS

2010-07-20 11:21:30 ----D---- C:\WINDOWS\Temp

2010-07-20 11:21:30 ----D---- C:\WINDOWS\Minidump

2010-07-20 11:18:33 ----D---- C:\Programme\CCleaner

2010-07-20 10:50:45 ----SD---- C:\WINDOWS\Tasks

2010-07-20 10:21:15 ----A---- C:\WINDOWS\NeroDigital.ini

2010-07-20 10:20:59 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenOffice.org2

2010-07-20 10:19:33 ----D---- C:\WINDOWS\Registration

2010-07-20 10:19:23 ----D---- C:\WINDOWS\system32\CatRoot2

2010-07-19 15:05:48 ----N---- C:\WINDOWS\SchedLgU.Txt

2010-07-19 08:00:40 ----D---- C:\WINDOWS\system32

2010-07-18 23:36:58 ----SHD---- C:\System Volume Information

2010-07-18 21:48:21 ----HD---- C:\WINDOWS\inf

2010-07-18 21:47:56 ----D---- C:\WINDOWS\repair

2010-07-18 21:07:34 ----D---- C:\WINDOWS\system32\config

2010-07-18 21:07:14 ----D---- C:\WINDOWS\system32\wbem

2010-07-18 21:06:42 ----D---- C:\Programme\Biet-O-Matic

2010-07-18 21:06:38 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\BOM

2010-07-18 21:06:21 ----D---- C:\WINDOWS\system32\drivers

2010-07-18 21:02:44 ----D---- C:\Programme\Avira

2010-07-18 17:16:12 ----D---- C:\Programme\Google

2010-07-16 23:23:24 ----SHD---- C:\WINDOWS\Installer

2010-07-15 14:35:30 ----D---- C:\Programme\Trillian

2010-07-14 00:25:28 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Free Download Manager

2010-07-13 14:17:34 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FileZilla

2010-07-08 20:03:58 ----D---- C:\WINDOWS\AppPatch

2010-07-08 20:03:58 ----D---- C:\Config.Msi

2010-07-08 16:03:51 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-07-08 16:03:43 ----HD---- C:\WINDOWS\$hf_mig$

2010-07-08 16:03:42 ----D---- C:\WINDOWS\Microsoft.NET

2010-07-08 16:03:39 ----RSD---- C:\WINDOWS\assembly

2010-07-08 16:03:07 ----D---- C:\WINDOWS\ie8updates

2010-07-08 15:58:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-07-08 15:58:19 ----D---- C:\WINDOWS\WinSxS

2010-07-08 15:56:28 ----D---- C:\Programme\Movie Maker

2010-07-08 15:55:31 ----D---- C:\Programme\Internet Explorer

2010-07-08 15:44:49 ----D---- C:\Programme\Outlook Express

2010-07-07 19:30:52 ----D---- C:\WINDOWS\Help

2010-07-07 19:29:04 ----RD---- C:\Programme

2010-07-07 19:29:02 ----D---- C:\WINDOWS\system32\ReinstallBackups

2010-07-05 09:55:15 ----D---- C:\Programme\Mozilla Firefox
 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2009-09-23 64288]

R0 ohci1394;VIA OHCI-konformer IEEE 1394-Hostcontroller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-06-04 20576]

R0 Teefer;Teefer for NT; C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys [2004-02-02 55891]

R0 uagp35;Microsoft AGPv3.5-Filter; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]

R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-09-07 9728]

R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-09-07 11264]

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]

R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

R1 wpsdrvnt;wpsdrvnt; \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys []

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-10-23 21275]

R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]

R2 wg3n;SyGate for NT, wg3n; C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [2004-02-02 11914]

R3 3xHybrid;Philips SAA713x PCI Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-10-10 1105664]

R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-03-15 43008]

R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]

R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-10-09 4381696]

R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]

R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040]

R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792]

S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]

S3 catchme;catchme; \??\C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys []

S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys []

S3 FETNDIS;VIA PCI 10/100-MBit/s-Fast Ethernetadapter-NT-Treiber; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]

S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\4.tmp []

S3 MHNDRV;MHN-Treiber; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]

S3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]

S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-06-08 344064]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
 

R2 accsvc;AccSys WiFi Component; C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe [2006-01-11 147456]

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]

R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]

R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]

R2 ehSched;Media Center-Planerdienst; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]

R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-11-14 153376]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Programme\Lavasoft\Ad-Aware\AAWService.exe [2010-05-19 1181328]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [2006-04-24 73728]

R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]

R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Programme\CyberLink\Shared Files\RichVideo.exe [2006-10-19 262247]

R2 SmcService;Sygate Personal Firewall; C:\Programme\Sygate\SPF\smc.exe [2004-02-24 2372760]

R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]

S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 iPod Service;iPod Service; C:\Programme\iPod\bin\iPodService.exe [2006-10-30 492608]

S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S3 RGZES;RGZES; C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe []

S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]

S3 usnsvc;Messenger Sharing USN Journal Reader-Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 WMConnectCDS;Windows Media Connect-Dienst; C:\Programme\Windows Media Connect 2\wmccds.exe [2005-10-06 856064]

S4 gupdate;Google Update Service (gupdate); C:\Programme\Google\Update\GoogleUpdate.exe [2010-04-15 136176]

S4 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-10 182768]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

S4 srvcPVR;Sceneo PVR Service; C:\Programme\Sceneo\Bonavista\Services\PVR\PVRService.exe [2006-10-24 1441280]

S4 TVECapSvc;TVEnhance Background Capture Service (TBCS); C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [2006-10-19 282709]

S4 TVESched;TVEnhance Task Scheduler (TTS)); C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [2006-10-19 122971]

S4 TVTABRDZ;TVTABRDZ; C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe []
 

-----------------EOF-----------------

RSIT info.txt:

[CODE]info.txtRSIT Logfile:

Code:

logfile of random's system information tool 1.06 2009-11-13 13:15:17
 

======Uninstall list======
 

-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

-->C:\Programme\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu

-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNRecode.exe /UNINSTALL

-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}

-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

7-Zip 4.65-->"C:\Programme\7-Zip\Uninstall.exe"

Ad-Aware-->"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE

Ad-Aware-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 7.0.8 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A70800000002}

Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"

ALDI Online Druck Service (Sued)-->C:\PROGRA~1\ALDION~1\ALDI_ODS\UNWISE.EXE C:\PROGRA~1\ALDION~1\ALDI_ODS\INSTALL.LOG

ALDI Sued Foto Manager (D)-->C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Manager\instslct.exe

ALDI Sued Foto Service (D)-->C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Service\instslct.exe

Atlantis - Sky Patrol (remove only)-->C:\Programme\Games\Atlantis - Sky Patrol\Uninstall.exe

Audacity 1.3.7-->"C:\Programme\Audacity 1.3 Beta\unins000.exe"

Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE

Biet-O-Matic v2.6.1-->C:\PROGRA~1\BIET-O~1\UNWISE.EXE C:\PROGRA~1\BIET-O~1\Install.log

Big Fish Games Center (remove only)-->C:\Programme\Games\Uninstall.exe

Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}\Setup.exe" -l0x7 Brunin03.dllBrunin03.dll

Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}

Canon Utilities Easy-PhotoPrint-->C:\Programme\Canon\Easy-PhotoPrint\uninst.exe C:\Programme\Canon\Easy-PhotoPrint\uninst.ini

Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE

CCleaner-->"C:\Programme\CCleaner\uninst.exe"

CD-LabelPrint-->"C:\Programme\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application

DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER

DivX Pro-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC

EA SPORTS online 2004-->C:\Programme\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe

Easy-WebPrint-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\Canon\Easy-WebPrint\Uninst.isu

Europa Raser-->C:\PROGRA~1\Davilex\EUROPA~1\UNINST32.EXE C:\PROGRA~1\Davilex\EUROPA~1\INSTALL.LOG

Fairies EU (remove only)-->C:\Programme\Games\Fairies EU\Uninstall.exe

ffdshow [rev 1473] [2007-09-10]-->"C:\Programme\ffdshow\unins000.exe"

FIFA 2004-->C:\Programme\EA SPORTS\FIFA 2004\EAUninstall.exe

FIFA RTWC 98-->C:\WINDOWS\unin0407.exe -f"C:\Program Files\EA SPORTS\FIFA RTWC 98\DeIsL1.isu"

Fish Tycoon (remove only)-->C:\Programme\Games\Fish Tycoon\Uninstall.exe

Free Download Manager 2.1-->"C:\Programme\Free Download Manager\unins000.exe"

GemMaster Mystic-->"C:\Programme\GemMasterGerman\uninstallgemmaster.exe"

GetRight-->"C:\Programme\GetRight\unins000.exe"

GIMP 2.6.7-->"C:\Programme\GIMP-2.0\setup\unins000.exe"

Google Earth-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x7  -removeonly

Google Toolbar for Internet Explorer-->"C:\Programme\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Hidden Expedition Titanic (remove only)-->C:\Programme\Games\Hidden Expedition Titanic\Uninstall.exe

High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"

HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"

Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"

Internet Radio-->"C:\WINDOWS\lsb_un20.exe" /C=UC /N=Internet Radio

iTunes-->MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}

J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}

KompoZer 0.77-->"C:\Programme\KompoZer\unins000.exe"

LAME v3.98.2 for Audacity-->"C:\Programme\Lame for Audacity\unins000.exe"

LetsTrade Komponenten-->C:\WINDOWS\fpuninst.exe -uninstall:"c:\programme\letstrade\uninst\uninst.ini"

MagicDirector 1.2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe"  -uninstall

Mah-Jomino (remove only)-->C:\Programme\Games\Mah-Jomino\Uninstall.exe

MakeDisc-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe"  -uninstall

Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"

MCE Software Encoder 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\setup.exe"  -uninstall

MediaShow 3.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe"  -uninstall

MEDION Fotos auf CD Sued (D)-->C:\Programme\ALDI Sued Foto Service\MEDION_Fotos_auf_CD\instslct.exe

Mein Geld Professional-->MsiExec.exe /I{08E4F3CE-A34E-4667-8DE9-147249FAE468}

Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"

Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}

Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe

Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Windows-Journal-Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}

Microsoft Works-->MsiExec.exe /I{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}

Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"

Mozilla Firefox (3.5.5)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}

MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Mystery Case Files - Huntsville (remove only)-->C:\Programme\Games\Mystery Case Files - Huntsville\Uninstall.exe

Mystery Case Files - Prime Suspects (remove only)-->C:\Programme\Games\Mystery Case Files - Prime Suspects\Uninstall.exe

Mystic Inn (remove only)-->C:\Programme\Games\Mystic Inn\Uninstall.exe

Need For Speed Hot Pursuit 2-->C:\Programme\EA Games\Need For Speed Hot Pursuit 2\EAUninstall.exe

Need For Speed II SE-->C:\WINDOWS\unin0407.exe -f"C:\Programme\Electronic Arts\Need For Speed II SE\DeIsL1.isu"

Nero 7 Essentials-->MsiExec.exe /I{5B8072B3-A576-4C0B-99BC-FAA7145A1031}

NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI

Office 2003 Trial Assistant-->MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}

OpenOffice.org 2.4-->MsiExec.exe /I{50E21B3A-FF06-412D-879B-DEA30815736E}

Otto-->"C:\Programme\GermanOtto\uninstallotto.exe"

PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}

PDFCreator-->C:\Programme\PDFCreator\unins000.exe

PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe"  -uninstall

Poker Superstars II (remove only)-->C:\Programme\Games\Poker Superstars II\Uninstall.exe

PowerCinema Linux 5.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}\Setup.exe"  -uninstall

PowerDirector-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe"  -uninstall

PowerDVD-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe"  -uninstall

PowerProducer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe"  -uninstall

QuickTime-->MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}

Ralink Wireless LAN-Karte-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x7  -removeonly

RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7  -removeonly

Sceneo Bonavista-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}\Setup.exe" 

SDFormatter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{5A347920-4AFC-11D5-9FB0-800649886934}\setup.exe" 

Security Update für Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}

Sicherheitsupdate für Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"

Sicherheitsupdate für Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Sicherheitsupdate für Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Sygate Personal Firewall-->MsiExec.exe /X{F860F390-78F4-4B45-8C1A-0489618E315B}

Trillian-->C:\Programme\Trillian\trillian.exe /uninstall

Turbo Lister 2-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548} 

TV Enhance-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E4C891D6-6844-41B8-86E8-633CACCC644F}\setup.exe"  -uninstall

TVsweeper-->MsiExec.exe /I{D0CC1431-915D-4454-A045-232155BFD498}

Update für Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"

Update für Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"

Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

Update Rollup 2 für Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe

USB2.0 CARD READER-->MsiExec.exe /I{247A11CA-F5CE-4DD6-85E2-64850E64E064}

VIA Platform Device Manager-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} 

VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA

VideoLAN VLC media player 0.8.6-->C:\Programme\VideoLAN\VLC\uninstall.exe

Virtual Villagers (remove only)-->C:\Programme\Games\Virtual Villagers\Uninstall.exe

Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}

Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""

VRally3-->C:\Programme\Atari\VRally3\unins000.exe

Windows Live Messenger-->MsiExec.exe /I{8DCBD4B1-DD30-4A9A-ADF7-FA3162B596C4}

Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"

Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

Windows Messenger 5.1-->MsiExec.exe /I{9D1C26BD-E792-4159-9D16-07EA222D8EF0}

Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"

Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"

Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

Windows-Sicherungsprogramm-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}

WLAN Monitor-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2808E975-BD01-47DD-9852-54E3C622BDDC}\setup.exe" -l0x7 

WLAN Quick-Starter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E40268F4-7E9F-4E07-B773-7FF64971F42E}\setup.exe" -l0x7 

X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
 

======Security center information======
 

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic (disabled)

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic (disabled)

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic (outdated)

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: AntiVir Desktop

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic (disabled)

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic (disabled)

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic

AV: Avira AntiVir PersonalEdition Classic
 

======System event log======
 

Computer Name: MD8818

Event Code: 6006

Message: Der Ereignisprotokolldienst wurde beendet.
 

Record Number: 69441

Source Name: EventLog

Time Written: 20090928005954.000000+120

Event Type: Informationen

User: 
 

Computer Name: MD8818

Event Code: 8033

Message: Der Suchdienst hat eine Wahl auf dem Netzwerk "\Device\NetBT_Tcpip_{49D23CDE-0437-47B3-A174-4D15408BFA1C}" erzwungen, da der Hauptsuchdienst beendet wurde.
 

Record Number: 69440

Source Name: BROWSER

Time Written: 20090928005924.000000+120

Event Type: Informationen

User: 
 

Computer Name: MD8818

Event Code: 4202

Message: Es wurde festgestellt, dass der Netzwerkadapter "VIA Rhine II Fast Ethernet Adapter" vom Netzwerk getrennt wurde,

und dass die Netzwerkkonfiguration des Adapters freigegeben wurde. Möglicherweise

ist der Adapter beschädigt, falls der Adapter nicht vom Netzwerk getrennt wurde.

Wenden Sie sich an den Hersteller bezüglich aktueller Treiber.
 

Record Number: 69439

Source Name: Tcpip

Time Written: 20090928005922.000000+120

Event Type: Informationen

User: 
 

Computer Name: MD8818

Event Code: 7036

Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Beendet".
 

Record Number: 69438

Source Name: Service Control Manager

Time Written: 20090928003849.000000+120

Event Type: Informationen

User: 
 

Computer Name: MD8818

Event Code: 7036

Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Ausgeführt".
 

Record Number: 69437

Source Name: Service Control Manager

Time Written: 20090928003842.000000+120

Event Type: Informationen

User: 
 

=====Application event log=====
 

Computer Name: MD8818

Event Code: 0

Message: 

Record Number: 14813

Source Name: iPod Service

Time Written: 20090327080931.000000+060

Event Type: Informationen

User: 
 

Computer Name: MD8818

Event Code: 0

Message: 

Record Number: 14812

Source Name: TVESched

Time Written: 20090327080924.000000+060

Event Type: Informationen

User: 
 

Computer Name: MD8818

Event Code: 0

Message: 

Record Number: 14811

Source Name: TVECapSvc

Time Written: 20090327080924.000000+060

Event Type: Informationen

User: 
 

Computer Name: MD8818

Event Code: 1800

Message: Der Windows-Sicherheitscenterdienst wurde gestartet.
 

Record Number: 14810

Source Name: SecurityCenter

Time Written: 20090327080924.000000+060

Event Type: Informationen

User: 
 

Computer Name: MD8818

Event Code: 32068

Message: Die ausgehende Verteilerregel ist nicht gültig, weil kein gültiges Gerät gefunden werden kann. Ausgehende Faxe, die diese Regel verwenden, werden nicht weitergeleitet. Stellen Sie sicher, dass das angezielte Gerät bzw. die angezielten Geräte angeschlossen, korrekt installiert und angeschaltet sind. Stellen Sie außerdem sicher, dass die Gruppe korrekt konfiguriert ist, falls die Weiterleitung an eine Gruppe von Geräten erfolgen soll.

Landes-/Regionskennzahl: "*"

Ortskennzahl: "*"
 

Record Number: 14809

Source Name: Microsoft Fax

Time Written: 20090327080923.000000+060

Event Type: Warnung

User: 
 

======Environment variables======
 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Programme\QuickTime\QTSystem

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel

"PROCESSOR_REVISION"=0f06

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;C:\Programme\Java\jre1.5.0_08\lib\ext\QTJava.zip

"QTJAVA"=C:\Programme\Java\jre1.5.0_08\lib\ext\QTJava.zip
 

-----------------EOF-----------------

--- --- ---

so, das wär's erstmal. Ich hoffe, ihr könnt mir weiterhelfen.

Danke und viele Grüße
Joe

Win32.Backdoor.Papras/A / TR/Spy.Browse.A (Trojan) führt zu Grafikkartenproblemen?

Habe MAM nochmal komplett drüberlaufen lassen - kein Fund.

Habe AntiVir geupdated nochmal drüberlaufen lassen, 1 Fund: JAVA/Agent.T.1

Code:

Avira AntiVir Personal

Erstellungsdatum der Reportdatei: Mittwoch, 21. Juli 2010  12:52

 

Es wird nach 2395531 Virenstämmen gesucht.

 

Das Programm läuft als uneingeschränkte Vollversion.

Online-Dienste stehen zur Verfügung.

 

Lizenznehmer   : Avira AntiVir Personal - FREE Antivirus

Seriennummer   : 0000149996-ADJIE-0000001

Plattform      : Windows XP

Windowsversion : (Service Pack 3)  [5.1.2600]

Boot Modus     : Normal gebootet

Benutzername   : SYSTEM

Computername   : MD8818

 

Versionsinformationen:

BUILD.DAT      : 10.0.0.567     32097 Bytes  19.04.2010 15:50:00

AVSCAN.EXE     : 10.0.3.0      433832 Bytes  01.04.2010 11:37:35

AVSCAN.DLL     : 10.0.3.0       56168 Bytes  30.03.2010 10:42:16

LUKE.DLL       : 10.0.2.3      104296 Bytes  07.03.2010 17:32:59

LUKERES.DLL    : 10.0.0.0       13672 Bytes  14.01.2010 10:59:47

VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 08:05:36

VBASE001.VDF   : 7.10.1.0     1372672 Bytes  19.11.2009 18:27:49

VBASE002.VDF   : 7.10.3.1     3143680 Bytes  20.01.2010 16:37:42

VBASE003.VDF   : 7.10.3.75     996864 Bytes  26.01.2010 15:37:42

VBASE004.VDF   : 7.10.4.203   1579008 Bytes  05.03.2010 10:29:03

VBASE005.VDF   : 7.10.6.82    2494464 Bytes  15.04.2010 19:44:22

VBASE006.VDF   : 7.10.7.218   2294784 Bytes  02.06.2010 19:44:26

VBASE007.VDF   : 7.10.7.219      2048 Bytes  02.06.2010 19:44:26

VBASE008.VDF   : 7.10.7.220      2048 Bytes  02.06.2010 19:44:26

VBASE009.VDF   : 7.10.7.221      2048 Bytes  02.06.2010 19:44:26

VBASE010.VDF   : 7.10.7.222      2048 Bytes  02.06.2010 19:44:26

VBASE011.VDF   : 7.10.7.223      2048 Bytes  02.06.2010 19:44:26

VBASE012.VDF   : 7.10.7.224      2048 Bytes  02.06.2010 19:44:26

VBASE013.VDF   : 7.10.8.37     270336 Bytes  10.06.2010 19:44:26

VBASE014.VDF   : 7.10.8.69     138752 Bytes  14.06.2010 19:44:27

VBASE015.VDF   : 7.10.8.102    130560 Bytes  16.06.2010 19:44:27

VBASE016.VDF   : 7.10.8.135    152064 Bytes  21.06.2010 19:44:28

VBASE017.VDF   : 7.10.8.163    432128 Bytes  23.06.2010 19:44:28

VBASE018.VDF   : 7.10.8.194    133632 Bytes  27.06.2010 19:44:29

VBASE019.VDF   : 7.10.8.220    134656 Bytes  29.06.2010 19:44:29

VBASE020.VDF   : 7.10.8.252    171520 Bytes  04.07.2010 19:44:30

VBASE021.VDF   : 7.10.9.19     131072 Bytes  06.07.2010 19:44:30

VBASE022.VDF   : 7.10.9.36     297472 Bytes  07.07.2010 19:44:30

VBASE023.VDF   : 7.10.9.60     150016 Bytes  11.07.2010 19:44:31

VBASE024.VDF   : 7.10.9.79     113152 Bytes  13.07.2010 19:44:31

VBASE025.VDF   : 7.10.9.99     158720 Bytes  16.07.2010 19:44:31

VBASE026.VDF   : 7.10.9.133    630784 Bytes  20.07.2010 10:46:05

VBASE027.VDF   : 7.10.9.134      2048 Bytes  20.07.2010 10:46:05

VBASE028.VDF   : 7.10.9.135      2048 Bytes  20.07.2010 10:46:05

VBASE029.VDF   : 7.10.9.136      2048 Bytes  20.07.2010 10:46:06

VBASE030.VDF   : 7.10.9.137      2048 Bytes  20.07.2010 10:46:06

VBASE031.VDF   : 7.10.9.139     15872 Bytes  21.07.2010 10:46:06

Engineversion  : 8.2.4.22  

AEVDF.DLL      : 8.1.2.0       106868 Bytes  18.07.2010 19:44:37

AESCRIPT.DLL   : 8.1.3.41     1364346 Bytes  21.07.2010 10:46:15

AESCN.DLL      : 8.1.6.1       127347 Bytes  18.07.2010 19:44:36

AESBX.DLL      : 8.1.3.1       254324 Bytes  18.07.2010 19:44:37

AERDL.DLL      : 8.1.8.2       614772 Bytes  21.07.2010 10:46:14

AEPACK.DLL     : 8.2.3.2       471414 Bytes  21.07.2010 10:46:13

AEOFFICE.DLL   : 8.1.1.7       201081 Bytes  21.07.2010 10:46:12

AEHEUR.DLL     : 8.1.2.6      2793846 Bytes  21.07.2010 10:46:11

AEHELP.DLL     : 8.1.13.2      242039 Bytes  21.07.2010 10:46:08

AEGEN.DLL      : 8.1.3.15      385396 Bytes  21.07.2010 10:46:08

AEEMU.DLL      : 8.1.2.0       393588 Bytes  18.07.2010 19:44:33

AECORE.DLL     : 8.1.16.2      192887 Bytes  21.07.2010 10:46:07

AEBB.DLL       : 8.1.1.0        53618 Bytes  18.07.2010 19:44:32

AVWINLL.DLL    : 10.0.0.0       19304 Bytes  14.01.2010 10:59:10

AVPREF.DLL     : 10.0.0.0       44904 Bytes  14.01.2010 10:59:07

AVREP.DLL      : 10.0.0.8       62209 Bytes  18.02.2010 15:47:40

AVREG.DLL      : 10.0.3.0       53096 Bytes  01.04.2010 11:35:44

AVSCPLR.DLL    : 10.0.3.0       83816 Bytes  01.04.2010 11:39:49

AVARKT.DLL     : 10.0.0.14     227176 Bytes  01.04.2010 11:22:11

AVEVTLOG.DLL   : 10.0.0.8      203112 Bytes  26.01.2010 08:53:25

SQLITE3.DLL    : 3.6.19.0      355688 Bytes  28.01.2010 11:57:53

AVSMTP.DLL     : 10.0.0.17      63848 Bytes  16.03.2010 14:38:54

NETNT.DLL      : 10.0.0.0       11624 Bytes  19.02.2010 13:40:55

RCIMAGE.DLL    : 10.0.0.26    2550120 Bytes  28.01.2010 12:10:08

RCTEXT.DLL     : 10.0.53.0      98152 Bytes  09.04.2010 13:14:28

 

Konfiguration für den aktuellen Suchlauf:

Job Name..............................: Vollständige Systemprüfung

Konfigurationsdatei...................: c:\programme\avira\antivir desktop\sysscan.avp

Protokollierung.......................: niedrig

Primäre Aktion........................: interaktiv

Sekundäre Aktion......................: ignorieren

Durchsuche Masterbootsektoren.........: ein

Durchsuche Bootsektoren...............: ein

Bootsektoren..........................: C:, D:, 

Durchsuche aktive Programme...........: ein

Laufende Programme erweitert..........: ein

Durchsuche Registrierung..............: ein

Suche nach Rootkits...................: ein

Integritätsprüfung von Systemdateien..: aus

Optimierter Suchlauf..................: ein

Datei Suchmodus.......................: Alle Dateien

Durchsuche Archive....................: ein

Rekursionstiefe einschränken..........: 20

Archiv Smart Extensions...............: ein

Makrovirenheuristik...................: ein

Dateiheuristik........................: mittel

Abweichende Gefahrenkategorien........: +APPL,+PCK,+SPR,

 

Beginn des Suchlaufs: Mittwoch, 21. Juli 2010  12:52

 

Der Suchlauf nach versteckten Objekten wird begonnen.

 

Der Suchlauf über gestartete Prozesse wird begonnen:

Durchsuche Prozess 'msdtc.exe' - '40' Modul(e) wurden durchsucht

Durchsuche Prozess 'dllhost.exe' - '45' Modul(e) wurden durchsucht

Durchsuche Prozess 'vssvc.exe' - '48' Modul(e) wurden durchsucht

Durchsuche Prozess 'avscan.exe' - '68' Modul(e) wurden durchsucht

Durchsuche Prozess 'avcenter.exe' - '64' Modul(e) wurden durchsucht

Durchsuche Prozess 'AAWTray.exe' - '23' Modul(e) wurden durchsucht

Durchsuche Prozess 'alg.exe' - '31' Modul(e) wurden durchsucht

Durchsuche Prozess 'wmiapsrv.exe' - '45' Modul(e) wurden durchsucht

Durchsuche Prozess 'wmiprvse.exe' - '42' Modul(e) wurden durchsucht

Durchsuche Prozess 'ehmsas.exe' - '22' Modul(e) wurden durchsucht

Durchsuche Prozess 'unsecapp.exe' - '37' Modul(e) wurden durchsucht

Durchsuche Prozess 'soffice.BIN' - '82' Modul(e) wurden durchsucht

Durchsuche Prozess 'dllhost.exe' - '59' Modul(e) wurden durchsucht

Durchsuche Prozess 'soffice.exe' - '17' Modul(e) wurden durchsucht

Durchsuche Prozess 'ctfmon.exe' - '26' Modul(e) wurden durchsucht

Durchsuche Prozess 'RUNDLL32.EXE' - '31' Modul(e) wurden durchsucht

Durchsuche Prozess 'jusched.exe' - '50' Modul(e) wurden durchsucht

Durchsuche Prozess 'avgnt.exe' - '51' Modul(e) wurden durchsucht

Durchsuche Prozess 'brctrcen.exe' - '41' Modul(e) wurden durchsucht

Durchsuche Prozess 'pptd40nt.exe' - '26' Modul(e) wurden durchsucht

Durchsuche Prozess 'qttask.exe' - '20' Modul(e) wurden durchsucht

Durchsuche Prozess 'SetIcon.exe' - '25' Modul(e) wurden durchsucht

Durchsuche Prozess 'RTHDCPL.EXE' - '38' Modul(e) wurden durchsucht

Durchsuche Prozess 'ehtray.exe' - '46' Modul(e) wurden durchsucht

Durchsuche Prozess 'mcrdsvc.exe' - '29' Modul(e) wurden durchsucht

Durchsuche Prozess 'x10nets.exe' - '35' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht

Durchsuche Prozess 'RichVideo.exe' - '23' Modul(e) wurden durchsucht

Durchsuche Prozess 'MDM.EXE' - '23' Modul(e) wurden durchsucht

Durchsuche Prozess 'LSSrvc.exe' - '17' Modul(e) wurden durchsucht

Durchsuche Prozess 'avshadow.exe' - '27' Modul(e) wurden durchsucht

Durchsuche Prozess 'jqs.exe' - '74' Modul(e) wurden durchsucht

Durchsuche Prozess 'ehSched.exe' - '40' Modul(e) wurden durchsucht

Durchsuche Prozess 'ehRecvr.exe' - '182' Modul(e) wurden durchsucht

Durchsuche Prozess 'avguard.exe' - '54' Modul(e) wurden durchsucht

Durchsuche Prozess 'accsvc.exe' - '19' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht

Durchsuche Prozess 'sched.exe' - '45' Modul(e) wurden durchsucht

Durchsuche Prozess 'spoolsv.exe' - '61' Modul(e) wurden durchsucht

Durchsuche Prozess 'Explorer.EXE' - '93' Modul(e) wurden durchsucht

Durchsuche Prozess 'AAWService.exe' - '74' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht

Durchsuche Prozess 'smc.exe' - '73' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '163' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht

Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht

Durchsuche Prozess 'nvsvc32.exe' - '40' Modul(e) wurden durchsucht

Durchsuche Prozess 'lsass.exe' - '58' Modul(e) wurden durchsucht

Durchsuche Prozess 'services.exe' - '27' Modul(e) wurden durchsucht

Durchsuche Prozess 'winlogon.exe' - '67' Modul(e) wurden durchsucht

Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht

Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht

 

Der Suchlauf über die Masterbootsektoren wird begonnen:

Masterbootsektor HD0

    [INFO]      Es wurde kein Virus gefunden!

Masterbootsektor HD1

    [INFO]      Es wurde kein Virus gefunden!

Masterbootsektor HD2

    [INFO]      Es wurde kein Virus gefunden!

Masterbootsektor HD3

    [INFO]      Es wurde kein Virus gefunden!

 

Der Suchlauf über die Bootsektoren wird begonnen:

Bootsektor 'C:\'

    [INFO]      Es wurde kein Virus gefunden!

Bootsektor 'D:\'

    [INFO]      Es wurde kein Virus gefunden!

 

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:

Die Registry wurde durchsucht ( '1748' Dateien ).

 

 

Der Suchlauf über die ausgewählten Dateien wird begonnen:

 

Beginne mit der Suche in 'C:\' <BOOT>

C:\WINDOWS\Temp\6.0\29\7adbb65d-74619230

[0] Archivtyp: ZIP

  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.T.1

  --> vmain.class

  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.T.1

Beginne mit der Suche in 'D:\' <RECOVER>

 

Beginne mit der Desinfektion:

C:\WINDOWS\Temp\6.0\29\7adbb65d-74619230

    [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Agent.T.1

    [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e3f4f58.qua' verschoben!

 

 

Ende des Suchlaufs: Mittwoch, 21. Juli 2010  14:43

Benötigte Zeit:  1:49:58 Stunde(n)

 

Der Suchlauf wurde vollständig durchgeführt.

 

  17521 Verzeichnisse wurden überprüft

 611953 Dateien wurden geprüft

      1 Viren bzw. unerwünschte Programme wurden gefunden

      0 Dateien wurden als verdächtig eingestuft

      0 Dateien wurden gelöscht

      0 Viren bzw. unerwünschte Programme wurden repariert

      1 Dateien wurden in die Quarantäne verschoben

      0 Dateien wurden umbenannt

      0 Dateien konnten nicht durchsucht werden

 611952 Dateien ohne Befall

  10524 Archive wurden durchsucht

      0 Warnungen

      1 Hinweise

 645398 Objekte wurden beim Rootkitscan durchsucht

      0 Versteckte Objekte wurden gefunden

(in Quarantäne verschoben)

Und siehe da: Maus wieder ohne schwarze Quer-Striche, AntiVir funzt wieder schneller, Videos kann ich wieder anschaun (VLC Player), die genannten Emails werden wieder normal schnell geladen :-)

Aber obs das schon war, weiß ich nicht...

Die Probleme kamen kurz darauf wieder, habe dann MAM drüberlaufen lassen - kein Fund, anschließend AntiVir - folgender Fund:

Code:

Die Datei 'C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\8DIRGLUN\nobj[1].exe'

enthielt einen Virus oder unerwünschtes Programm 'TR/Gendal.52224.BI' [trojan].

Durchgeführte Aktion(en):

Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4fbab14b.qua' verschoben!

Dann erstmal wieder keine Probleme, heute aber wieder die gleichen Probleme (sh. oben). Heute aber keine Funde mit MAM/Antivir.
Habe gestern das aktuelle Update von Firefox installiert, ich weiß nicht, ob es damit zusammenhängen könnte.

hoffe noch auf Hilfe, die noch bestehenden Symptome sind:
- Computer-Maus: hat schwarze Querstreifen im normalerweise weißen Bereich (manchmal auch rot, ändert sich manchmal beim Bewegen der Maus)
- Probleme beim Anzeigen von Videos, es können keine Videos abgespielt werden (nur Ton)
- Probleme bei der Anzeige bestimmter Programme/Emails: Z.B. dauert die Anzeige von AntiVir Personal sehr lange, sprich es scheint sehr lange zu laden, beim Starten oder wenn man einen Menüpunkt anklickt usw.; selbiges bei Emails in Outlook Express, und zwar dann, wenn eine Email Daten/Bilder aus dem Internet nachladen will (obwohl Outlook diese ja blockiert) - das Laden dieser Emails dauert ebenfalls sehr sehr lange (es werden dann auch keine Bilder angezeigt, trotzdem dauert es lange)
- beim Starten/Booten zeigt der Bildschirm nichts mehr an (bis zur Benutzerauswahl)
- der PC stürzt öfters ab, wenn er ein Video laden will o.ä.

Nach Virenfunden (s.o.) gings kurzzeitig wieder, jetzt wieder nicht mehr.

Habe jetzt mal noch GMER scannen lassen. Ist sehr schnell erledigt gewesen
Log:

Code:

GMER 1.0.15.15281 - http://www.gmer.net

Rootkit scan 2010-07-28 09:59:12

Windows 5.1.2600 Service Pack 3

Running: pgtrnxzt.exe; Driver: C:\DOKUME~1\FAMILI~1\LOKALE~1\Temp\pxtdypow.sys

 

 

---- System - GMER 1.0.15 ----

 

SSDT            F7C3DEA6                                                                                                 ZwCreateKey

SSDT            F7C3DE9C                                                                                                 ZwCreateThread

SSDT            F7C3DEAB                                                                                                 ZwDeleteKey

SSDT            F7C3DEB5                                                                                                 ZwDeleteValueKey

SSDT            F7C3DEBA                                                                                                 ZwLoadKey

SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                        ZwMapViewOfSection [0xF79B18D0]

SSDT            F7C3DE88                                                                                                 ZwOpenProcess

SSDT            F7C3DE8D                                                                                                 ZwOpenThread

SSDT            F7C3DEC4                                                                                                 ZwReplaceKey

SSDT            F7C3DEBF                                                                                                 ZwRestoreKey

SSDT            F7C3DEB0                                                                                                 ZwSetValueKey

SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                        ZwShutdownSystem [0xF79B1E70]

SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                        ZwTerminateProcess [0xF79B1E00]

 

---- Kernel code sections - GMER 1.0.15 ----

 

.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                 section is writeable [0xF5F643A0, 0x592C35, 0xE8000020]

.text           tcpip.sys!IPTransmit + 10FC                                                                              F3666D3A 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

.text           tcpip.sys!IPTransmit + 2A52                                                                              F3668690 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

.text           tcpip.sys!IPRegisterProtocol + 930                                                                       F367E454 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

.text           wanarp.sys                                                                                               F78253FD 4 Bytes  CALL F731B350 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

.text           wanarp.sys                                                                                               F7825402 2 Bytes  [90, 90] {NOP ; NOP }

 

---- Kernel IAT/EAT - GMER 1.0.15 ----

 

IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter]                                      [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter]                                       [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol]                                [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol]                                  [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol]                                 [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter]                                      [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter]                                     [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol]                               [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol]                                  [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol]                                [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter]                                      [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter]                                       [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter]                                        [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter]                                         [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol]                                    [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol]                                 [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol]                                   [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter]                                        [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter]                                       [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter]                                      [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter]                                       [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol]                                [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol]                                  [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol]                                  [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol]                                [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter]                                      [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter]                                       [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

 

---- Devices - GMER 1.0.15 ----

 

Device          \Driver\Tcpip \Device\Ip                                                                                 wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

Device          \Driver\Tcpip \Device\Tcp                                                                                wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

 

AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                Lbd.sys (Boot Driver/Lavasoft AB)

 

Device          \Driver\Tcpip \Device\Udp                                                                                wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

Device          \Driver\Tcpip \Device\RawIp                                                                              wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

Device          \Driver\Tcpip \Device\IPMULTICAST                                                                        wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

 

AttachedDevice  \FileSystem\Fastfat \Fat                                                                                 fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

 

---- Registry - GMER 1.0.15 ----

 

Reg             HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@j!s!i!`!r!`!e!d!\30!\30!t!e!s!m!s!y!  71230

 

---- EOF - GMER 1.0.15 ----

Hmmm, als ich das log gerade im Editor speichern wollte, hat er sich mehrmals aufgehängt (als ich auf Speichern im Speichern unter-Fenster geklickt habe), gleiches mit MS Works Textverarbeitung (speichern in einer bereits vorhandenen .txt funktionierte dann)
Auch beim Neustarten hat der PC nicht reagiert (sich aber nicht vollständig aufgehängt). Im Task-Manager war lsass.exe mit 50% CPU-Auslastung drin, und bei den Anwendungen "SysFader" - keine Rückmeldung...
Der Task-Manager hat dann auch nicht mehr reagiert, es half nur noch ein Kaltstart.

da ich leider noch keine Reaktion erhalten habe und nicht weiß, bis wann ich eine Antwort bekommen könnte, habe ich mein Problem nun unter Windows XP Win32.Backdoor.Papras/A, TR/Spy.Browse.A (Trojan), JAVA/Agent.T.1; Grafikprobleme,... geschildert.
Wenn mir dort zwischenzeitlich geholfen wird, ist in diesem Thread keine Antwort mehr nötig.
Danke und nichts für ungut.

(Natürlich freue ich mich auch weiterhin, wenn ich Hilfe bekomme.)
Ist mein System noch infiziert?

Hallo,

Zitat:

Sygate Personal Firewall

Das ist nichts weiter als ein Spielzeug, das eher kontraproduktiv ist. Solltest Du deinstallieren, allein schon deswegen, weil das Teil schon lange nicht mehr supportet wird (vor einigen Jahren wurde Sygate AFAIK von Symantec übernommen)

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

Hallo Arne,

danke für Deine Antwort!

Hier die beiden Log-files:

Extras.txt

Code:

OTL Extras logfile created on: 30.07.2010 00:00:54 - Run 1

OTL by OldTimer - Version 3.2.9.1     Folder = C:\Dokumente und Einstellungen\***\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1.022,00 Mb Total Physical Memory | 328,00 Mb Available Physical Memory | 32,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 278,55 Gb Total Space | 65,66 Gb Free Space | 23,57% Space Free | Partition Type: NTFS

Drive D: | 19,52 Gb Total Space | 5,46 Gb Free Space | 27,95% Space Free | Partition Type: FAT32

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: MD8818

Current User Name: ***

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)

"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)

"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)

"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.)

"C:\Programme\Trillian\trillian.exe" = C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian -- (Cerulean Studios)

"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen -- (Microsoft Corporation)

"C:\Programme\WS_FTP\WS_FTP95.exe" = C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA 02173)

"C:\Programme\TmNationsForever\TmForever.exe" = C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth

"{08E4F3CE-A34E-4667-8DE9-147249FAE468}" = Mein Geld Professional

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{247A11CA-F5CE-4DD6-85E2-64850E64E064}" = USB2.0 CARD READER

"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 21

"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe  1.4.89.1

"{2808E975-BD01-47DD-9852-54E3C622BDDC}" = WLAN Monitor

"{31671B31-682F-499E-00B9-7AD7D33C9E4F}" = Need For Speed Hot Pursuit 2

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows-Journal-Viewer

"{446DBFFA-4088-48E3-8932-74316BA4CAE4}" = iTunes

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo Bonavista

"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works

"{50D8FFDD-90CD-4859-841F-AA1961C7767A}" = QuickTime

"{50E21B3A-FF06-412D-879B-DEA30815736E}" = OpenOffice.org 2.4

"{5A347920-4AFC-11D5-9FB0-800649886934}" = SDFormatter

"{5B8072B3-A576-4C0B-99BC-FAA7145A1031}" = Nero 7 Essentials

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.0

"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm

"{782DDB70-3DF4-4366-00BF-E3767BCD173B}" = FIFA 2004

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro

"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{8DCBD4B1-DD30-4A9A-ADF7-FA3162B596C4}" = Windows Live Messenger

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9D1C26BD-E792-4159-9D16-07EA222D8EF0}" = Windows Messenger 5.1

"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1031-7B44-A70800000002}" = Adobe Reader 7.0.8 - Deutsch

"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0CC1431-915D-4454-A045-232155BFD498}" = TVsweeper

"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0

"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0

"{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}" = PowerCinema Linux 5.0

"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite

"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord

"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware

"{E40268F4-7E9F-4E07-B773-7FF64971F42E}" = WLAN Quick-Starter

"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance

"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack

"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink Wireless LAN-Karte

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F79A208D-D929-11D9-9D77-000129760D75}" = MagicDirector 1.2

"{F860F390-78F4-4B45-8C1A-0489618E315B}" = Sygate Personal Firewall

"1F811665-E818-4956-9173-35CD47C9DCE0" = Otto

"7A1E1C4F-CC6F-4BF0-BB81-7CFC3F655564" = GemMaster Mystic

"7-Zip" = 7-Zip 4.65

"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2004

"Ad-Aware" = Ad-Aware

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued)

"ALDI Sued Foto Manager D" = ALDI Sued Foto Manager (D)

"ALDI Sued Foto Service D" = ALDI Sued Foto Service (D)

"Atlantis - Sky Patrol" = Atlantis - Sky Patrol (remove only)

"Audacity 1.3 Beta_is1" = Audacity 1.3.7

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Avira UnErase Personal" = Avira UnErase Personal

"Biet-O-Matic v2.6.1" = Biet-O-Matic v2.6.1

"Big Fish Games Center" = Big Fish Games Center (remove only)

"CCleaner" = CCleaner

"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint

"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox

"Easy-WebPrint" = Easy-WebPrint

"Europa Raser" = Europa Raser

"Fairies EU" = Fairies EU (remove only)

"ffdshow_is1" = ffdshow [rev 1473] [2007-09-10]

"FIFA RTWC 98" = FIFA RTWC 98

"FileZilla Client" = FileZilla Client 3.3.3

"Fish Tycoon" = Fish Tycoon (remove only)

"Free Download Manager_is1" = Free Download Manager 2.1

"GetRight_is1" = GetRight

"Hidden Expedition Titanic" = Hidden Expedition Titanic (remove only)

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager

"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2

"Internet Radio" = Internet Radio

"KompoZer_is1" = KompoZer 0.77

"LAME for Audacity_is1" = LAME v3.98.2 for Audacity

"LetsTrade" = LetsTrade Komponenten

"Mah-Jomino" = Mah-Jomino (remove only)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"MediaNavigation.CDLabelPrint" = CD-LabelPrint

"MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued (D)

"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)

"Mystery Case Files - Huntsville" = Mystery Case Files - Huntsville (remove only)

"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)

"Mystic Inn" = Mystic Inn (remove only)

"Need For Speed II SE" = Need For Speed II SE

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"NVIDIA Drivers" = NVIDIA Drivers

"Poker Superstars II" = Poker Superstars II (remove only)

"RealPlayer 6.0" = RealPlayer

"TmNationsForever_is1" = TmNationsForever

"Trillian" = Trillian

"Virtual Villagers" = Virtual Villagers (remove only)

"VLC media player" = VideoLAN VLC media player 0.8.6

"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter

"VRally3_is1" = VRally3

"Windows Media Format Runtime" = Windows Media Format Runtime

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinGimp-2.0_is1" = GIMP 2.6.7

"WMCSetup" = Windows Media Connect

"X10Hardware" = X10 Hardware(TM)

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"SC07-PRO7" = Ski Challenge 2007 (Pro7)

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 19.07.2010 01:53:16 | Computer Name = MD8818 | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 19.07.2010 01:53:16 | Computer Name = MD8818 | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 19.07.2010 07:58:31 | Computer Name = MD8818 | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung

 zurückgegeben.  .

 

Error - 19.07.2010 08:00:29 | Computer Name = MD8818 | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung

 zurückgegeben.  .

 

Error - 19.07.2010 08:00:45 | Computer Name = MD8818 | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten

 Vorgang nicht ausführen.  .

 

Error - 19.07.2010 08:19:25 | Computer Name = MD8818 | Source = crypt32 | ID = 131080

Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer

 von <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>

 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung

 zurückgegeben.  .

 

Error - 19.07.2010 08:19:46 | Computer Name = MD8818 | Source = WmiAdapter | ID = 4099

Description = Dienst konnte nicht geöffnet werden.

 

Error - 19.07.2010 08:48:20 | Computer Name = MD8818 | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung msimn.exe, Version 6.0.2900.5512, fehlgeschlagenes

 Modul riched20.dll, Version 5.30.23.1230, Fehleradresse 0x00005b3a.

 

Error - 19.07.2010 09:05:25 | Computer Name = MD8818 | Source = Application Error | ID = 1001

Description = Fehlerhafter Speicherbereich 749919678.

 

Error - 22.07.2010 03:18:18 | Computer Name = MD8818 | Source = COM+ | ID = 135761

Description = In der Laufzeitumgebung wurde ein inkonsistenter interner Status erkannt.

 Dies deutet auf eine potenzielle Instabilität des Prozesses hin. Diese Instabilität

 wird durch die in der COM+-Anwendung ausgeführten benutzerdefinierten Komponenten,

 die von ihnen verwendeten Komponenten oder durch andere Faktoren verursacht. Fehler

 in f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), hr = 8007041d: InitEventCollector

 fail

 

 
 ========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

OTL.txt

Code:

OTL logfile created on: 30.07.2010 00:00:54 - Run 1

OTL by OldTimer - Version 3.2.9.1     Folder = C:\Dokumente und Einstellungen\***\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1.022,00 Mb Total Physical Memory | 328,00 Mb Available Physical Memory | 32,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 278,55 Gb Total Space | 65,66 Gb Free Space | 23,57% Space Free | Partition Type: NTFS

Drive D: | 19,52 Gb Total Space | 5,46 Gb Free Space | 27,95% Space Free | Partition Type: FAT32

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: MD8818

Current User Name: ***

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)

PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)

PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.bin (OpenOffice.org)

PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.exe (OpenOffice.org)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

PRC - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe (AccSys GmbH)

PRC - C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)

PRC - C:\Programme\SMSC\SetIcon.exe (Standard Microsystems Corp.)

PRC - C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)

PRC - C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

MOD - C:\WINDOWS\system32\SSSensor.dll (Sygate Technologies, Inc.)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (TVTABRDZ) -- C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe File not found

SRV - (RGZES) -- C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe File not found

SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (srvcPVR) -- C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)

SRV - (TVESched) TVEnhance Task Scheduler (TTS)) -- C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe ()

SRV - (TVECapSvc) TVEnhance Background Capture Service (TBCS) -- C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe ()

SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

SRV - (accsvc) -- C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe (AccSys GmbH)

SRV - (WMConnectCDS) -- C:\Programme\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)

SRV - (SmcService) -- C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\4.tmp File not found

DRV - (DMSKSSRh) -- C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys File not found

DRV - (catchme) -- C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys File not found

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)

DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)

DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)

DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)

DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)

DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.)

DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)

DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)

DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)

DRV - (wpsdrvnt) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Sygate Technologies, Inc.)

DRV - (Teefer) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys (Sygate Technologies, Inc.)

DRV - (wg3n) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys (Sygate Technologies, Inc.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "about:blank"

FF - prefs.js..extensions.enabledItems: {B0D70E72-2FC1-4b9f-A3D4-5921C854D906}:1.2

FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.28

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.25 09:36:22 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.29 10:38:23 | 000,000,000 | ---D | M]

 

[2009.08.31 09:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions

[2010.07.29 11:05:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions

[2010.07.24 10:25:54 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}

[2010.05.14 08:54:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009.06.15 09:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}

[2008.06.04 22:50:45 | 000,001,051 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\searchplugins\leo-eng-ger.xml

[2010.07.29 11:05:00 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions

[2010.07.29 10:38:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll

[2010.06.26 10:03:55 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2010.06.26 10:03:55 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml

[2010.06.26 10:03:55 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2010.06.26 10:03:55 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml

[2010.06.26 10:03:55 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.08.14 15:04:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)

O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)

O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdmcks.dll ()

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()

O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)

O4 - HKLM..\Run: [InstantOn] C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe ()

O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\Home Cinema\PowerDVD\Language\Language.exe ()

O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)

O4 - HKLM..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.)

O4 - HKLM..\Run: [SetIcon] \Programme\SMSC\SetIcon.exe ()

O4 - HKLM..\Run: [SmcService] C:\Programme\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)

O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm ()

O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm ()

O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm ()

O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRDownload.htm ()

O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()

O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()

O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()

O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()

O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRBrowse.htm ()

O9 - Extra Button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Programme\Internet Radio\Radio.exe (EndicoSoft.com)

O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab (Macromedia Authorware Web Player Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160402350437 (WUWebControl Class)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152 (MUWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.29 13:36:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.07.29 23:58:09 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe

[2010.07.29 12:10:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2010.07.29 11:55:23 | 000,000,000 | ---D | C] -- C:\bcf8b9367cd64455d6d3bc6c9f

[2010.07.29 11:54:50 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe

[2010.07.29 11:38:42 | 000,000,000 | ---D | C] -- C:\Programme\HijackThis

[2010.07.29 10:39:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun

[2010.07.29 10:39:00 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java

[2010.07.29 10:38:22 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll

[2010.07.29 10:38:22 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2010.07.29 10:38:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2010.07.29 10:38:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2010.07.25 13:53:37 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent

[2010.07.18 21:47:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData

[2010.07.18 21:42:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Avira

[2010.07.18 21:06:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira

[2010.07.08 15:31:46 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll

[2010.07.08 15:31:34 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe

[2010.07.08 15:30:26 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll

[2010.07.08 15:29:44 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe

[2010.07.07 19:29:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation

[2010.07.07 19:29:04 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation

[2010.07.07 19:28:13 | 002,632,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll

[2010.07.07 19:28:13 | 002,165,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll

[2010.07.07 19:28:13 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll

[2010.07.07 19:28:10 | 010,256,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll

[2010.07.07 19:28:10 | 004,554,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll

[2010.07.07 19:28:01 | 000,000,000 | ---D | C] -- C:\NVIDIA

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\*.tmp -> ]

[1 C:\*.tmp files -> C:\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.07.29 23:58:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe

[2010.07.29 18:24:01 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job

[2010.07.29 12:24:02 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job

[2010.07.29 12:09:42 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

[2010.07.29 12:09:42 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job

[2010.07.29 12:09:42 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job

[2010.07.29 12:07:52 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010.07.29 12:06:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010.07.29 12:05:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010.07.29 12:05:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010.07.29 12:05:51 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys

[2010.07.29 12:04:50 | 014,417,920 | ---- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.dat

[2010.07.29 12:04:50 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini

[2010.07.29 11:33:04 | 000,030,259 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\hjtscanlist.bat

[2010.07.29 10:39:05 | 004,287,990 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\IconCache.db

[2010.07.28 09:49:45 | 000,293,376 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\pgtrnxzt.exe

[2010.07.27 11:31:55 | 000,038,912 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.07.27 09:17:57 | 001,056,220 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010.07.27 09:17:57 | 000,453,824 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2010.07.27 09:17:57 | 000,436,316 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010.07.27 09:17:57 | 000,082,866 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2010.07.27 09:17:57 | 000,069,636 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010.07.24 18:20:06 | 000,001,590 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Trillian.lnk

[2010.07.22 18:24:18 | 000,045,819 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Reisekostenerstattung_Vorstellungsgespräch_mit Hinweis.doc.pdf

[2010.07.22 17:52:24 | 000,515,871 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\bookmarks-2010-07-22.json

[2010.07.20 11:18:36 | 000,000,658 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\CCleaner.lnk

[2010.07.17 05:00:12 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2010.07.17 05:00:12 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2010.07.17 05:00:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll

[2010.07.17 02:42:29 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[2010.07.08 20:03:59 | 000,238,352 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010.07.07 19:29:24 | 000,217,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2010.07.07 19:29:24 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin

[2010.07.07 19:29:21 | 000,217,180 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2010.07.07 19:29:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk

[2010.07.07 19:16:37 | 000,088,565 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2010.07.06 07:01:39 | 000,010,752 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Brief Osterm..wps

[2010.07.06 07:01:39 | 000,006,648 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\wklnhst.dat

[2010.07.05 09:55:16 | 000,001,570 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2010.07.04 22:08:57 | 000,021,348 | ---- | M] () -- C:\Dokumente und Einstellungen\***\.recently-used.xbel

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\*.tmp files -> C:\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2010.07.28 09:49:45 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\pgtrnxzt.exe

[2010.07.22 18:24:18 | 000,045,819 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Reisekostenerstattung_Vorstellungsgespräch_mit Hinweis.doc.pdf

[2010.07.22 17:52:23 | 000,515,871 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\bookmarks-2010-07-22.json

[2010.07.22 09:32:02 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

[2010.07.22 09:31:41 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job

[2010.07.22 09:31:31 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job

[2010.07.22 09:31:30 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job

[2010.07.07 19:29:24 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin

[2010.07.07 19:29:21 | 000,217,180 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin

[2010.07.07 19:29:21 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin

[2010.07.07 19:29:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk

[2010.07.07 19:28:13 | 000,007,959 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb

[2010.07.07 19:28:09 | 002,186,342 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin

[2010.07.06 07:01:39 | 000,010,752 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Brief Osterm..wps

[2010.07.04 22:08:57 | 000,021,348 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.recently-used.xbel

[2009.08.15 20:49:40 | 000,000,065 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2008.12.26 15:43:51 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll

[2008.09.14 17:04:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI

[2008.09.14 17:02:35 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL

[2008.09.14 16:45:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL

[2008.09.14 16:43:46 | 000,027,114 | ---- | C] () -- C:\WINDOWS\maxlink.ini

[2008.03.11 11:11:54 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll

[2007.09.24 13:05:38 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI

[2007.09.12 13:14:14 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2007.09.12 13:14:14 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2007.01.23 21:40:11 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\1114386310.sys

[2007.01.03 02:27:51 | 000,000,509 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2006.12.12 01:31:24 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI

[2006.12.02 16:37:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CatClient.INI

[2006.10.31 14:16:45 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\midas.dll

[2006.10.31 14:16:45 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll

[2006.10.23 12:55:25 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2006.10.23 11:14:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\CoInstaller7x.dll

[2006.10.23 11:13:03 | 000,295,018 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll

[2006.10.17 12:28:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll

[2006.10.17 12:19:47 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

[2006.10.17 12:19:46 | 000,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini

[2006.10.16 13:39:55 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006.10.16 13:07:13 | 000,000,187 | ---- | C] () -- C:\WINDOWS\WISO.INI

[2006.10.10 17:08:56 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll

[2006.10.09 14:01:38 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2006.10.09 13:55:55 | 000,009,708 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2006.10.09 13:55:55 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\EC23ACB85A.sys

[2006.10.09 12:42:57 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2006.09.29 14:24:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006.09.29 14:05:58 | 000,000,941 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2006.09.29 13:11:58 | 000,001,256 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2006.09.20 08:34:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Buhl.ini

[2005.08.05 14:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2005.07.01 13:14:48 | 000,000,966 | ---- | C] () -- C:\WINDOWS\System32\Generic.ini

[2005.07.01 10:38:06 | 000,000,232 | ---- | C] () -- C:\WINDOWS\SwapDrvrSP3.ini

[2005.07.01 10:37:46 | 000,000,233 | ---- | C] () -- C:\WINDOWS\SwapDrvrSP2.ini

[2004.09.28 23:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll

[2002.03.04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll

< End of report >

Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Außerdem musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:

:OTL

SRV - (TVTABRDZ) -- C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe File not found

SRV - (RGZES) -- C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe File not found

DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\4.tmp File not found

DRV - (DMSKSSRh) -- C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys File not found

:Commands

[purity]

[resethosts]

[emptytemp]

Klick dann auf den Button Run Fixes!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Danke, hat geklappt, mit Neustart.

Log:

Code:

All processes killed

========== OTL ==========

Service TVTABRDZ stopped successfully!

Service TVTABRDZ deleted successfully!

File  C:\DOKUME~1\***\LOKALE~1\Temp\TVTABRDZ.exe File not found not found.

Service RGZES stopped successfully!

Service RGZES deleted successfully!

File  C:\DOKUME~1\***\LOKALE~1\Temp\RGZES.exe File not found not found.

Service MEMSWEEP2 stopped successfully!

Service MEMSWEEP2 deleted successfully!

File  C:\WINDOWS\System32\4.tmp File not found not found.

Service DMSKSSRh stopped successfully!

Service DMSKSSRh deleted successfully!

File  C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys File not found not found.

========== COMMANDS ==========

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

[EMPTYTEMP]

 

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Java cache emptied: 0 bytes

->Flash cache emptied: 446 bytes

 

User: All Users

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Java cache emptied: 0 bytes

->Flash cache emptied: 446 bytes

 

User: ***

->Temp folder emptied: 588795 bytes

->Temporary Internet Files folder emptied: 1587748 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 111835230 bytes

->Flash cache emptied: 12772 bytes

 

User: Gast

->Temp folder emptied: 587613 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Java cache emptied: 0 bytes

->Flash cache emptied: 446 bytes

 

User: ***

->Temp folder emptied: 722254 bytes

->Temporary Internet Files folder emptied: 414622175 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 85371689 bytes

->Flash cache emptied: 1028 bytes

 

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 442502 bytes

 

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->FireFox cache emptied: 4787170 bytes

 

%systemdrive% .tmp files removed: 15269892 bytes

%systemroot% .tmp files removed: 3545272 bytes

%systemroot%\System32 .tmp files removed: 2951 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 3526790 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 613,00 mb

 

 

OTL by OldTimer - Version 3.2.9.1 log created on 07302010_212549
 

Files\Folders moved on Reboot...
 

Registry entries deleted on Reboot...

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.

http://saved.im/mtm0nzyzmzd5/cofi.jpg

Dann folgende Anleitung durchlesen und abarbeiten -> CCleaner Systembereinigung

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

ComboFix ausgeführt.

Log Teil 1:

Code:

ComboFix 10-07-30.01 - *** 30.07.2010  21:51:29.7.2 - x86

Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1022.349 [GMT 2:00]

ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\cofi.exe

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85EC5DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86145DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86225C04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {864F4C7C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {0871AAA0-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C9F054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CD7DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CF3874-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D0426C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2D054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D3FDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4C694-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DAA404-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DAE4FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DB5DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DB8CE4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DC9CE4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DD5054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DE3054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DE6654-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DEACE4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF5DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF896C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFA054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFA96C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFE054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0B5E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1EDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E21DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E32A6C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E3FDDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E57054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E5E29C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E66A3C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E8FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E93054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA6DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EABDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EB8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EC1844-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ED2DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ED3824-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE5054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE6594-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE75FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE8DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EED96C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EF0AD4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EF1814-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFE4D4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFF74C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F01A7C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F054FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F074D4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F0F054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F12684-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F12AAC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2798C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F37C24-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F46054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F49DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6CDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6F34C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7A664-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7C314-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FA5B64-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FAAA64-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FADDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FDAAD4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FE0DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86020A1C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8604EBD4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8608AC0C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86095A7C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8609C374-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AD1AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AF734-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860B8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860BA054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860BEA6C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C1944-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C9054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C92C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860CB054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860CD484-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D239C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D4054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D7C2C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860DA20C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860DFA44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860E7054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860E7A74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860EC32C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860ECC14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860F5314-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FAA8C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FB054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86104DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8610852C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86111C8C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611333C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86116DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611ADDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F434-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F524-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F5A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612344C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612440C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86125054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612BDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612D054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86132054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86136DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613734C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86138054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861381A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861392AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613C6B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613D50C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86141054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614139C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86141794-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86143054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86144054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86144DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614BDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614D2F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614D96C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614ECBC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614F2F4-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86150054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615397C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86154A64-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615545C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86155B5C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86158DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615C2F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615D39C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615F2F4-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86163DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616427C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861643BC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616AA3C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616C39C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616D054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616D394-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616EDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616EDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616F054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86170054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861713C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86172054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86172DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86174264-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86175054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86175B4C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8617656C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8617D054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86183DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86184DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86186804-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86188054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618A054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618D234-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618EC14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86191054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86198DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619B25C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619C2A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619E714-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A096C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A0DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A2BFC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A3DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861AE6DC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861AF054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B139C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B3A6C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B7DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C0324-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C0B4C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C1DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C2054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C3C2C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C62CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861CB96C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861CC7CC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D0CE4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D2A6C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D4344-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D5DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861DC42C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861DCBD4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E23DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E49AC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E5DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E6B24-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E6DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E7B4C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E7C4C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861EA424-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861EB054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F439C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F5CBC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F8054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FB4C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FCCE4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FEDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86201DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86203624-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86204DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86206854-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86206DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620796C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86208DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620A33C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620DC2C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621139C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86213DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862152F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86217C0C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86218054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621CC04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621EDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F36C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F4FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F5AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86220874-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86221324-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862219A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622439C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86225A74-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622797C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86229364-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622957C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86229DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622A464-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622A6CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622ADDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622D37C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622EC04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622EDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862325FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86232784-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86234054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86234C6C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862376AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623836C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86238C04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862392CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86239DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623F234-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86242464-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86243A14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86244054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862451BC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862456B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86246284-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86246DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862491F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86249434-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624ABF4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624D45C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624D88C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624E38C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624FDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86250324-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86256DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862599FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625BDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625C054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625C2AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625D34C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625D544-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625DDDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625F054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625F274-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86260DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86262B4C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86263054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86264C44-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86265394-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626637C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86266DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626740C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86268C0C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86269DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626ADDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626BDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626D6C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626DDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626E3EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626F61C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86270AB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86271054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862727AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86275184-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627528C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86276DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279A6C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279D8C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627C57C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627CBAC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627D3C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627D554-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627DDB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627EDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86280314-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628161C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86281C04-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86284054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86285C04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628BDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628C5E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628CDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628E3C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628E484-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86291D54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862923C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86294DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629548C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86295DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86296A6C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86296DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629738C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86298A8C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86299494-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86299BFC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629B944-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629D62C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629DA94-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A0994-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A0DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A36AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A3DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A4274-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A4DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A5CE4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A836C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A8374-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AADDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AB3DC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ACDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ACDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AE51C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AFA6C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B03EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B43F4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B684C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B6DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B85FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BADDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BBC34-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BEA8C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BF054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BF39C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C074C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C4DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C789C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C9DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CA36C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CBDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CC284-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CC38C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CD29C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CDA74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CE7A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CE8F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D1DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D267C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D2DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D5DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6324-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D650C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6584-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6C9C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D75FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D8434-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D866C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D868C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862DF30C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E3054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E58F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E59F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E6D8C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E8974-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E8A14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E997C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EA39C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EB87C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EBDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EC324-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ECDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EDB54-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EE60C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF404-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF4F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF96C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F0DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F2544-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F2554-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F62CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F7B04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F7DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F879C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F8DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FA764-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FB4AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FEC6C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FFDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86300434-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630184C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86302DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86305264-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863055F4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86306AAC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630866C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86308BE4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86308DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630A28C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630A96C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630DD14-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630E324-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631230C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313A7C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86314D44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863155FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86315DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631780C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631F054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863226C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86322B9C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86322BC4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86323334-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632429C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863242AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86324A4C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632540C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632656C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632955C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632BDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632D1D4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632D1F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632E38C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632E5BC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632EDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632F444-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86330DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86332DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86334054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863358EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86336DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863385E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86338DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86338DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633B054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633B24C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633CBCC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633D9E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633DAD4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633DDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863405FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86340CA4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86340DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86343054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86343784-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634437C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634437C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344C3C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86345DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86346C44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86347DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634894C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634C7EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634CA24-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634E594-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634EDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634F054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634FC04-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635026C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863512F4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635272C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635341C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86354054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86354054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863544C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863567EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635687C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635736C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359604-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359854-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863599B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635A054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635ACA4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635B4B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635CB74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635D054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635E444-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635EB24-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86361DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86362B14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86363054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636668C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86368DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636A054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636ADDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636E054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86370054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863713D4-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86371DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637356C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86373D14-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86373DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863744A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86377C24-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637B63C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637D1A4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637E484-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637EDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637F694-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637FDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863812FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86381CCC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86385054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863852D4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86385DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863864DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86388054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638863C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86388DDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638ABEC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638ADDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638E2AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638E3AC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638F69C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638FC9C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863908E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639697C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863996F4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86399714-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639A344-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639B58C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639CBC4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639EDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A05AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A2604-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A27FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A3904-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A4474-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A52A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A572C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A5C3C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A6054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A623C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A7054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A7DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A9BE4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863AADDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863AEDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B0BF4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B1C6C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B3054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B4C04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B548C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B7C9C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B86DC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B9054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BACA4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BB2CC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BBDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BCDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BD054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BEDB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C463C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C671C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C935C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863CC9B4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863D5054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863DF654-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863E1054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863E13A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863ED924-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863EDDDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F0DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F2C74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F5054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F67C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F8054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863FC054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863FD2E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86412054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86412DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864181E4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86422D9C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8642627C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86428464-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864307EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86433D0C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86438DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86444DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8644679C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864496EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8644CBCC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86451524-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864525C4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8645459C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8645571C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86458054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86459054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86462054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86462054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646872C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646BDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646DCE4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86470344-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86470664-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86472A94-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86476134-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8647A5FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8647F9C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864815A4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86486054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8648666C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864868CC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8648DD4C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86490054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649444C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649499C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86499054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649B664-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649BDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649FDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864A6DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B1CDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B3054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B7054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B96EC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864BD054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C2DDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C465C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C6A44-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C7054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D076C-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D29C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D5DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D6054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864DBC74-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864DD98C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864E5054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864E5744-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EBDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EC3AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864ECDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864ECDDC-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EDDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F034C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F3054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F9054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864FB3DC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86500054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86503054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865087C4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650977C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650ABEC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650B054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650C4A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650CC9C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86511DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8651BDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86542054-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8654FDB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8655EDDC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8655F7D4-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86563274-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865685D4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656BBEC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656E4FC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656FB04-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657043C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86571DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86573314-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86573974-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86574054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657419C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86575054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657572C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657750C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865784AC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86578A6C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86578A6C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865795D4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657A724-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657E1E4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657E7A4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86581C0C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86582324-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86582494-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86583504-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86584054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86584974-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658AB5C-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658C424-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658C6EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86590DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86594C0C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8659D29C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865B31FC-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865BDBD4-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865DCDDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86641BD4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667F374-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668D7EC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669D22C-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E7054-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FFCB4-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86739474-FFA4-00DE-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86757DDC-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86767054-FFA4-0100-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {B9A93C84-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {F78B8540-FFA4-00EF-0D24-347CA8A3377C}

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFDFF540-FFA4-00EF-0D24-347CA8A3377C}

.
 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.
 

c:\windows\system\MSINET.OCX
 

.

(((((((((((((((((((((((   Dateien erstellt von 2010-06-28 bis 2010-07-30  ))))))))))))))))))))))))))))))

.
 

2010-07-30 19:25 . 2010-07-30 19:25        --------        d-----w-        C:\_OTL

2010-07-29 09:55 . 2010-07-29 10:04        --------        d-----w-        C:\bcf8b9367cd64455d6d3bc6c9f

2010-07-29 09:54 . 2010-06-14 14:31        744448        -c----w-        c:\windows\system32\dllcache\helpsvc.exe

2010-07-29 09:38 . 2010-07-29 09:38        388096        ----a-r-        c:\dokumente und einstellungen\***\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-07-29 08:39 . 2010-07-29 08:39        --------        d-----w-        c:\programme\Gemeinsame Dateien\Java

2010-07-29 08:38 . 2010-07-29 08:38        503808        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3815a016-n\msvcp71.dll

2010-07-29 08:38 . 2010-07-29 08:38        499712        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3815a016-n\jmc.dll

2010-07-29 08:38 . 2010-07-29 08:38        348160        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3815a016-n\msvcr71.dll

2010-07-29 08:38 . 2010-07-29 08:38        61440        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7a5c831d-n\decora-sse.dll

2010-07-29 08:38 . 2010-07-29 08:38        12800        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-7a5c831d-n\decora-d3d.dll

2010-07-29 08:38 . 2010-07-17 03:00        423656        ----a-w-        c:\windows\system32\deployJava1.dll

2010-07-22 17:41 . 2010-07-22 17:41        --------        d-----w-        c:\dokumente und einstellungen\gastuser\Anwendungsdaten\vlc

2010-07-22 15:48 . 2010-07-22 15:48        --------        d-----w-        c:\dokumente und einstellungen\gastuser\Lokale Einstellungen\Anwendungsdaten\Mozilla

2010-07-18 21:58 . 2010-07-18 21:58        --------        d-----r-        c:\dokumente und einstellungen\LocalService\Favoriten

2010-07-18 19:47 . 2010-07-29 12:02        --------        d-----w-        c:\windows\system32\NtmsData

2010-07-18 19:42 . 2010-07-18 19:42        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Avira

2010-07-18 19:07 . 2010-07-18 19:07        --------        d-----w-        c:\windows\system32\wbem\Repository

2010-07-18 19:06 . 2010-07-18 19:06        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Avira

2010-07-08 13:31 . 2009-11-21 15:54        471552        -c----w-        c:\windows\system32\dllcache\aclayers.dll

2010-07-08 13:31 . 2009-10-23 15:28        3558912        -c----w-        c:\windows\system32\dllcache\moviemk.exe

2010-07-08 13:30 . 2010-05-06 10:31        743424        -c----w-        c:\windows\system32\dllcache\iedvtool.dll

2010-07-08 13:29 . 2010-02-12 10:03        293376        ------w-        c:\windows\system32\browserchoice.exe

2010-07-07 17:29 . 2010-07-07 17:29        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation

2010-07-07 17:29 . 2010-07-07 17:29        217180        ----a-w-        c:\windows\system32\nvdrsdb0.bin

2010-07-07 17:29 . 2010-07-07 17:29        1        ----a-w-        c:\windows\system32\nvdrssel.bin

2010-07-07 17:29 . 2010-07-07 17:29        217180        ----a-w-        c:\windows\system32\nvdrsdb1.bin

2010-07-07 17:29 . 2010-07-07 17:30        --------        d-----w-        c:\programme\NVIDIA Corporation

2010-07-07 17:28 . 2010-06-07 23:57        61440        ----a-w-        c:\windows\system32\OpenCL.dll

2010-07-07 17:28 . 2010-06-07 23:57        2632296        ----a-w-        c:\windows\system32\nvcuvenc.dll

2010-07-07 17:28 . 2010-06-07 23:57        2165352        ----a-w-        c:\windows\system32\nvcuvid.dll

2010-07-07 17:28 . 2010-06-07 23:57        4554752        ----a-w-        c:\windows\system32\nvcuda.dll

2010-07-07 17:28 . 2010-06-07 23:57        10256384        ----a-w-        c:\windows\system32\nvcompiler.dll

2010-07-07 17:28 . 2010-06-07 23:57        2186342        ----a-w-        c:\windows\system32\nvdata.bin

2010-07-07 17:28 . 2010-07-07 17:28        --------        d-----w-        C:\NVIDIA
 

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-07-30 19:30 . 2006-12-03 18:11        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\OpenOffice.org2

2010-07-29 09:04 . 2007-11-05 07:05        188152        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\FlashGot.exe

2010-07-29 08:38 . 2009-11-13 22:26        --------        d-----w-        c:\programme\Java

2010-07-27 07:17 . 2006-03-24 12:00        82866        ----a-w-        c:\windows\system32\perfc007.dat

2010-07-27 07:17 . 2006-03-24 12:00        453824        ----a-w-        c:\windows\system32\perfh007.dat

2010-07-24 16:40 . 2006-12-15 22:18        --------        d-----w-        c:\programme\Trillian

2010-07-24 08:32 . 2007-10-22 06:15        1        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\OpenOffice.org2\user\uno_packages\cache\stamp.sys

2010-07-23 18:44 . 2010-06-16 09:27        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\FileZilla

2010-07-22 16:30 . 2006-10-09 11:55        --------        d-----w-        c:\programme\Google

2010-07-21 22:04 . 2008-03-11 09:13        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\BOM

2010-07-21 21:26 . 2008-03-11 09:11        --------        d-----w-        c:\programme\Biet-O-Matic

2010-07-20 09:29 . 2009-08-09 12:30        --------        d-----w-        c:\programme\Trend Micro

2010-07-20 09:18 . 2009-11-13 11:50        --------        d-----w-        c:\programme\CCleaner

2010-07-18 19:02 . 2009-09-02 08:10        --------        d-----w-        c:\programme\Avira

2010-07-13 22:25 . 2007-01-23 17:40        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\Free Download Manager

2010-07-06 05:01 . 2006-12-02 14:21        6648        ----a-w-        c:\dokumente und einstellungen\***\Anwendungsdaten\wklnhst.dat

2010-06-16 09:27 . 2010-06-16 09:27        --------        d-----w-        c:\programme\FileZilla FTP Client

2010-06-15 22:29 . 2009-09-07 08:21        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\gtk-2.0

2010-06-14 14:31 . 2006-09-29 11:34        744448        ----a-w-        c:\windows\pchealth\helpctr\binaries\helpsvc.exe

2010-06-12 07:28 . 2010-06-12 07:14        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\TmForever

2010-06-12 07:12 . 2010-06-12 07:10        --------        d-----w-        c:\programme\TmNationsForever

2010-06-07 23:57 . 2006-10-16 10:21        600680        ----a-w-        c:\windows\system32\nvudisp.exe

2010-06-07 23:57 . 2006-10-13 15:05        15192064        ----a-w-        c:\windows\system32\nvoglnt.dll

2010-06-07 23:57 . 2006-10-13 15:05        232040        ----a-w-        c:\windows\system32\nvcodins.dll

2010-06-07 23:57 . 2006-10-13 15:05        232040        ----a-w-        c:\windows\system32\nvcod.dll

2010-06-07 23:57 . 2006-10-13 15:05        1359872        ----a-w-        c:\windows\system32\nvapi.dll

2010-06-07 23:57 . 2006-10-13 15:05        10531200        ----a-w-        c:\windows\system32\drivers\nv4_mini.sys

2010-06-07 23:57 . 2006-10-13 15:05        6300544        ----a-w-        c:\windows\system32\nv4_disp.dll

2010-06-02 20:37 . 2007-07-21 11:29        --------        d-----w-        c:\dokumente und einstellungen\***\Anwendungsdaten\dvdcss

2010-05-28 10:58 . 2006-10-16 10:21        600680        ----a-w-        c:\windows\system32\NVUNINST.EXE

2010-05-19 11:10 . 2009-08-08 20:19        15880        ----a-w-        c:\windows\system32\lsdelete.exe

2010-05-06 10:31 . 2006-03-24 12:00        916480        ----a-w-        c:\windows\system32\wininet.dll

2010-05-02 08:05 . 2006-03-24 12:00        1851392        ----a-w-        c:\windows\system32\win32k.sys

2002-03-11 08:06 . 2002-03-11 08:06        1822520        ----a-w-        c:\programme\instmsiw.exe

2002-03-11 07:45 . 2002-03-11 07:45        1708856        ----a-w-        c:\programme\instmsia.exe

2007-01-23 19:40 . 2007-01-23 19:40        56        --sh--r-        c:\windows\system32\1114386310.sys

2006-10-09 11:55 . 2006-10-09 11:55        8        --sh--r-        c:\windows\system32\EC23ACB85A.sys

2007-01-23 19:40 . 2006-10-09 11:55        9708        --sha-w-        c:\windows\system32\KGyGaAvL.sys

.

Log Teil 2:

Code:

(((((((((((((((((((((((((((((   SnapShot_2009-11-22_08.35.55   )))))))))))))))))))))))))))))))))))))))))

.

+ 2007-11-07 01:19 . 2007-11-07 01:19        54272              c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

- 2007-11-07 00:19 . 2007-11-07 00:19        54272              c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        62976              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        62976              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        46080              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        46080              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        46592              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        46592              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        64512              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        64512              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        66048              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        66048              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        65024              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        56832              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        56832              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        66560              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        66560              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        39936              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        39936              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        38912              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        38912              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll

- 2008-07-29 04:07 . 2008-07-29 04:07        59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll

+ 2008-07-29 05:07 . 2008-07-29 05:07        59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll

+ 2008-07-29 05:07 . 2008-07-29 05:07        59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll

- 2008-07-29 04:07 . 2008-07-29 04:07        59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll

+ 2010-07-30 19:27 . 2010-07-30 19:27        16384              c:\windows\Temp\Perflib_Perfdata_63c.dat

+ 2010-06-12 07:13 . 2005-12-05 16:07        61136              c:\windows\system32\xinput9_1_0.dll

+ 2010-06-12 07:13 . 2006-03-31 10:39        62672              c:\windows\system32\xinput1_1.dll

+ 2010-06-12 07:13 . 2006-02-03 06:41        14032              c:\windows\system32\x3daudio1_0.dll

- 2007-01-29 08:58 . 2009-07-14 11:03        46080              c:\windows\system32\tzchange.exe

+ 2007-01-29 08:58 . 2010-04-21 13:28        46080              c:\windows\system32\tzchange.exe

+ 2006-03-24 12:00 . 2009-10-21 05:38        75776              c:\windows\system32\strmfilt.dll

- 2006-03-24 12:00 . 2008-04-14 02:22        75776              c:\windows\system32\strmfilt.dll

+ 2010-07-07 17:29 . 2006-10-06 14:38        81920              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvwddi.dll

+ 2010-07-07 17:29 . 2006-10-06 14:38        86016              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvmctray.dll

+ 2010-07-07 17:29 . 2006-10-06 14:38        35840              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcod.dll

+ 2006-03-24 12:00 . 2009-10-12 13:38        79872              c:\windows\system32\raschap.dll

- 2006-03-24 12:00 . 2008-04-14 02:22        79872              c:\windows\system32\raschap.dll

+ 2010-03-30 22:16 . 2010-03-30 22:16        99176              c:\windows\system32\PresentationHostProxy.dll

- 2006-03-24 12:00 . 2009-11-19 18:55        69636              c:\windows\system32\perfc009.dat

+ 2006-03-24 12:00 . 2010-07-27 07:17        69636              c:\windows\system32\perfc009.dat

- 2006-10-13 15:05 . 2006-10-06 14:38        81920              c:\windows\system32\nvwddi.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        81920              c:\windows\system32\nvwddi.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        49488              c:\windows\system32\netfxperf.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        11600              c:\windows\system32\mui\0409\mscorees.dll

+ 2004-08-04 00:57 . 2009-11-27 17:11        17920              c:\windows\system32\msyuv.dll

+ 2006-03-24 12:00 . 2009-11-27 16:08        28672              c:\windows\system32\msvidc32.dll

+ 2006-03-24 12:00 . 2009-11-27 16:08        11264              c:\windows\system32\msrle32.dll

- 2006-03-24 12:00 . 2008-04-14 02:22        11264              c:\windows\system32\msrle32.dll

+ 2006-11-07 20:03 . 2010-05-06 10:31        55296              c:\windows\system32\msfeedsbs.dll

- 2006-11-07 20:03 . 2009-08-29 07:54        55296              c:\windows\system32\msfeedsbs.dll

- 2006-03-24 12:00 . 2009-08-29 07:54        25600              c:\windows\system32\jsproxy.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        25600              c:\windows\system32\jsproxy.dll

+ 2004-08-04 00:57 . 2009-11-27 16:08        48128              c:\windows\system32\iyuv_32.dll

+ 2006-03-24 12:00 . 2009-10-21 05:38        25088              c:\windows\system32\httpapi.dll

+ 2006-03-24 12:00 . 2009-10-15 16:28        81920              c:\windows\system32\fontsub.dll

- 2006-03-24 12:00 . 2009-06-16 14:36        81920              c:\windows\system32\fontsub.dll

- 2009-09-02 08:10 . 2009-05-11 08:12        28520              c:\windows\system32\drivers\ssmdrv.sys

+ 2009-09-02 08:10 . 2009-05-11 08:12        28520              c:\windows\system32\drivers\ssmdrv.sys

+ 2009-08-14 13:34 . 2010-04-29 13:39        38224              c:\windows\system32\drivers\mbamswissarmy.sys

- 2009-08-14 13:34 . 2009-09-10 13:54        38224              c:\windows\system32\drivers\mbamswissarmy.sys

+ 2009-08-14 13:34 . 2010-04-29 13:39        20952              c:\windows\system32\drivers\mbam.sys

+ 2009-09-02 08:10 . 2009-05-11 10:49        17016              c:\windows\system32\drivers\avgntmgr.sys

+ 2009-09-02 08:10 . 2010-02-16 12:24        60936              c:\windows\system32\drivers\avgntflt.sys

+ 2009-09-02 08:10 . 2009-05-11 10:49        51992              c:\windows\system32\drivers\avgntdd.sys

- 2009-11-19 10:54 . 2009-08-29 07:54        12800              c:\windows\system32\dllcache\xpshims.dll

+ 2009-11-19 10:54 . 2010-05-06 10:31        12800              c:\windows\system32\dllcache\xpshims.dll

+ 2009-10-21 05:38 . 2009-10-21 05:38        75776              c:\windows\system32\dllcache\strmfilt.dll

+ 2009-10-12 13:38 . 2009-10-12 13:38        79872              c:\windows\system32\dllcache\raschap.dll

+ 2009-11-27 17:11 . 2009-11-27 17:11        17920              c:\windows\system32\dllcache\msyuv.dll

+ 2006-03-24 12:00 . 2009-11-27 16:08        28672              c:\windows\system32\dllcache\msvidc32.dll

+ 2009-11-27 16:08 . 2009-11-27 16:08        11264              c:\windows\system32\dllcache\msrle32.dll

- 2007-05-09 07:29 . 2009-08-29 07:54        55296              c:\windows\system32\dllcache\msfeedsbs.dll

+ 2007-05-09 07:29 . 2010-05-06 10:31        55296              c:\windows\system32\dllcache\msfeedsbs.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        25600              c:\windows\system32\dllcache\jsproxy.dll

- 2006-03-24 12:00 . 2009-08-29 07:54        25600              c:\windows\system32\dllcache\jsproxy.dll

+ 2009-11-27 16:08 . 2009-11-27 16:08        48128              c:\windows\system32\dllcache\iyuv_32.dll

+ 2009-10-21 05:38 . 2009-10-21 05:38        25088              c:\windows\system32\dllcache\httpapi.dll

+ 2009-06-16 14:36 . 2009-10-15 16:28        81920              c:\windows\system32\dllcache\fontsub.dll

- 2009-06-16 14:36 . 2009-06-16 14:36        81920              c:\windows\system32\dllcache\fontsub.dll

+ 2009-12-14 07:08 . 2009-12-14 07:08        33280              c:\windows\system32\dllcache\csrsrv.dll

+ 2010-01-13 14:00 . 2010-01-13 14:00        86528              c:\windows\system32\dllcache\cabview.dll

+ 2009-06-10 14:13 . 2009-11-27 16:08        85504              c:\windows\system32\dllcache\avifil32.dll

- 2009-06-10 14:13 . 2009-06-10 14:13        85504              c:\windows\system32\dllcache\avifil32.dll

+ 2010-03-05 14:37 . 2010-03-05 14:37        65536              c:\windows\system32\dllcache\asycfilt.dll

+ 2006-03-24 12:00 . 2009-12-14 07:08        33280              c:\windows\system32\csrsrv.dll

+ 2006-11-29 16:30 . 2010-07-28 15:03        32768              c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat

- 2006-11-29 16:30 . 2009-11-21 07:01        32768              c:\windows\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\index.dat

- 2006-11-29 16:30 . 2009-11-21 07:01        16384              c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2010-05-19 11:08 . 2010-07-28 15:03        16384              c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2006-03-24 12:00 . 2010-01-13 14:00        86528              c:\windows\system32\cabview.dll

- 2006-03-24 12:00 . 2009-06-10 14:13        85504              c:\windows\system32\avifil32.dll

+ 2006-03-24 12:00 . 2009-11-27 16:08        85504              c:\windows\system32\avifil32.dll

+ 2006-03-24 12:00 . 2010-03-05 14:37        65536              c:\windows\system32\asycfilt.dll

- 2008-07-29 18:16 . 2008-07-29 18:16        32768              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll

+ 2010-04-07 21:48 . 2010-04-07 21:48        32768              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13648              c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll

+ 2010-03-23 03:31 . 2010-03-23 03:31        30544              c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe

+ 2010-04-01 09:42 . 2010-04-01 09:42        81920              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll

- 2008-05-27 22:49 . 2008-05-27 22:49        77824              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll

+ 2010-03-31 12:51 . 2010-03-31 12:51        77824              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll

+ 2010-03-31 12:51 . 2010-03-31 12:51        86016              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll

- 2008-05-27 22:49 . 2008-05-27 22:49        86016              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll

- 2008-05-27 22:49 . 2008-05-27 22:49        81920              c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll

+ 2010-03-31 12:51 . 2010-03-31 12:51        81920              c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll

+ 2010-03-31 13:32 . 2010-03-31 13:32        32768              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe

- 2008-05-27 23:30 . 2008-05-27 23:30        32768              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe

+ 2010-03-31 13:32 . 2010-03-31 13:32        24576              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll

- 2003-02-20 17:19 . 2003-02-20 17:19        24576              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll

+ 2006-09-29 11:32 . 2010-02-09 16:22        81920              c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Security.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13648              c:\windows\Microsoft.NET\Framework\SharedReg12.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13648              c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13648              c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13648              c:\windows\Microsoft.NET\Framework\sbscmp10.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13664              c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13688              c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13664              c:\windows\Microsoft.NET\Framework\sbs_system.data.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13696              c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13656              c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13656              c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13656              c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13672              c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        13664              c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        86864              c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe

+ 2010-06-12 07:13 . 2005-03-18 14:23        12800              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll

+ 2010-06-12 07:13 . 2005-03-18 14:23        53248              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2010-04-15 08:14 . 2010-04-15 08:14        22528              c:\windows\Installer\434208.msi

+ 2010-07-08 13:36 . 2010-07-08 13:36        32768              c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe

+ 2010-04-15 08:16 . 2010-04-15 08:16        25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe

+ 2010-04-15 08:16 . 2010-04-15 08:16        25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe

+ 2010-04-15 08:16 . 2010-04-15 08:16        25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe

+ 2010-04-15 08:16 . 2010-04-15 08:16        25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe

+ 2010-04-15 08:16 . 2010-04-15 08:16        25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe

+ 2010-04-15 08:16 . 2010-04-15 08:16        25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe

+ 2010-04-15 08:16 . 2010-04-15 08:16        25214              c:\windows\Installer\{08C0729E-3E50-11DF-9D81-005056806466}\ARPPRODUCTICON.exe

+ 2010-07-08 13:55 . 2009-08-29 07:54        12800              c:\windows\ie8updates\KB982381-IE8\xpshims.dll

+ 2010-07-08 13:55 . 2009-08-29 07:54        55296              c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll

+ 2010-07-08 13:55 . 2009-08-29 07:54        25600              c:\windows\ie8updates\KB982381-IE8\jsproxy.dll

+ 2009-11-27 17:11 . 2009-11-27 17:11        17920              c:\windows\Driver Cache\i386\msyuv.dll

+ 2009-11-27 16:08 . 2009-11-27 16:08        48128              c:\windows\Driver Cache\i386\iyuv_32.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        90112              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_afad9ea9\System.Drawing.Design.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        61440              c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_f86b29aa\CustomMarshalers.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        60928              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ea1b4fbde0e772748c6ac42d627cf684\UIAutomationProvider.ni.dll

+ 2010-07-08 14:03 . 2010-07-08 14:03        37888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\f46915dfc57bc7e49c5402e9b8f7ec18\System.Windows.Presentation.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        36864              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1464c662c302ea6372a885161b983732\System.Web.DynamicData.Design.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        94208              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll

+ 2010-07-08 14:00 . 2010-07-08 14:00        47104              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe

+ 2010-07-08 13:59 . 2010-07-08 13:59        39424              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\0375dfa28e2f6ef7e89df9edede4b83d\PresentationCFFRasterizer.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        55296              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\4a52287444c36c89310856b38ff52fe0\Microsoft.Vsa.ni.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll

+ 2010-07-08 13:42 . 2010-07-08 13:42        32768              c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

- 2009-11-19 11:10 . 2009-11-19 11:10        32768              c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        81920              c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll

+ 2010-07-08 14:02 . 2010-07-08 14:02        81920              c:\windows\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\System.Security.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        12800              c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        53248              c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll

+ 2001-08-18 04:54 . 2009-11-27 16:08        8704              c:\windows\system32\tsbyuv.dll

+ 2001-08-18 04:54 . 2009-11-27 16:08        8704              c:\windows\system32\dllcache\tsbyuv.dll

+ 2009-11-27 16:08 . 2009-11-27 16:08        8704              c:\windows\Driver Cache\i386\tsbyuv.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll

- 2009-11-19 18:55 . 2009-11-19 18:55        6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        655872              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        655872              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        572928              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        572928              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll

+ 2008-07-29 02:54 . 2008-07-29 02:54        225280              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll

- 2008-07-29 01:54 . 2008-07-29 01:54        225280              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        161784              c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        161784              c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll

+ 2010-06-12 07:13 . 2006-05-31 05:24        230168              c:\windows\system32\xactengine2_2.dll

+ 2010-06-12 07:13 . 2006-03-31 10:39        229584              c:\windows\system32\xactengine2_1.dll

+ 2010-06-12 07:13 . 2006-02-03 06:42        230096              c:\windows\system32\xactengine2_0.dll

+ 2006-03-24 12:00 . 2009-12-24 06:59        177664              c:\windows\system32\wintrust.dll

+ 2006-03-24 12:00 . 2009-08-25 09:17        354816              c:\windows\system32\winhttp.dll

+ 2006-03-24 12:00 . 2010-03-10 06:15        420352              c:\windows\system32\vbscript.dll

- 2006-03-24 12:00 . 2009-03-08 03:33        420352              c:\windows\system32\vbscript.dll

- 2006-03-24 12:00 . 2009-06-16 14:36        119808              c:\windows\system32\t2embed.dll

+ 2006-03-24 12:00 . 2009-10-15 16:28        119808              c:\windows\system32\t2embed.dll

- 2006-03-24 12:00 . 2008-04-14 02:22        474624              c:\windows\system32\shlwapi.dll

+ 2006-03-24 12:00 . 2009-12-08 09:23        474624              c:\windows\system32\shlwapi.dll

+ 2010-07-07 17:29 . 2006-10-06 14:38        159810              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvsvc32.exe

+ 2010-07-07 17:29 . 2006-10-06 14:38        212992              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvapi.dll

+ 2006-03-24 12:00 . 2009-10-12 13:38        150528              c:\windows\system32\rastls.dll

+ 2010-03-30 22:10 . 2010-03-30 22:10        295264              c:\windows\system32\PresentationHost.exe

- 2006-03-24 12:00 . 2009-11-19 18:55        436316              c:\windows\system32\perfh009.dat

+ 2006-03-24 12:00 . 2010-07-27 07:17        436316              c:\windows\system32\perfh009.dat

- 2006-03-24 12:00 . 2009-08-29 07:54        206848              c:\windows\system32\occache.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        206848              c:\windows\system32\occache.dll

+ 2006-03-24 12:00 . 2009-10-13 10:32        271360              c:\windows\system32\oakley.dll

- 2006-03-24 12:00 . 2008-04-14 02:22        271360              c:\windows\system32\oakley.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        154728              c:\windows\system32\nvsvc32.exe

+ 2010-06-07 15:35 . 2010-06-07 15:35        126976              c:\windows\system32\nvrszht.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        229376              c:\windows\system32\nvrszhc.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        258048              c:\windows\system32\nvrstr.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        253952              c:\windows\system32\nvrsth.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        253952              c:\windows\system32\nvrssv.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        258048              c:\windows\system32\nvrssl.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        258048              c:\windows\system32\nvrssk.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        270336              c:\windows\system32\nvrsru.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        270336              c:\windows\system32\nvrsptb.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        274432              c:\windows\system32\nvrspt.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        258048              c:\windows\system32\nvrspl.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        253952              c:\windows\system32\nvrsno.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        274432              c:\windows\system32\nvrsnl.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        266240              c:\windows\system32\nvrsko.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        270336              c:\windows\system32\nvrsja.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        282624              c:\windows\system32\nvrsit.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        262144              c:\windows\system32\nvrshu.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        331776              c:\windows\system32\nvrshe.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        286720              c:\windows\system32\nvrsfr.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        249856              c:\windows\system32\nvrsfi.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        274432              c:\windows\system32\nvrsesm.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        282624              c:\windows\system32\nvrses.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        249856              c:\windows\system32\nvrseng.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        282624              c:\windows\system32\nvrsel.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        278528              c:\windows\system32\nvrsde.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        253952              c:\windows\system32\nvrsda.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        249856              c:\windows\system32\nvrscs.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        335872              c:\windows\system32\nvrsar.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        110696              c:\windows\system32\nvmctray.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        277608              c:\windows\system32\nvmccs.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        145000              c:\windows\system32\nvcolor.exe

- 2006-03-24 12:00 . 2009-03-08 03:32        611840              c:\windows\system32\mstime.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        611840              c:\windows\system32\mstime.dll

- 2006-09-29 11:30 . 2008-04-14 02:22        346624              c:\windows\system32\mspaint.exe

+ 2006-09-29 11:30 . 2009-12-17 07:40        346624              c:\windows\system32\mspaint.exe

+ 2006-11-07 20:03 . 2010-05-06 10:31        599040              c:\windows\system32\msfeeds.dll

+ 2009-11-06 23:07 . 2009-11-06 23:07        297808              c:\windows\system32\mscoree.dll

+ 2010-06-16 07:38 . 2010-06-16 07:38        231888              c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe

- 2006-03-24 12:00 . 2009-06-22 06:45        726528              c:\windows\system32\jscript.dll

+ 2006-03-24 12:00 . 2009-12-09 05:53        726528              c:\windows\system32\jscript.dll

+ 2010-07-29 08:38 . 2010-07-17 03:00        153376              c:\windows\system32\javaws.exe

- 2009-11-13 22:27 . 2009-11-13 22:26        145184              c:\windows\system32\javaw.exe

+ 2010-07-29 08:38 . 2010-07-17 03:00        145184              c:\windows\system32\javaw.exe

- 2009-11-13 22:27 . 2009-11-13 22:26        145184              c:\windows\system32\java.exe

+ 2010-07-29 08:38 . 2010-07-17 03:00        145184              c:\windows\system32\java.exe

+ 2006-09-29 11:34 . 2010-01-29 14:59        691712              c:\windows\system32\inetcomm.dll

- 2006-09-29 11:34 . 2008-04-11 19:04        691712              c:\windows\system32\inetcomm.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        184320              c:\windows\system32\iepeers.dll

- 2006-03-24 12:00 . 2009-08-29 07:54        184320              c:\windows\system32\iepeers.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        387584              c:\windows\system32\iedkcs32.dll

- 2006-03-24 12:00 . 2009-08-29 07:54        387584              c:\windows\system32\iedkcs32.dll

+ 2006-03-24 12:00 . 2010-05-05 13:30        173056              c:\windows\system32\ie4uinit.exe

- 2006-03-24 12:00 . 2009-08-28 10:35        173056              c:\windows\system32\ie4uinit.exe

+ 2006-09-29 12:23 . 2010-07-08 18:03        238352              c:\windows\system32\FNTCACHE.DAT

+ 2006-03-24 12:00 . 2010-02-11 12:02        226880              c:\windows\system32\drivers\tcpip6.sys

+ 2006-03-24 12:00 . 2009-12-31 16:50        353792              c:\windows\system32\drivers\srv.sys

+ 2006-03-24 12:00 . 2010-02-24 13:11        455680              c:\windows\system32\drivers\mrxsmb.sys

+ 2006-03-24 12:00 . 2009-10-20 16:20        265728              c:\windows\system32\drivers\http.sys

+ 2009-09-02 08:10 . 2010-03-01 08:05        124784              c:\windows\system32\drivers\avipbb.sys

+ 2009-12-24 06:59 . 2009-12-24 06:59        177664              c:\windows\system32\dllcache\wintrust.dll

- 2006-03-24 12:00 . 2009-08-29 07:54        916480              c:\windows\system32\dllcache\wininet.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        916480              c:\windows\system32\dllcache\wininet.dll

+ 2008-12-16 12:30 . 2009-08-25 09:17        354816              c:\windows\system32\dllcache\winhttp.dll

+ 2008-05-09 10:54 . 2010-03-10 06:15        420352              c:\windows\system32\dllcache\vbscript.dll

- 2008-05-09 10:54 . 2009-03-08 03:33        420352              c:\windows\system32\dllcache\vbscript.dll

+ 2008-06-20 11:08 . 2010-02-11 12:02        226880              c:\windows\system32\dllcache\tcpip6.sys

- 2009-06-16 14:36 . 2009-06-16 14:36        119808              c:\windows\system32\dllcache\t2embed.dll

+ 2009-06-16 14:36 . 2009-10-15 16:28        119808              c:\windows\system32\dllcache\t2embed.dll

+ 2008-10-16 07:07 . 2009-12-31 16:50        353792              c:\windows\system32\dllcache\srv.sys

+ 2009-01-07 17:20 . 2009-12-08 09:23        474624              c:\windows\system32\dllcache\shlwapi.dll

- 2009-01-07 17:20 . 2009-01-07 17:20        474624              c:\windows\system32\dllcache\shlwapi.dll

+ 2009-10-12 13:38 . 2009-10-12 13:38        150528              c:\windows\system32\dllcache\rastls.dll

- 2006-03-24 12:00 . 2009-08-29 07:54        206848              c:\windows\system32\dllcache\occache.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        206848              c:\windows\system32\dllcache\occache.dll

+ 2009-10-13 10:32 . 2009-10-13 10:32        271360              c:\windows\system32\dllcache\oakley.dll

- 2006-03-24 12:00 . 2009-03-08 03:32        611840              c:\windows\system32\dllcache\mstime.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        611840              c:\windows\system32\dllcache\mstime.dll

+ 2009-12-17 07:40 . 2009-12-17 07:40        346624              c:\windows\system32\dllcache\mspaint.exe

+ 2007-05-09 07:29 . 2010-05-06 10:31        599040              c:\windows\system32\dllcache\msfeeds.dll

+ 2008-11-12 21:54 . 2010-02-24 13:11        455680              c:\windows\system32\dllcache\mrxsmb.sys

+ 2008-05-09 10:54 . 2009-12-09 05:53        726528              c:\windows\system32\dllcache\jscript.dll

- 2008-05-09 10:54 . 2009-06-22 06:45        726528              c:\windows\system32\dllcache\jscript.dll

+ 2008-08-16 07:31 . 2010-01-29 14:59        691712              c:\windows\system32\dllcache\inetcomm.dll

- 2008-08-16 07:31 . 2008-04-11 19:04        691712              c:\windows\system32\dllcache\inetcomm.dll

+ 2009-11-19 10:54 . 2010-05-06 10:31        247808              c:\windows\system32\dllcache\ieproxy.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        184320              c:\windows\system32\dllcache\iepeers.dll

- 2006-03-24 12:00 . 2009-08-29 07:54        184320              c:\windows\system32\dllcache\iepeers.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        387584              c:\windows\system32\dllcache\iedkcs32.dll

- 2006-03-24 12:00 . 2009-08-29 07:54        387584              c:\windows\system32\dllcache\iedkcs32.dll

+ 2006-03-24 12:00 . 2010-05-05 13:30        173056              c:\windows\system32\dllcache\ie4uinit.exe

- 2006-03-24 12:00 . 2009-08-28 10:35        173056              c:\windows\system32\dllcache\ie4uinit.exe

+ 2009-10-20 16:20 . 2009-10-20 16:20        265728              c:\windows\system32\dllcache\http.sys

+ 2010-04-20 05:29 . 2010-04-20 05:29        285696              c:\windows\system32\dllcache\atmfd.dll

+ 2010-02-12 04:33 . 2010-02-12 04:33        100864              c:\windows\system32\dllcache\6to4svc.dll

+ 2006-03-24 12:00 . 2010-04-20 05:29        285696              c:\windows\system32\atmfd.dll

- 2006-03-24 12:00 . 2008-04-14 02:20        285696              c:\windows\system32\atmfd.dll

+ 2006-03-24 12:00 . 2010-02-12 04:33        100864              c:\windows\system32\6to4svc.dll

+ 2010-03-30 22:16 . 2010-03-30 22:16        130408              c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll

+ 2010-04-07 21:48 . 2010-04-07 21:48        970752              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll

- 2008-07-29 18:16 . 2008-07-29 18:16        110592              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll

+ 2010-04-07 21:48 . 2010-04-07 21:48        110592              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll

+ 2010-03-23 03:31 . 2010-03-23 03:31        435024              c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll

- 2008-07-25 10:17 . 2008-07-25 10:17        258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

+ 2010-02-09 10:22 . 2010-02-09 10:22        258048              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll

- 2008-05-27 22:49 . 2008-05-27 22:49        102400              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll

+ 2010-03-31 12:51 . 2010-03-31 12:51        102400              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll

- 2008-05-27 22:48 . 2008-05-27 22:48        315392              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll

+ 2010-03-31 12:49 . 2010-03-31 12:49        315392              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll

- 2008-05-27 23:30 . 2008-05-27 23:30        258048              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll

+ 2010-03-31 13:32 . 2010-03-31 13:32        258048              c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll

+ 2010-06-12 07:13 . 2006-03-31 09:27        578560              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2006-02-03 05:40        578560              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2005-12-05 15:20        577536              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2005-09-28 12:11        577536              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2005-07-22 15:21        577024              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2005-05-26 13:15        576000              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2005-03-18 15:23        567296              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2005-02-05 17:32        563712              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2005-03-18 14:23        223232              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll

+ 2010-06-12 07:13 . 2005-03-18 14:23        178176              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll

+ 2010-06-12 07:13 . 2005-03-18 14:23        364544              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll

+ 2010-06-12 07:13 . 2005-03-18 14:23        159232              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll

+ 2010-06-12 07:13 . 2005-03-18 14:23        145920              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll

+ 2010-06-12 07:13 . 2005-03-18 14:23        473600              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll

+ 2010-02-24 22:14 . 2010-02-24 22:14        543232              c:\windows\Installer\b8b66.msp

+ 2010-07-08 13:36 . 2010-07-08 13:36        429568              c:\windows\Installer\b8b5a.msi

+ 2010-07-29 08:39 . 2010-07-29 08:39        180224              c:\windows\Installer\308b4d.msi

+ 2010-07-08 13:55 . 2009-08-29 07:54        916480              c:\windows\ie8updates\KB982381-IE8\wininet.dll

+ 2010-07-08 13:55 . 2010-02-22 14:22        388984              c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll

+ 2010-07-08 13:55 . 2008-07-08 13:00        234872              c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe

+ 2010-07-08 13:55 . 2009-08-29 07:54        206848              c:\windows\ie8updates\KB982381-IE8\occache.dll

+ 2010-07-08 13:55 . 2009-03-08 03:32        611840              c:\windows\ie8updates\KB982381-IE8\mstime.dll

+ 2010-07-08 13:55 . 2009-08-29 07:54        594432              c:\windows\ie8updates\KB982381-IE8\msfeeds.dll

+ 2010-07-08 13:55 . 2009-08-29 07:54        246272              c:\windows\ie8updates\KB982381-IE8\ieproxy.dll

+ 2010-07-08 13:55 . 2009-08-29 07:54        184320              c:\windows\ie8updates\KB982381-IE8\iepeers.dll

+ 2010-07-08 13:55 . 2009-03-08 03:35        742912              c:\windows\ie8updates\KB982381-IE8\iedvtool.dll

+ 2010-07-08 13:55 . 2009-08-29 07:54        387584              c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll

+ 2010-07-08 13:55 . 2009-08-28 10:35        173056              c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe

+ 2010-07-08 13:45 . 2009-03-08 03:33        420352              c:\windows\ie8updates\KB981332-IE8\vbscript.dll

+ 2010-07-08 13:45 . 2009-05-26 11:40        388984              c:\windows\ie8updates\KB981332-IE8\spuninst\updspapi.dll

+ 2010-07-08 13:45 . 2009-05-26 11:40        234872              c:\windows\ie8updates\KB981332-IE8\spuninst\spuninst.exe

+ 2010-07-08 14:03 . 2008-07-08 13:00        388984              c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll

+ 2010-07-08 14:03 . 2008-07-08 13:00        234872              c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe

+ 2010-07-08 14:03 . 2009-06-22 06:45        726528              c:\windows\ie8updates\KB976662-IE8\jscript.dll

+ 2008-11-12 21:54 . 2010-02-24 13:11        455680              c:\windows\Driver Cache\i386\mrxsmb.sys

+ 2009-10-20 16:20 . 2009-10-20 16:20        265728              c:\windows\Driver Cache\i386\http.sys

+ 2010-07-08 14:02 . 2010-07-08 14:02        835584              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b7482fc9\System.Drawing.dll

+ 2010-07-08 14:02 . 2010-07-08 14:02        192512              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_69663f97\System.Drawing.Design.dll

+ 2010-07-08 14:02 . 2010-07-08 14:02        118784              c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_30ce2e99\CustomMarshalers.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        321536              c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe

+ 2010-07-08 14:01 . 2010-07-08 14:01        240128              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b3a9fac9aea3ad913781fafbdcbb0cae\WindowsFormsIntegration.ni.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        447488              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\4131a3627fec69291dbaed236f30dc65\UIAutomationClient.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        400896              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\747e84d81d1de2041661f0f71b04734a\System.Xml.Linq.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        129536              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        202240              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        859648              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e8ef769b3e899e62b26daadee50b97ed\System.Web.Extensions.Design.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        328704              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        301056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ad04fe1182e55e7c01066b62a4bee6b5\System.Web.Entity.Design.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        547328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        627200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        679936              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        311296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        621056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\f90965b9d9a6a6604c9a66f57c37c026\System.Net.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        998400              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        330752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e6bd59fec415e273c173170c6508180a\System.Management.Instrumentation.ni.dll

+ 2010-07-08 13:47 . 2010-07-08 13:47        381440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e3eb86170cba4c80e6e22ca33c63c218\System.IO.Log.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cfa48936affc9a5fb89f0bf66cc52a47\System.IdentityModel.Selectors.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        280064              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.Wrapper.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        627712              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.ni.dll

+ 2010-07-08 13:45 . 2010-07-08 13:45        208384              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\aeba6820f20655dec7fe0fe05aaeb818\System.Drawing.Design.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        455680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9ef70079beca3a9982a3aa76ebc0ddd8\System.DirectoryServices.Protocols.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        881152              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\277619716d9136216065bea970365c65\System.DirectoryServices.AccountManagement.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        939008              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\90b67e13866b176ae6cbdb23144f724d\System.Data.Services.Client.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        354816              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\131a477d41a8669b15696128b94c2636\System.Data.Services.Design.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        756736              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\d4990681ce373d81a52b231ee4c4afea\System.Data.Entity.Design.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        135680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\9e9d66a3a0e16fceead505c25af569eb\System.Data.DataSetExtensions.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        971264              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\39e4f9a276fb12125d8a1444d8b65a84\System.Configuration.Install.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        633856              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\849916c5cb3ff7763d15a3976766c2f6\System.AddIn.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        366080              c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\f38a426b90e6c526dcb2c435c7380450\SMSvcHost.ni.exe

+ 2010-07-08 13:48 . 2010-07-08 13:48        256000              c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6cabc7d1700c224e8b41ff2f96a3087c\SMDiagnostics.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        320512              c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5c8f5ca36498f43980d64820d8186c8a\ServiceModelReg.ni.exe

+ 2010-07-08 14:00 . 2010-07-08 14:00        368128              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a10c2c7e38291c3ada631ad13e762818\PresentationFramework.Aero.ni.dll

+ 2010-07-08 14:00 . 2010-07-08 14:00        539648              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7579c76fa81eb309d3170b62467be58d\PresentationFramework.Luna.ni.dll

+ 2010-07-08 14:00 . 2010-07-08 14:00        224768              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bef0992fb684e71dbfab5c0a99316af\PresentationFramework.Classic.ni.dll

+ 2010-07-08 14:00 . 2010-07-08 14:00        258048              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2f6687d394813d760496f60acf046384\PresentationFramework.Royale.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        133632              c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7700963610c1af364aa934c3c824b7b4\MSBuild.ni.exe

+ 2010-07-08 13:48 . 2010-07-08 13:48        386560              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c74d4c69c49992dfb23ba512081dc3de\Microsoft.Transactions.Bridge.Dtc.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        144384              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a6a9f24b1a8984eaafbabb1ee968e359\Microsoft.Build.Utilities.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        175104              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\2fa81d363cb1496be2427d848a867409\Microsoft.Build.Utilities.v3.5.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        839680              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c4c360df9c1024ebc3f0de77f5cf8b1c\Microsoft.Build.Engine.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        222720              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c9386dcd89c2518a74115f3bfd861830\Microsoft.Build.Conversion.v3.5.ni.dll

+ 2010-07-08 13:47 . 2010-07-08 13:47        410112              c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\abb62e3ed74c974f0282bc7ea5d3f1c1\ComSvcConfig.ni.exe

+ 2010-07-08 13:48 . 2010-07-08 13:48        842240              c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\6d34f00b6a782d15bec70d6cdb00b5e8\AspNetMMCExt.ni.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll

+ 2010-07-08 13:42 . 2010-07-08 13:42        970752              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

+ 2010-07-08 13:42 . 2010-07-08 13:42        438272              c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll

+ 2010-07-08 13:42 . 2010-07-08 13:42        110592              c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll

- 2009-11-19 11:10 . 2009-11-19 11:10        110592              c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        223232              c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        178176              c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        364544              c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        159232              c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        145920              c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        577024              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        576000              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        567296              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        563712              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        473600              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2006-03-24 12:00 . 2009-11-21 15:54        471552              c:\windows\AppPatch\aclayers.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        3783672              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        3783672              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll

- 2008-07-29 06:05 . 2008-07-29 06:05        3768312              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll

+ 2008-07-29 07:05 . 2008-07-29 07:05        3768312              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll

+ 2009-07-20 22:03 . 2009-07-20 22:03        1348432              c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll

+ 2006-03-24 12:00 . 2010-04-03 02:27        2334720              c:\windows\system32\WMVCore.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        1209344              c:\windows\system32\urlmon.dll

+ 2007-02-16 08:03 . 2010-07-18 19:07        1072116              c:\windows\system32\Restore\rstrlog.dat

+ 2010-07-07 17:29 . 2006-10-06 14:38        5644288              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvoglnt.dll

+ 2010-07-07 17:29 . 2006-10-06 14:38        7700480              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcpl.dll

+ 2010-07-07 17:29 . 2006-10-06 14:38        3992608              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nv4_mini.sys

+ 2010-07-07 17:29 . 2006-10-06 14:38        4526592              c:\windows\system32\ReinstallBackups\0004\DriverFiles\nv4_disp.dll

+ 2006-03-24 12:00 . 2010-02-05 18:25        1297408              c:\windows\system32\quartz.dll

+ 2006-03-24 12:00 . 2010-02-16 19:04        2148864              c:\windows\system32\ntoskrnl.exe

+ 2004-08-04 00:50 . 2010-02-16 19:04        2027008              c:\windows\system32\ntkrnlpa.exe

+ 2008-09-18 22:04 . 2009-07-31 08:02        1372672              c:\windows\system32\msxml6.dll

+ 2009-07-20 22:05 . 2009-07-20 22:05        1348432              c:\windows\system32\msxml4.dll

+ 2006-03-24 12:00 . 2009-07-31 04:32        1172480              c:\windows\system32\msxml3.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        5950976              c:\windows\system32\mshtml.dll

+ 2010-01-27 01:07 . 2010-06-16 07:38        5612496              c:\windows\system32\Macromed\Flash\NPSWF32.dll

+ 2006-10-17 10:57 . 2010-05-06 10:31        1985536              c:\windows\system32\iertutil.dll

- 2006-10-17 10:57 . 2009-08-29 07:54        1985536              c:\windows\system32\iertutil.dll

+ 2006-03-24 12:00 . 2010-04-03 02:27        2334720              c:\windows\system32\dllcache\WMVCore.dll

+ 2008-10-16 07:07 . 2010-05-02 08:05        1851392              c:\windows\system32\dllcache\win32k.sys

+ 2006-03-24 12:00 . 2010-05-06 10:31        1209344              c:\windows\system32\dllcache\urlmon.dll

+ 2008-05-07 05:10 . 2010-02-05 18:25        1297408              c:\windows\system32\dllcache\quartz.dll

+ 2008-10-16 07:07 . 2010-02-17 12:04        2192256              c:\windows\system32\dllcache\ntoskrnl.exe

+ 2008-10-16 07:07 . 2010-02-16 19:04        2027008              c:\windows\system32\dllcache\ntkrpamp.exe

+ 2008-10-16 07:07 . 2010-02-16 19:04        2069120              c:\windows\system32\dllcache\ntkrnlpa.exe

+ 2008-10-16 07:07 . 2010-02-16 19:04        2148864              c:\windows\system32\dllcache\ntkrnlmp.exe

+ 2008-09-18 22:04 . 2009-07-31 08:02        1372672              c:\windows\system32\dllcache\msxml6.dll

+ 2008-11-12 21:54 . 2009-07-31 04:32        1172480              c:\windows\system32\dllcache\msxml3.dll

+ 2009-08-14 17:38 . 2010-01-29 14:59        1315328              c:\windows\system32\dllcache\msoe.dll

- 2009-08-14 17:38 . 2009-07-10 13:26        1315328              c:\windows\system32\dllcache\msoe.dll

+ 2006-03-24 12:00 . 2010-05-06 10:31        5950976              c:\windows\system32\dllcache\mshtml.dll

- 2007-05-09 07:29 . 2009-08-29 07:54        1985536              c:\windows\system32\dllcache\iertutil.dll

+ 2007-05-09 07:29 . 2010-05-06 10:31        1985536              c:\windows\system32\dllcache\iertutil.dll

+ 2009-11-06 23:06 . 2009-11-06 23:06        1130824              c:\windows\system32\dfshim.dll

+ 2010-06-12 07:13 . 2006-03-31 10:40        2388176              c:\windows\system32\d3dx9_30.dll

+ 2010-06-12 07:13 . 2006-02-03 06:43        2332368              c:\windows\system32\d3dx9_29.dll

+ 2010-06-12 07:13 . 2005-12-05 16:09        2323664              c:\windows\system32\d3dx9_28.dll

+ 2010-06-12 07:13 . 2005-07-22 17:59        2319568              c:\windows\system32\d3dx9_27.dll

+ 2010-06-12 07:13 . 2005-05-26 13:34        2297552              c:\windows\system32\d3dx9_26.dll

+ 2010-06-12 07:13 . 2005-03-18 15:19        2337488              c:\windows\system32\d3dx9_25.dll

+ 2010-06-12 07:13 . 2005-02-05 17:45        2222800              c:\windows\system32\d3dx9_24.dll

+ 2010-04-07 21:48 . 2010-04-07 21:48        5967872              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll

+ 2010-03-23 03:32 . 2010-03-23 03:32        5242880              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll

- 2008-11-25 03:59 . 2008-11-25 03:59        5242880              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll

+ 2010-03-23 03:32 . 2010-03-23 03:32        3182592              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll

+ 2010-04-01 09:42 . 2010-04-01 09:42        1265664              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll

- 2008-05-27 23:35 . 2008-05-27 23:35        1265664              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll

- 2008-05-27 23:35 . 2008-05-27 23:35        1232896              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll

+ 2010-04-01 09:42 . 2010-04-01 09:42        1232896              c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll

+ 2010-03-31 12:50 . 2010-03-31 12:50        2514944              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

- 2008-05-27 22:48 . 2008-05-27 22:48        2514944              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

+ 2010-03-31 12:50 . 2010-03-31 12:50        2527232              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll

- 2008-05-27 22:43 . 2008-05-27 22:43        2142208              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll

+ 2010-04-01 09:42 . 2010-04-01 09:42        2142208              c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll

+ 2010-06-12 07:13 . 2004-12-01 13:53        2846720              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2004-09-29 10:38        2676224              c:\windows\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll

+ 2010-04-11 20:17 . 2010-04-11 20:17        2607104              c:\windows\Installer\b8b73.msp

+ 2010-04-11 20:17 . 2010-04-11 20:17        4210688              c:\windows\Installer\b8b72.msp

+ 2010-04-15 08:16 . 2010-04-15 08:16        1235968              c:\windows\Installer\43420f.msi

+ 2010-07-29 09:38 . 2010-07-29 09:38        1094656              c:\windows\Installer\35acad.msi

+ 2009-11-08 22:25 . 2009-11-08 22:25        1935360              c:\windows\Installer\1e7595.msp

+ 2010-07-08 13:55 . 2009-08-29 07:54        1208832              c:\windows\ie8updates\KB982381-IE8\urlmon.dll

+ 2010-07-08 13:55 . 2009-10-22 09:16        5939712              c:\windows\ie8updates\KB982381-IE8\mshtml.dll

+ 2010-07-08 13:55 . 2009-08-29 07:54        1985536              c:\windows\ie8updates\KB982381-IE8\iertutil.dll

+ 2008-10-16 07:07 . 2010-02-17 12:04        2192256              c:\windows\Driver Cache\i386\ntoskrnl.exe

+ 2008-10-16 07:07 . 2010-02-16 19:04        2027008              c:\windows\Driver Cache\i386\ntkrpamp.exe

+ 2008-10-16 07:07 . 2010-02-16 19:04        2069120              c:\windows\Driver Cache\i386\ntkrnlpa.exe

+ 2008-10-16 07:07 . 2010-02-16 19:04        2148864              c:\windows\Driver Cache\i386\ntkrnlmp.exe

+ 2010-07-08 14:02 . 2010-07-08 14:02        4792320              c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_61899a3e\System.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        1966080              c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_0c3a21de\System.dll

+ 2010-07-08 14:02 . 2010-07-08 14:02        5513216              c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_d75f9eaa\System.Xml.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        2088960              c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_0406f836\System.Xml.dll

+ 2010-07-08 14:02 . 2010-07-08 14:02        7884800              c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_befc6435\System.Windows.Forms.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        3018752              c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_0a075b53\System.Windows.Forms.dll

+ 2010-07-08 14:02 . 2010-07-08 14:02        2244608              c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_e78bb713\System.Drawing.dll

+ 2010-07-08 14:02 . 2010-07-08 14:02        3395584              c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_fd40100a\System.Design.dll

+ 2010-07-08 14:02 . 2010-07-08 14:02        1470464              c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_8a8a4e89\System.Design.dll

+ 2010-07-08 14:02 . 2010-07-08 14:02        3391488              c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_beec7aec\mscorlib.dll

+ 2010-07-08 14:02 . 2010-07-08 14:02        8908800              c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_31f06c26\mscorlib.dll

+ 2010-07-08 13:59 . 2010-07-08 13:59        3325440              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d63164ac4ed5adabc6a1b0fdf07eee05\WindowsBase.ni.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        1049600              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\d8549ce90b26cdc3071224ab6f020189\UIAutomationClientsideProviders.ni.dll

+ 2010-07-08 13:42 . 2010-07-08 13:42        7949824              c:\windows\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll

+ 2010-07-08 13:45 . 2010-07-08 13:45        5450752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        1356288              c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\016b75f60a18535c8d6b3e5d861ab559\System.WorkflowServices.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        1908224              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6dacae37d337004345518976fb57099e\System.Workflow.Runtime.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        4514304              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c7b832bbc5bb11c6c7f128c801ce90d7\System.Workflow.ComponentModel.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        2992640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\b9ea6ea910293cd6f13f765775867ebd\System.Workflow.Activities.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        1840640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8ef8d556899a4a10b7f288a80925489f\System.Web.Services.ni.dll

+ 2010-07-08 13:50 . 2010-07-08 13:50        2209280              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\5dfda43f1991ee6ba345d62b2be4801c\System.Web.Mobile.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        2403328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f08b3b8cdf548e3dfe61f342536175eb\System.Web.Extensions.ni.dll

+ 2010-07-08 13:45 . 2010-07-08 13:45        1917952              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2d6a5dbee4506bf643b853e41668afa3\System.Speech.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        1706496              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\169fe0ad9d59982a2a6b89779c09885b\System.ServiceModel.Web.ni.dll

+ 2010-07-08 13:47 . 2010-07-08 13:47        2345472              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        1035264              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\af217ef58e5558991f331d482c2bdba6\System.Printing.ni.dll

+ 2010-07-08 13:47 . 2010-07-08 13:47        1070080              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\ad4fb86064d7a1ebcb9ee997e7208ac1\System.IdentityModel.ni.dll

+ 2010-07-08 13:45 . 2010-07-08 13:45        1587200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        1116672              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7deab2494d53763cd83c567e71e0d8e0\System.DirectoryServices.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        1801216              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\b81efadfee7702624b713c6d86f7e369\System.Deployment.ni.dll

+ 2010-07-08 13:44 . 2010-07-08 13:44        6616576              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        2510336              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f71abf392c5ca05a4e46a5d1c4c72856\System.Data.SqlXml.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        1328128              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\5e6311aff5ada83d0f854922fa62faf6\System.Data.Services.ni.dll

+ 2010-07-08 13:44 . 2010-07-08 13:44        2516480              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3ba3367d03779ad6e76c5d4cdfe572a\System.Data.Linq.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        9924096              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6abf820d8ec57a0561c3367727d274df\System.Data.Entity.ni.dll

+ 2010-07-08 13:44 . 2010-07-08 13:44        2295296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e98726349766935ec0e9b980f19a046a\System.Core.ni.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        2128896              c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\57abb757c1f38586390dcc63bf056322\ReachFramework.ni.dll

+ 2010-07-08 14:00 . 2010-07-08 14:00        1657856              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\0095ba60255d4addaf5b8ebee697a027\PresentationUI.ni.dll

+ 2010-07-08 13:42 . 2010-07-08 13:42        1451008              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\20ef773b20f6ce721ae60e5c2c2e8f80\PresentationBuildTasks.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        1712128              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\935b855860088a86bb65d37a19f059cc\Microsoft.VisualBasic.ni.dll

+ 2010-07-08 13:47 . 2010-07-08 13:47        1093120              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\7a266de493d30eed21cb60ebe300be53\Microsoft.Transactions.Bridge.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        2332160              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\9db8f9f7fe63ca4451bb5316a3ebb009\Microsoft.JScript.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        1966080              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\c96be82d6cb00367db4e3553272165ef\Microsoft.Build.Tasks.v3.5.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        1620992              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3815de5b052187b5d9375681a6784255\Microsoft.Build.Tasks.ni.dll

+ 2010-07-08 13:48 . 2010-07-08 13:48        1888768              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\43fc6723d08e9ce88701c29653efd224\Microsoft.Build.Engine.ni.dll

+ 2010-07-08 13:59 . 2010-07-08 13:59        1249280              c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        3182592              c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        2048000              c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        2048000              c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

+ 2010-07-08 13:42 . 2010-07-08 13:42        5967872              c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll

+ 2010-07-08 13:59 . 2010-07-08 13:59        5279744              c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        5242880              c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

- 2009-11-19 18:54 . 2009-11-19 18:55        5242880              c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

- 2009-11-19 11:10 . 2009-11-19 11:10        4210688              c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

+ 2010-07-08 13:59 . 2010-07-08 13:59        4210688              c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

- 2009-11-19 18:55 . 2009-11-19 18:55        4546560              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

+ 2010-07-08 13:58 . 2010-07-08 13:58        4546560              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll

- 2009-10-22 12:11 . 2009-10-22 12:11        1232896              c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        1232896              c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll

+ 2010-07-08 14:01 . 2010-07-08 14:01        1265664              c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll

- 2009-10-22 12:11 . 2009-10-22 12:11        1265664              c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        2846720              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-12 07:13 . 2010-06-12 07:13        2676224              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2010-06-07 15:35 . 2010-06-07 15:35        13902440              c:\windows\system32\nvcpl.dll

+ 2006-09-29 12:35 . 2010-07-02 19:39        34045896              c:\windows\system32\MRT.exe

+ 2006-11-07 20:03 . 2010-05-06 10:31        11076096              c:\windows\system32\ieframe.dll

+ 2006-10-13 15:05 . 2010-06-07 23:57        10531200              c:\windows\system32\dllcache\nv4_mini.sys

+ 2007-05-09 07:29 . 2010-05-06 10:31        11076096              c:\windows\system32\dllcache\ieframe.dll

+ 2010-04-02 17:29 . 2010-04-02 17:29        11413504              c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp

+ 2010-04-11 20:17 . 2010-04-11 20:17        14599680              c:\windows\Installer\b8b82.msp

+ 2010-04-02 10:30 . 2010-04-02 10:30        17456640              c:\windows\Installer\1e75c0.msp

+ 2010-03-30 23:23 . 2010-03-30 23:23        15638528              c:\windows\Installer\1e75a2.msp

+ 2010-07-08 13:55 . 2009-08-29 07:54        11069440              c:\windows\ie8updates\KB982381-IE8\ieframe.dll

+ 2010-07-08 13:45 . 2010-07-08 13:45        12430848              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll

+ 2010-07-08 13:49 . 2010-07-08 13:49        11797504              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll

+ 2010-07-08 13:47 . 2010-07-08 13:47        17403904              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll

+ 2010-07-08 13:45 . 2010-07-08 13:45        10683392              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f352c5cb50bee105e4c873ca050f9f46\System.Design.ni.dll

+ 2010-07-08 14:00 . 2010-07-08 14:00        14328320              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\560662ada034afb6ec78a152bd9a47b5\PresentationFramework.ni.dll

+ 2010-07-08 14:00 . 2010-07-08 14:00        12215808              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f5dff344ac6ac923b5ade8ba1ab9382\PresentationCore.ni.dll

.

-- Snapshot auf jetziges Datum zurückgesetzt --

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]

"RTHDCPL"="RTHDCPL.EXE" [2006-10-09 16236032]

"NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"SetIcon"="\Programme\SMSC\SetIcon.exe" [2004-04-28 42496]

"LanguageShortcut"="c:\programme\Home Cinema\PowerDVD\Language\Language.exe" [2006-05-18 49152]

"InstantOn"="c:\programme\CyberLink\PowerCinema Linux\ion_install.exe" [2006-06-21 93640]

"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2006-10-25 282624]

"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-02-24 2372760]

"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]

"PaperPort PTD"="c:\programme\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 57393]

"IndexSearch"="c:\programme\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 40960]

"SetDefPrt"="c:\programme\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152]

"ControlCenter2.0"="c:\programme\Brother\ControlCenter2\brctrcen.exe" [2004-11-11 864256]

"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-05-14 248552]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-06-07 110696]
 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
 

c:\dokumente und einstellungen\***\Startmen\Programme\Autostart\

OpenOffice.org 2.4.lnk - c:\programme\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]
 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]

2004-01-14 01:10        409600        ----a-w-        c:\programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2006-10-30 08:36        256576        ----a-w-        c:\programme\iTunes\iTunesHelper.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVBroadcast]

2006-10-19 22:43        814080        ----a-w-        c:\programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]

2006-10-19 13:00        151552        ----a-w-        c:\programme\Home Cinema\TV Enhance\TVEService.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wlconfig]

2006-03-06 12:45        1347584        ------w-        c:\programme\WLAN Monitor\WLConfig.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"gusvc"=3 (0x3)

"TVTABRDZ"=3 (0x3)

"TVESched"=2 (0x2)

"TVECapSvc"=2 (0x2)

"gupdate"=2 (0x2)

"srvcPVR"=2 (0x2)
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Programme\\Messenger\\msmsgs.exe"=

"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=

"c:\\WINDOWS\\system32\\fxsclnt.exe"=

"c:\\Programme\\NetMeeting\\Conf.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programme\\iTunes\\iTunes.exe"=

"c:\\Programme\\Trillian\\trillian.exe"=

"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"c:\\Programme\\WS_FTP\\WS_FTP95.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programme\\TmNationsForever\\TmForever.exe"=
 

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [08.08.2009 20:21 64288]

R2 accsvc;AccSys WiFi Component;c:\programme\Gemeinsame Dateien\AccSys\accsvc.exe [11.12.2006 23:52 147456]

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [02.09.2009 10:10 135336]

R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [17.10.2006 12:28 1105664]

R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [23.10.2006 12:37 7040]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programme\Lavasoft\Ad-Aware\AAWService.exe [24.09.2009 13:17 1181328]

S4 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [15.04.2010 10:13 136176]

S4 srvcPVR;Sceneo PVR Service;c:\programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe [31.10.2006 14:16 1441280]

S4 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [23.10.2006 12:50 282709]

S4 TVESched;TVEnhance Task Scheduler (TTS));c:\programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [23.10.2006 12:50 122971]

.

Inhalt des "geplante Tasks" Ordners
 

2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 1).job

- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10]
 

2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 2).job

- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10]
 

2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 3).job

- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10]
 

2010-07-30 c:\windows\Tasks\Ad-Aware Update (Daily 4).job

- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10]
 

2010-07-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 11:10]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = about:blank

mWindow Title = Arcor AG & Co. KG

IE: Alles mit FDM herunterladen - file://c:\programme\Free Download Manager\dlall.htm

IE: Auswahl mit FDM herunterladen - file://c:\programme\Free Download Manager\dlselected.htm

IE: Datei mit FDM herunterladen - file://c:\programme\Free Download Manager\dllink.htm

IE: Download with GetRight - c:\programme\GetRight\GRdownload.htm

IE: Easy-WebPrint - Drucken - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

IE: Easy-WebPrint - Schnelldruck - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

IE: Easy-WebPrint - Vorschau - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

IE: Easy-WebPrint - Zu Druckliste hinzufügen - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: Open with GetRight Browser - c:\programme\GetRight\GRbrowse.htm

IE: {{1F958B09-3312-7f0e-9723-4C1324C57B20} - c:\programme\Internet Radio\Radio.exe

FF - ProfilePath - c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\

FF - prefs.js: browser.startup.homepage - about:blank

FF - plugin: c:\programme\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\programme\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\programme\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\programme\Mozilla Firefox\plugins\np-mswmp.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
 

---- FIREFOX Richtlinien ----

c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size",  4096);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\programme\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -
 

MSConfigStartUp-BullGuard - c:\programme\BullGuard Software\BullGuard\bullguard.exe
 
 
 

**************************************************************************

Scanne versteckte Prozesse... 
 

Scanne versteckte Autostarteinträge... 
 

Scanne versteckte Dateien... 
 

Scan erfolgreich abgeschlossen

versteckte Dateien: 
 

**************************************************************************

.

Zeit der Fertigstellung: 2010-07-30  22:01:46

ComboFix-quarantined-files.txt  2010-07-30 20:01

ComboFix2.txt  2009-11-22 10:48

ComboFix3.txt  2009-11-22 09:00

ComboFix4.txt  2009-11-22 08:37

ComboFix5.txt  2010-07-30 19:49
 

Vor Suchlauf: 20 Verzeichnis(se), 71.067.766.784 Bytes frei

Nach Suchlauf: 22 Verzeichnis(se), 71.036.264.448 Bytes frei
 

- - End Of File - - 84BC0F6BD07F607C36B253AA1B2C0E02

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus

Anschließend den bootkit_remover herunterladen. Entpacke das Tool in einen eigenen Ordner auf dem Desktop und führe in diesem Ordner die Datei remove.exe aus.

Wenn Du Windows Vista oder Windows 7 verwendest, musst Du die remover.exe über ein Rechtsklick => als Administrator ausführen

Ein schwarzes Fenster wird sich öffnen und automatisch nach bösartigen Veränderungen im MBR suchen.
Poste dann bitte, ob es Veränderungen gibt und wenn ja in welchem device. Am besten alles posten was die remover.exe ausgibt.

So, habe GMER ausgeführt, ist nicht abgestürzt. Hat aber ewig gedauert, mehr als 5 Stunden diesmal...

Log:

Code:

GMER 1.0.15.15281 - http://www.gmer.net

Rootkit scan 2010-07-31 22:07:23

Windows 5.1.2600 Service Pack 3

Running: pgtrnxzt.exe; Driver: C:\DOKUME~1\***\LOKALE~1\Temp\pxtdypow.sys
 
 

---- System - GMER 1.0.15 ----
 

SSDT            F7C24126                                                                                                                                                                                                                                                                                   ZwCreateKey

SSDT            F7C2411C                                                                                                                                                                                                                                                                                   ZwCreateThread

SSDT            F7C2412B                                                                                                                                                                                                                                                                                   ZwDeleteKey

SSDT            F7C24135                                                                                                                                                                                                                                                                                   ZwDeleteValueKey

SSDT            F7C2413A                                                                                                                                                                                                                                                                                   ZwLoadKey

SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                                                                                                                                                                                                          ZwMapViewOfSection [0xF79C18D0]

SSDT            F7C24108                                                                                                                                                                                                                                                                                   ZwOpenProcess

SSDT            F7C2410D                                                                                                                                                                                                                                                                                   ZwOpenThread

SSDT            F7C24144                                                                                                                                                                                                                                                                                   ZwReplaceKey

SSDT            F7C2413F                                                                                                                                                                                                                                                                                   ZwRestoreKey

SSDT            F7C24130                                                                                                                                                                                                                                                                                   ZwSetValueKey

SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                                                                                                                                                                                                          ZwShutdownSystem [0xF79C1E70]

SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)                                                                                                                                                                                                          ZwTerminateProcess [0xF79C1E00]
 

---- Kernel code sections - GMER 1.0.15 ----
 

.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                                                                                                                                                                                                   section is writeable [0xF5EB33A0, 0x592C35, 0xE8000020]

.text           tcpip.sys!IPTransmit + 10FC                                                                                                                                                                                                                                                                F35B5D3A 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

.text           tcpip.sys!IPTransmit + 2A52                                                                                                                                                                                                                                                                F35B7690 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

.text           tcpip.sys!IPRegisterProtocol + 930                                                                                                                                                                                                                                                         F35CD454 6 Bytes  CALL F731B200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

.text           wanarp.sys                                                                                                                                                                                                                                                                                 F77853FD 4 Bytes  CALL F731B350 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

.text           wanarp.sys                                                                                                                                                                                                                                                                                 F7785402 2 Bytes  [90, 90] {NOP ; NOP }
 

---- Kernel IAT/EAT - GMER 1.0.15 ----
 

IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                        [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                         [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                  [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                    [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                   [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                        [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                       [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                 [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                    [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                  [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                        [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                         [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                          [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                           [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                      [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                   [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                     [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                          [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                         [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                        [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                         [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                  [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                    [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol]                                                                                                                                                                                                                    [F731BB30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol]                                                                                                                                                                                                                  [F731BCB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter]                                                                                                                                                                                                                        [F731BDB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter]                                                                                                                                                                                                                         [F731BD50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
 

---- Devices - GMER 1.0.15 ----
 

Device          \Driver\Tcpip \Device\Ip                                                                                                                                                                                                                                                                   wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

Device          \Driver\Tcpip \Device\Tcp                                                                                                                                                                                                                                                                  wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
 

AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                                                                                                                                                                                  Lbd.sys (Boot Driver/Lavasoft AB)
 

Device          \Driver\Tcpip \Device\Udp                                                                                                                                                                                                                                                                  wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

Device          \Driver\Tcpip \Device\RawIp                                                                                                                                                                                                                                                                wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

Device          \Driver\Tcpip \Device\IPMULTICAST                                                                                                                                                                                                                                                          wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
 

AttachedDevice  \FileSystem\Fastfat \Fat                                                                                                                                                                                                                                                                   fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
 

---- Registry - GMER 1.0.15 ----
 

Reg             HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@j!s!i!`!r!`!e!d!\30!\30!t!e!s!m!s!y!                                                                                                                                                                                    71230
 

---- Files - GMER 1.0.15 ----
 

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\az_multimedia.css       5530 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\mediaplayer.swf         33571 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\scripts.js              3514 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\scripts_prog.js         1146 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\swf_object.js           9320 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid5_gallery4205_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLW\ufo.js                  10964 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\3_0_gross_augsburg.gif  4864 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\et_mmedetect.js         3397 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\et_overlay.php          886 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\overlay_get_clicks.js   6443 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\scripts.js              871 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\scripts_prog.js         1146 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\Kopie von neu 27102009\Dateien\Artikel,-Warum-Imagine-in-einen-Gottesdienst-passt-_arid,1262097_regid,2_puid,2_pageid,4494-Dateien\puid1_pageid6_regid11_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\styles.css              5870 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\SK neu 03112009\Dateien\Artikel,-Maerchenhafte-Geschichten-und-schoene-alte-Volkslieder-_arid,1228169_regid,1_puid,2_pageid,4492-Dateien\puid1_pageid6_regid10_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\ET_MME~1.JS       3397 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\SK neu 03112009\Dateien\Artikel,-Maerchenhafte-Geschichten-und-schoene-alte-Volkslieder-_arid,1228169_regid,1_puid,2_pageid,4492-Dateien\puid1_pageid6_regid10_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\OVERLA~1.JS       6443 bytes

File            C:\Dateien\**name**\Webseiten\**unterordner**\alt html (rot)\SK neu 03112009\Dateien\Artikel,-Maerchenhafte-Geschichten-und-schoene-alte-Volkslieder-_arid,1228169_regid,1_puid,2_pageid,4492-Dateien\puid1_pageid6_regid10_backlinkaHR0cDovL3d3dy5hdWdzYnVyZ2VyLWFsbG\styles.css        5870 bytes
 

---- EOF - GMER 1.0.15 ----

auch diesmal war der PC nach dem Ausführen von GMER sehr langsam. Als ich OSAM ausführen wollte, hat sich dieses mglw. aufgehängt, ist jedenfalls minutenlang beim Scannen des 3. Eintrags hängengeblieben.
Konnte den PC dann (wie oben) nicht mehr manuell herunterfahren -> Kaltstart.

Habe dann OSAM ausgeführt, folgendes Log:

Code:

Report of OSAM: Autorun Manager v5.0.11926.0

h**p://www.online-solutions.ru/en/

Saved at 22:40:40 on 31.07.2010
 

OS: Windows XP Professional Service Pack 3 (Build 2600)

Default Browser: Mozilla Corporation Firefox 3.6.8
 

Scanner Settings

[x] Rootkits detection (hidden registry)

[x] Rootkits detection (hidden files)

[x] Retrieve files information

[x] Check Microsoft signatures
 

Filters

[ ] Trusted entries

[ ] Empty entries

[x] Hidden registry entries (rootkit activity)

[x] Exclusively opened files

[x] Not found files

[x] Files without detailed information

[x] Existing files

[ ] Non-startable services

[ ] Non-startable drivers

[x] Active entries

[x] Disabled entries
 
 

[Boot Execute]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )-----

"BootExecute" - ? - C:\WINDOWS\system32\lsdelete.exe  (File found, but it contains no detailed information)
 

[Common]

-----( %SystemRoot%\Tasks )-----

"Ad-Aware Update (Daily 1).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

"Ad-Aware Update (Daily 2).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

"Ad-Aware Update (Daily 3).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

"Ad-Aware Update (Daily 4).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

"Ad-Aware Update (Weekly).job" - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
 

[Control Panel Objects]

-----( %SystemRoot%\system32 )-----

"ddbaccpl.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbaccpl.cpl

"ddbacctm.cpl" - "DataDesign AG" - C:\WINDOWS\system32\ddbacctm.cpl

"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl

"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl

"SERVICE.CPL" - "Davilex Software bv" - C:\WINDOWS\system32\SERVICE.CPL

"xhidcpl.cpl" - ? - C:\WINDOWS\system32\xhidcpl.cpl  (File found, but it contains no detailed information)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----

"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl

"Avira AntiVir PersonalEdition Classic Konfiguration" - ? - C:\PROGRA~1\ANTIVI~1\avconfig.cpl  (File not found)

"Nero BurnRights" - "Nero AG" - C:\Programme\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl

"QuickTime" - "Apple Computer, Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl

"Windows Media Connect" - "Microsoft Corporation" - C:\Programme\Windows Media Connect 2\wmccpl.dll
 

[Drivers]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

"AEGIS Protocol (IEEE 802.1x) v3.4.10.0" (AegisP) - "Meetinghouse Data Communications" - C:\WINDOWS\System32\DRIVERS\AegisP.sys

"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys

"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys

"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys

"catchme" (catchme) - ? - C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys  (File not found)

"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)

"GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys

"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)

"Lbd" (Lbd) - "Lavasoft AB" - C:\WINDOWS\System32\DRIVERS\Lbd.sys

"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)

"MHN-Treiber" (MHNDRV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mhndrv.sys

"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)

"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)

"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)

"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)

"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)

"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys

"SyGate for NT, wg3n" (wg3n) - "Sygate Technologies, Inc." - C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys

"Teefer for NT" (Teefer) - "Sygate Technologies, Inc." - C:\WINDOWS\System32\Drivers\Teefer.sys

"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

"wpsdrvnt" (wpsdrvnt) - "Sygate Technologies, Inc." - C:\WINDOWS\system32\drivers\wpsdrvnt.sys
 

[Explorer]

-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----

>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} "Microsoft Windows Media Player" - "Microsoft Corporation" - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----

{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll

{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll

-----( HKLM\Software\Classes\Protocols\Filter )-----

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll

-----( HKLM\Software\Classes\Protocols\Handler )-----

{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll

{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----

{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll

{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)

{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - ? -   (File not found | COM-object registry key not found)

{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - ? -   (File not found | COM-object registry key not found)

{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll

{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll

{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Computer, Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll

{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)

{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} "Meine freigegebenen Ordner" - "Microsoft Corporation" - C:\Programme\MSN Messenger\fsshext.8.0.0812.00.dll

{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll

{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll

{FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.dll

{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - ? -   (File not found | COM-object registry key not found)

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll

{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll

{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll

{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Programme\OpenOffice.org 2.4\program\shlxthdl.dll

{640167b4-59b0-47a6-b335-a6b3c0695aea} "Portable Media Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\audiodev.dll

{cc86590a-b60a-48e6-996b-41d25ed39a1e} "Portable Media Devices Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\audiodev.dll

{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Programme\Real\RealPlayer\rpshell.dll

{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll

{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll

{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)

{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll

{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL

{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} "WMP Add To Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll

{8DD448E6-C188-4aed-AF92-44956194EB1F} "WMP Burn Audio CD Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll

{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} "WMP Play As Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll
 

[Internet Explorer]

-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----

<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll

ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)

<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)

-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----

{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_21.dll / h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

{15B782AF-55D8-11D1-B477-006097098764} "Macromedia Authorware Web Player Control" - "Macromedia, Inc." - C:\WINDOWS\system32\macromed\authorwa\awswax.ocx / h**p://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} "MUWebControl Class" - "Microsoft Corporation" - C:\WINDOWS\system32\muweb.dll / h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152

{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} "Office Update Installation Engine" - "Microsoft Corporation" - C:\WINDOWS\opuc.dll / h**p://office.microsoft.com/officeupdate/content/opuc3.cab

{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx / h**p://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab

{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\LegitCheckControl.DLL / h**p://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----

"Internet Radio by Endicosoft.com" - "EndicoSoft.com" - C:\Programme\Internet Radio\Radio.exe

-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----

{327C2873-E90D-4c37-AA9D-10AC9BABA46C} "Easy-WebPrint" - ? - C:\Programme\Canon\Easy-WebPrint\Toolband.dll

<binary data> "Google Toolbar" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

{CC59E0F9-7E43-44FA-9FAA-8377850BF205} "FDMIECookiesBHO Class" - ? - C:\Programme\Free Download Manager\iefdmcks.dll

{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} "Google Dictionary Compression sdch" - "Google Inc." - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
 

[Logon]

-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----

"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini

-----( %UserProfile%\Startmenü\Programme\Autostart )-----

"desktop.ini" - ? - C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\desktop.ini

"OpenOffice.org 2.4.lnk" - ? - C:\Programme\OpenOffice.org 2.4\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)

-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----

"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min

"ControlCenter2.0" - "Brother Industries, Ltd." - C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun

"IndexSearch" - "ScanSoft, Inc." - C:\Programme\ScanSoft\PaperPort\IndexSearch.exe

"InstantOn" - ? - "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c "  (File not found)

"LanguageShortcut" - ? - "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe"

"NeroFilterCheck" - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe

"NvCplDaemon" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

"PaperPort PTD" - "ScanSoft, Inc." - C:\Programme\ScanSoft\PaperPort\pptd40nt.exe

"QuickTime Task" - "Apple Computer, Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime

"SetDefPrt" - "Brother Industories, Ltd." - C:\Programme\Brother\Brmfl04g\BrStDvPt.exe

"SetIcon" - ? - \Programme\SMSC\SetIcon.exe  (File not found)

"SmcService" - "Sygate Technologies, Inc." - C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

"SSBkgdUpdate" - "Scansoft, Inc." - "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
 

[Print Monitors]

-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----

"PDFCreator" - ? - C:\WINDOWS\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)
 

[Services]

-----( HKLM\SYSTEM\CurrentControlSet\Services )-----

".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

"AccSys WiFi Component" (accsvc) - "AccSys GmbH" - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe

"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe

"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe

"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Programme\CyberLink\Shared Files\RichVideo.exe

"HID Input Service" (HidServ) - ? -  C:\WINDOWS\System32\hidserv.dll  (File not found)

"iPod Service" (iPod Service) - "Apple Computer, Inc." - C:\Programme\iPod\bin\iPodService.exe

"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe

"Lavasoft Ad-Aware Service" (Lavasoft Ad-Aware Service) - "Lavasoft" - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe

"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe

"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE

"Messenger Sharing USN Journal Reader-Service" (usnsvc) - "Microsoft Corporation" - C:\Programme\MSN Messenger\usnsvc.dll

"MHN" (MHN) - "Microsoft Corporation" - C:\WINDOWS\System32\mhn.dll

"NVIDIA Display Driver Service" (NVSvc) - "NVIDIA Corporation" - C:\WINDOWS\system32\nvsvc32.exe

"Sygate Personal Firewall" (SmcService) - "Sygate Technologies, Inc." - C:\Programme\Sygate\SPF\smc.exe

"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

"Windows Media Connect-Dienst" (WMConnectCDS) - "Microsoft Corporation" - C:\Programme\Windows Media Connect 2\wmccds.exe

"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

"X10 Device Network Service" (x10nets) - "X10" - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
 

[Winlogon]

-----( HKCU\Control Panel\IOProcs )-----

"MVB" - ? - mvfs32.dll  (File not found)

-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----

"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll
 

===[ Logfile end ]=========================================[ Logfile end ]===
 

If You have questions or want to get some help, You can visit h**p://forum.online-solutions.ru

Habe anschließend remover.exe ausgeführt, Bildschirmausgabe:

Code:

(...)

Program version: 1.1.0.0

OS Version: Microsoft windows XP Professional Service Pack 3 (build 2600)
 

System volume is \\.\C.

\\.\C. -> \\.\PhysicalDrive0 at offset 0x00000000'00007e00

Boot sector MD5 is: cd38df3ac5b49526a61408de03ef0647
 

Size    298 GB

Device Name   \\.\Physical Drive0

MBR Status   Unknown boot code
 

Unknown boot code has been found on some of your physical disks.

To inspect the boot code manually, dump the master boot sector:

remover.exe dump <device_name> [output_file]

To disinfect the master boot sector, use the following command:

remover.exe fix <device_name>
 
 

Done:

Press any key to quit...

Zuerst mal bitte - falls noch nicht getan - die Datei remover.exe (vom BootkitRemover) vom Desktop nach c:\windows\system32 kopieren!
Danach die Konsole starten über Start, Ausführen, cmd eintippen, ok.

Den Text im folgenden Codefeld eintippen und mit Enter/Return ausführen:

Code:

remover.exe fix \\.\PhysicalDrive0