Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Firefox/IE öffnen falsche Seiten, Problemberichte Meldungen und AntiVir machen Ärger (https://www.trojaner-board.de/95057-firefox-ie-oeffnen-falsche-seiten-problemberichte-meldungen-antivir-aerger.html)

Zickenalarm 25.01.2011 19:40
Firefox/IE öffnen falsche Seiten, Problemberichte Meldungen und AntiVir machen Ärger
 
Hallo liebe Board-Gemeinde,
ich suche verzweifelt eure Hilfe..

Seit einiger Zeit macht mir mein PC Unmengen an Ärger..
Da ich den PC gemeinsam mit jemanden teile, können wir leider nicht ausschließen wer das Problem verursacht hat oder woher das alles kommen könnte..

Als erstes wie schon öfters gelesen verlinkt Internet Explorer/Firefox öfters auf falsche Seiten und redirected wieder weiter auf falsche Seiten oder es kann keine Seite geöffnet werden..
Desweiteren ploppt öfters eine Fehlermeldung auf, wenn ich Programme schließe. Z. B. Firefox, Windows Media Player oder auch bloss den USB-Stick entferne. Dabei handelt es sich meistens darum, ob Problemberichte gesendet werden dürfen oder nicht, weil das Programm nicht richtig beendet werden konnte - so oder so ähnlich..
Als letztes hat AntiVir noch Trojanische Pferde entdeckt:
- "TR/Patched.gen" unter C:\Windows\system32\winlogon.exe
- "TR/Shutdowner.fft" unter C:\Windows\system32\kb.dll
- "TR/Patched.Gen" unter C:\Windows\explorer.exe

ab und an meldet er auch ein Backdoorprogramm namens "Spammy"

Wir wissen nicht mehr weiter und erbitten um Hilfe

Hier HiJackThis Log:

Zitat:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\stsystra.exe
C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\WinPoET Broadband Connection\winpppoverethernet.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdcserv.exe
C:\WINDOWS\system32\lxdccoms.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\WinPoET Broadband Connection\WrOS.EXE
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\explorer.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\hijacker\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.euro.dell.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.euro.dell.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,C:\Programme\SVoTnYXaÀ–Í”Ëxcmnvmwk.exe\xcmnvmwk.exe
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [a-winpoet-service] "C:\Programme\WinPoET Broadband Connection\winpppoverethernet.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Dvdmod] C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Netpad\twaind3d.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - hxxp://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - hxxp://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: lxdcCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdcserv.exe
O23 - Service: lxdc_device - - C:\WINDOWS\system32\lxdccoms.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Programme\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Programme\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Unknown owner - C:\Programme\Webroot\Spy Sweeper\WRSSSDK.exe (file missing)
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Programme\WinPoET Broadband Connection\WrOS.EXE
O24 - Desktop Component 0: (no name) - file:///D:/progtrto/Standard/Wallpapers/1600x1200/images/wallpaper_28-4-2005_01.jpg
Danke im Vorraus!

markusg 25.01.2011 19:42
1. deinstaliere spybot es stört die reinigung.
2. macht ihr onlinebanking /einkäufe
3.
3.
Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten

Zickenalarm 25.01.2011 19:52
Okay, Spybot deinstalliert.. Und Einkäufe nur ab und an über eBay, aber kein Online-Banking bzw. Online-Einkäufe via Kreditkarte oder ähnlich..

OTL.Txt
Extras.Txt

folgen im gleich, Scan wird gerade durchgeführt..

Danke für deine Zeit!

markusg 25.01.2011 19:57
na gut auch mit ebay-daten kann man unfug betreiben, einkaufen auf dremdem nanem zb.
ich will mir die otl logs mal ansehen, aber wir sollten dann darüber nachdenken neu aufzusetzen, damit ihr dann wieder unbeschwert einkaufen könnt.

Zickenalarm 25.01.2011 20:01
Extras.Txt

OTL Logfile:
Code:
OTL Extras logfile created on: 25.01.2011 19:48:55 - Run 1
OTL by OldTimer - Version 3.2.20.5    Folder = C:\Dokumente und Einstellungen\Duy\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 145,95 Gb Total Space | 24,92 Gb Free Space | 17,07% Space Free | Partition Type: NTFS
Drive D: | 233,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: DELL | User Name: Duy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.js [@ = JSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2588702293-2312659973-3996383452-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"6112:TCP" = 6112:TCP:*:Enabled:wc 6112
"6113:TCP" = 6113:TCP:*:Enabled:wc 6113
"6114:TCP" = 6114:TCP:*:Enabled:wc 6114
"6115:TCP" = 6115:TCP:*:Enabled:wc 6115
"6116:TCP" = 6116:TCP:*:Enabled:wc 6116
"6117:TCP" = 6117:TCP:*:Enabled:wc 6117
"6118:TCP" = 6118:TCP:*:Enabled:wc 6118
"6119:TCP" = 6119:TCP:*:Enabled:wc 6119
"6112:UDP" = 6112:UDP:*:Enabled:udp 6112
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"6113:UDP" = 6113:UDP:*:Enabled:udp 6113
"6114:UDP" = 6114:UDP:*:Enabled:udp 6114
"6115:UDP" = 6115:UDP:*:Enabled:udp 6115
"6116:UDP" = 6116:UDP:*:Enabled:udp 6116
"6117:UDP" = 6117:UDP:*:Enabled:udp 6117
"6118:UDP" = 6118:UDP:*:Enabled:udp 6118
"6119:UDP" = 6119:UDP:*:Enabled:udp 6119
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Lexmark 1300 Series\app4r.exe" = C:\Programme\Lexmark 1300 Series\app4r.exe:*:Enabled:Lexmark Imaging Studio -- ()
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Games\Warcraft III\Warcraft III.exe" = C:\Programme\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Programme\Games\Starcraft\StarCraft.exe" = C:\Programme\Games\Starcraft\StarCraft.exe:*:Enabled:Starcraft
"C:\BROOD\StarCraft.exe" = C:\BROOD\StarCraft.exe:*:Enabled:Starcraft
"C:\Programme\Steam\Steam.exe" = C:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Programme\Games\Warcraft III\Frozen Throne.exe" = C:\Programme\Games\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne -- (Blizzard Entertainment)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\xssend2\svcnost.exe" = C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\xssend2\svcnost.exe:*:Enabled:ldrsoft -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36BD0774-6CD6-4FF9-A148-83CA09AC123E}" = Intel(R) PROSafe for Wired Connections
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F163D34-3CC6-4E37-3FB0-80311B894FEA}" = Need for Speed Carbon
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{403EF592-953B-4794-BCEF-ECAB835C2095}" = Intel(R) PROSafe for Wired Connections
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95392E65-0900-0001-3030-1EEC2624019E}" = InterVideo Promotion Agent
"{9806BFBB-F566-4654-94DE-CB1F85B5CDDD}" = WinPoET v6.61
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2BB456F-C07B-4EDE-975F-4D6DED19750A}" = 530TX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone-Konfigurationsprogramm
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"All ATI Software" = ATI - Software Uninstall Utility
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.2
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 4.1
"InstallShield_{F2BB456F-C07B-4EDE-975F-4D6DED19750A}" = DFE-530TX Driver
"JDownloader" = JDownloader
"Lexmark 1300 Series" = Lexmark 1300 Series
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"PhotoFiltre" = PhotoFiltre
"plist Editor for Windows" = plist Editor for Windows 1.0.1
"PROSetDX" = Intel(R) PRO Netzwerkverbindungs-Software v9.2.4.11
"RTP 1.32 Add-On for RM2k" = RTP 1.32 Add-On for RM2k
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"Steam App 10" = Counter-Strike
"SUPER ©" = SUPER © Version 2010.bld.37 (Jan 2, 2010)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.8.7
"VLC media player" = VideoLAN VLC media player 0.8.6a
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR Archivierer
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2588702293-2312659973-3996383452-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 25.01.2011 14:22:27 | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung hijackthis.exe, Version 2.0.0.4, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x001551bf.
 
Error - 25.01.2011 14:24:15 | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3989, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x001551bf.
 
Error - 25.01.2011 14:24:36 | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung hijackthis.exe, Version 2.0.0.4, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x001551bf.
 
Error - 25.01.2011 14:24:41 | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung jqsnotify.exe, Version 6.0.180.7, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x001551bf.
 
Error - 25.01.2011 14:28:18 | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3989, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x001551bf.
 
Error - 25.01.2011 14:33:20 | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avcenter.exe, Version 8.0.70.8, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x001551bf.
 
Error - 25.01.2011 14:40:41 | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung notepad.exe, Version 5.1.2600.5512, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x000951bf.
 
Error - 25.01.2011 14:43:35 | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung jqsnotify.exe, Version 6.0.180.7, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x001551bf.
 
Error - 25.01.2011 14:46:41 | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung rundll32.exe, Version 5.1.2600.5512, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x000951bf.
 
Error - 25.01.2011 14:46:52 | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung firefox.exe, Version 1.9.2.3989, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x001551bf.
 
[ System Events ]
Error - 22.01.2011 21:11:53 | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Webroot Spy Sweeper Engine" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%3
 
Error - 22.01.2011 21:11:56 | Computer Name = DELL | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  Pcmcia  tffsport
 
Error - 22.01.2011 22:01:21 | Computer Name = DELL | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Starten Sie den Dienst neu..
 
Error - 22.01.2011 22:01:33 | Computer Name = DELL | Source = Service Control Manager | ID = 7034
Description = Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 24.01.2011 09:57:55 | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%3
 
Error - 24.01.2011 09:57:55 | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Webroot Spy Sweeper Engine" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%3
 
Error - 24.01.2011 09:58:00 | Computer Name = DELL | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  Pcmcia  tffsport
 
Error - 25.01.2011 12:24:39 | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Lavasoft Ad-Aware Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%3
 
Error - 25.01.2011 12:24:39 | Computer Name = DELL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Webroot Spy Sweeper Engine" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%3
 
Error - 25.01.2011 12:25:00 | Computer Name = DELL | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  Pcmcia  tffsport
 
 
< End of report >
--- --- ---


und hier einmal die

OTL.TXT

OTL Logfile:
Code:
OTL logfile created on: 25.01.2011 19:48:55 - Run 1
OTL by OldTimer - Version 3.2.20.5    Folder = C:\Dokumente und Einstellungen\Duy\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 145,95 Gb Total Space | 24,92 Gb Free Space | 17,07% Space Free | Partition Type: NTFS
Drive D: | 233,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: DELL | User Name: Duy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Duy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\logishrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Gemeinsame Dateien\logishrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdcserv.exe (Lexmark International, Inc.)
PRC - C:\WINDOWS\system32\lxdccoms.exe ( )
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
PRC - C:\Programme\WinPoET Broadband Connection\WinPPPoverEthernet.exe (Fine Point Technologies, Inc.)
PRC - C:\Programme\WinPoET Broadband Connection\WROS.exe (iVasion, a Routerware Company)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\Duy\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\shfolder.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msacm32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\AppPatch\acgenral.dll (Microsoft Corporation)
MOD - C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (svcWRSSSDK) --  File not found
SRV - (SQLAgent$SONY_MEDIAMGR) --  File not found
SRV - (MSSQLServerADHelper) --  File not found
SRV - (MSSQL$SONY_MEDIAMGR) --  File not found
SRV - (Lavasoft Ad-Aware Service) --  File not found
SRV - (AppMgmt) --  File not found
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirScheduler) -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (LVSrvLauncher) -- C:\Programme\Gemeinsame Dateien\logishrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (lxdcCATSCustConnectService) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdcserv.exe ()
SRV - (lxdc_device) -- C:\WINDOWS\System32\lxdccoms.exe ( )
SRV - (IAANTMon) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (WinPPPoverEthernet) -- C:\Programme\WinPoET Broadband Connection\WROS.exe (iVasion, a Routerware Company)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (BVRPMPR5) -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (avgntdd) -- C:\WINDOWS\system32\drivers\avgntdd.sys (Avira GmbH)
DRV - (avgntmgr) -- C:\WINDOWS\SYSTEM32\drivers\avgntmgr.sys (Avira GmbH)
DRV - (PID_0928) Logitech QuickCam Express(PID_0928) -- C:\WINDOWS\system32\drivers\LV561AV.SYS (Logitech Inc.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (tffsport) -- C:\WINDOWS\system32\DRIVERS\tffsport.sys (M-Systems)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys (Logitech Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (libusb0) -- C:\WINDOWS\system32\drivers\libusb0.sys (libusb-Win32)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia)
DRV - (nmwcdcm) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia)
DRV - (nmwcdcj) -- C:\WINDOWS\system32\drivers\nmwcdcj.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia)
DRV - (AF15BDA) -- C:\WINDOWS\system32\drivers\AF15BDA.sys (AfaTech                  )
DRV - (STEC3) -- C:\WINDOWS\system32\STEC3.sys (AntiCracking)
DRV - (iastor) -- C:\WINDOWS\system32\drivers\iastor.sys (Intel Corporation)
DRV - (STHDA) High Definition Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (d347prt) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (d347bus) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (WrKPoET2000) -- C:\Programme\WinPoET Broadband Connection\WrKPoET2000.sys ()
DRV - (TopWinPoETDriver) -- C:\WINDOWS\system32\drivers\WrKPoET2000.sys ()
DRV - (FETNDISB) -- C:\WINDOWS\system32\drivers\dlkfet5b.sys (D-Link                              )
DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Computer Corporation)
DRV - (WRSWanDD) -- C:\WINDOWS\system32\drivers\WrKPoETNic2000.sys ()
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (Aspi32) -- C:\WINDOWS\System32\drivers\ASPI32.bak (Adaptec)
DRV - (ASPI) -- C:\WINDOWS\system32\drivers\ASPI32.sys (Adaptec)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell - The Official Site | Dell UK
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dell - The Official Site | Dell UK
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell - The Official Site | Dell UK
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = Dell - The Official Site | Dell UK
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dell - The Official Site | Dell UK
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell - The Official Site | Dell UK
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = Dell - The Official Site | Dell UK
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dell - The Official Site | Dell UK
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell - The Official Site | Dell UK
IE - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..keyword.URL: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.01.04 13:18:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.01.04 13:18:45 | 000,000,000 | ---D | M]
 
[2009.02.28 20:35:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Mozilla\Extensions
[2011.01.23 20:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Mozilla\Firefox\Profiles\0ndhfipc.Default User\extensions
[2010.07.22 13:10:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Mozilla\Firefox\Profiles\0ndhfipc.Default User\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.08.25 12:04:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Mozilla\Firefox\Profiles\0ndhfipc.Default User\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.08.25 12:04:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Mozilla\Firefox\Profiles\0ndhfipc.Default User\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.06.30 15:31:39 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Mozilla\Firefox\Profiles\0ndhfipc.Default User\extensions\moveplayer@movenetworks.com
[2009.07.05 01:50:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Mozilla\Firefox\Profiles\8ma4jrtv.default\extensions
[2005.09.23 13:22:17 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Mozilla\Firefox\Profiles\8ma4jrtv.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008.10.14 14:02:36 | 000,002,108 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Mozilla\Firefox\Profiles\0ndhfipc.Default User\searchplugins\youtube-videosuche.xml
[2011.01.24 20:33:49 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.06.26 15:02:41 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2004.07.03 21:09:11 | 000,140,800 | ---- | M] (Icenet LLC) -- C:\Programme\Mozilla Firefox\plugins\al2np.dll
[2006.04.18 14:59:50 | 000,039,424 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\npclntax.dll
[2006.09.26 12:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.01.23 22:01:11 | 000,429,214 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1        007guard.com - 007guard and Free Antivirus
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.123topsearch.com
O1 - Hosts: 127.0.0.1        123topsearch.com
O1 - Hosts: 127.0.0.1        132???
O1 - Hosts: 127.0.0.1        132.com
O1 - Hosts: 127.0.0.1        Naruto Episode 130 | Toyota Auris | Cash Advance | Debt Consolidation | Insurance at 136136.net
O1 - Hosts: 127.0.0.1        136136.net
O1 - Hosts: 127.0.0.1        Öйú»¥Áª--ÓòÃûÉêÇë|ÓòÃû×¢²á|¿Õ¼äÉêÇë|ÐéÄâÖ÷»ú|Ö÷Ò³¿Õ¼ä,ÉϺ£¶¥¼¶ÍøÂç·þÎñÉÌ
O1 - Hosts: 127.0.0.1        163ns.com
O1 - Hosts: 14806 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O3 - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [a-winpoet-service] C:\Programme\WinPoET Broadband Connection\winpppoverethernet.exe (Fine Point Technologies, Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UserFaultCheck]  File not found
O4 - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006..\Run: [Dvdmod] C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Netpad\twaind3d.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = B1 00 00 00  [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = B1 00 00 00  [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2588702293-2312659973-3996383452-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} hxxp://messenger.zone.msn.com/binary/Bankshot.cab57213.cab (CBreakshotControl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} hxxp://messenger.zone.msn.com/binary/Chess.cab57176.cab (ZoneChess Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Programme\SVoTnYXaÀ–Í”Ëxcmnvmwk.exe\xcmnvmwk.exe) -  File not found
O24 - Desktop Components:0 () - file:///D:/progtrto/Standard/Wallpapers/1600x1200/images/wallpaper_28-4-2005_01.jpg
O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Duy\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Duy\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.08.18 13:18:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008.02.22 01:43:08 | 000,358,248 | R--- | M] (NETGEAR Inc.) - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2000.05.17 18:22:36 | 000,000,045 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{00eb55a9-9590-11df-86ed-00123f72c133}\Shell\AutoRun\command - "" = F:\avira.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Speed Launch.lnk - C:\Programme\Adobe\Reader 8.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Synchronizer.lnk - C:\Programme\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^InterVideo WinCinema Manager.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^Duy^Startmenü^Programme^Autostart^Xfire.lnk -  - File not found
MsConfig - StartUpReg: AVGCtrl - hkey= - key= - c:\Programme\Craps\Anti Virus & Firewallz\Anit Virus\AVGNT.EXE (H+BEDV Datentechnik GmbH)
MsConfig - StartUpReg: BLASC - hkey= - key= -  File not found
MsConfig - StartUpReg: c: - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: DAEMON Tools-1033 - hkey= - key= -  File not found
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: Dvdmod - hkey= - key= - C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Netpad\twaind3d.exe ()
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Dokumente und Einstellungen\Duy\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: ICQ Lite - hkey= - key= -  File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LogitechQuickCamRibbon - hkey= - key= - C:\Programme\Logitech\QuickCam\Quickcam.exe ()
MsConfig - StartUpReg: lxdcamon - hkey= - key= - C:\Programme\Lexmark 1300 Series\lxdcamon.exe (Lexmark)
MsConfig - StartUpReg: MsnMsgr - hkey= - key= - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= -  File not found
MsConfig - StartUpReg: NetPumper - hkey= - key= -  File not found
MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= -  File not found
MsConfig - StartUpReg: SpySweeper - hkey= - key= -  File not found
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Programme\Steam\Steam.exe (Valve Corporation)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt -  File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: svcWRSSSDK -  File not found
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt -  File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service -  File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm -  File not found
SafeBootNet: nm.sys -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: svcWRSSSDK -  File not found
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {499A1D05-8F41-20A5-C44A-DE3CCFB8ED26} - IEACCESS
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5F95E1AF-2620-4f15-BDF9-7FDCE4607E17} - BearShare
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.at3 - C:\WINDOWS\System32\atrac3.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\WINDOWS\system32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mp42 - mpg4c32.dll File not found
Drivers32: vidc.mp43 - mpg4c32.dll File not found
Drivers32: vidc.mpg4 - mpg4c32.dll File not found
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (98248377623379968)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.01.25 19:46:13 | 000,603,136 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Duy\Desktop\OTL.exe
[2011.01.25 19:11:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Duy\Startmenü\Programme\HiJackThis
[2011.01.25 19:11:47 | 000,000,000 | ---D | C] -- C:\Programme\hijacker
[2011.01.24 17:11:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Duy\Desktop\ps
[2011.01.21 01:23:24 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Duy\Recent
[2011.01.18 18:31:54 | 000,049,904 | R--- | C] (Avanquest Software) -- C:\WINDOWS\System32\drivers\BVRPMPR5.SYS
[2011.01.17 19:33:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Duy\Desktop\Wall
[2011.01.13 18:09:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\TrusteerHelp
[2011.01.13 18:09:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Netpad
[2011.01.04 13:23:13 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.01.04 13:19:31 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011.01.04 13:18:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox
[2011.01.04 13:18:08 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011.01.04 12:09:07 | 000,000,000 | ---D | C] -- C:\Programme\xerox
[2011.01.04 12:09:07 | 000,000,000 | ---D | C] -- C:\Programme\Parasol
[2011.01.04 12:09:06 | 000,000,000 | -H-D | C] -- C:\Programme\Creative Installation Information
[2011.01.04 12:09:06 | 000,000,000 | ---D | C] -- C:\Programme\Kate's Video Cutter
[2011.01.04 12:09:05 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2011.01.04 12:09:05 | 000,000,000 | ---D | C] -- C:\Programme\Creative
[2011.01.04 12:09:05 | 000,000,000 | ---D | C] -- C:\Programme\AviSynth 2.5
[2011.01.04 12:09:05 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software
[2011.01.04 12:07:11 | 000,000,000 | ---D | C] -- C:\Programme\StarCraft II Beta
[2011.01.04 12:07:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\StarCraft II Beta
[2011.01.04 12:07:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Winamp
[2008.02.20 19:31:51 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDChcp.dll
[2007.03.03 04:13:41 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcpmui.dll
[2007.03.03 04:12:21 | 001,232,896 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcserv.dll
[2007.03.03 04:05:53 | 000,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdccomm.dll
[2007.03.03 04:04:14 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdclmpm.dll
[2007.03.03 04:02:55 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdciesc.dll
[2007.03.03 04:00:23 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcpplc.dll
[2007.03.03 03:59:32 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdccomc.dll
[2007.03.03 03:58:58 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcprox.dll
[2007.03.03 03:51:50 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcinpa.dll
[2007.03.03 03:51:09 | 000,999,424 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcusb1.dll
[2007.03.03 03:47:01 | 000,700,416 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdchbn3.dll
[2005.12.07 11:20:44 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2005.12.07 11:20:44 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
[24 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Dokumente und Einstellungen\All Users\*.tmp files -> C:\Dokumente und Einstellungen\All Users\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.25 19:46:16 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Duy\Desktop\OTL.exe
[2011.01.25 19:24:16 | 000,002,527 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Desktop\HiJackThis.lnk
[2011.01.25 19:11:23 | 001,402,880 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Desktop\HiJackThis.msi
[2011.01.25 18:42:41 | 000,467,438 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Desktop\Hey Baby.mp3
[2011.01.25 18:37:16 | 003,268,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Desktop\Pitbull_Feat._T-Pain_-_Hey_Baby_Drop_It_To_The_Flo....mp3
[2011.01.25 17:25:26 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.25 17:24:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.25 17:24:08 | 2145,554,432 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.24 07:33:36 | 000,069,827 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Desktop\163874_1672422303689_1631346014_1529930_1366837_n.jpg
[2011.01.24 02:11:21 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.01.23 22:28:34 | 000,000,245 | RHS- | M] () -- C:\boot.ini
[2011.01.23 22:01:11 | 000,429,214 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.22 14:41:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.01.22 00:17:43 | 000,395,554 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Desktop\IMG_0745.jpg
[2011.01.21 15:27:04 | 000,077,459 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Desktop\163671_1841355435185_1279558024_32189042_1164592_n.jpg
[2011.01.20 15:18:55 | 000,006,344 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Eigene Dateien\Setup.html
[2011.01.19 23:55:00 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011.01.12 23:34:16 | 000,000,657 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2011.01.12 23:16:29 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2011.01.08 17:33:20 | 000,429,088 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110123-220111.backup
[2011.01.04 17:19:19 | 000,001,682 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Desktop\WC III.lnk
[2011.01.04 17:11:40 | 001,523,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.04 12:16:27 | 000,428,950 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110108-173320.backup
[2011.01.03 23:07:22 | 000,428,950 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110104-121627.backup
[24 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Dokumente und Einstellungen\All Users\*.tmp files -> C:\Dokumente und Einstellungen\All Users\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.01.25 19:11:47 | 000,002,527 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Desktop\HiJackThis.lnk
[2011.01.25 19:11:20 | 001,402,880 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Desktop\HiJackThis.msi
[2011.01.25 18:42:38 | 000,467,438 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Desktop\Hey Baby.mp3
[2011.01.25 18:36:55 | 003,268,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Desktop\Pitbull_Feat._T-Pain_-_Hey_Baby_Drop_It_To_The_Flo....mp3
[2011.01.24 07:33:35 | 000,069,827 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Desktop\163874_1672422303689_1631346014_1529930_1366837_n.jpg
[2011.01.22 00:06:01 | 000,395,554 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Desktop\IMG_0745.jpg
[2011.01.21 15:10:34 | 000,077,459 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Desktop\163671_1841355435185_1279558024_32189042_1164592_n.jpg
[2011.01.20 15:18:55 | 000,006,344 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Eigene Dateien\Setup.html
[2011.01.12 23:34:16 | 000,000,657 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2011.01.04 16:23:12 | 000,001,682 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Desktop\WC III.lnk
[2011.01.04 12:10:53 | 2145,554,432 | -HS- | C] () -- C:\hiberfil.sys
[2010.12.11 23:32:58 | 000,000,036 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Lokale Einstellungen\Anwendungsdaten\housecall.guid.cache
[2010.12.09 16:02:01 | 000,000,028 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\abpzlw.dat
[2010.12.09 16:01:55 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\avdrn.dat
[2010.08.03 18:02:32 | 000,004,990 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mtbjfghn.xbe
[2010.01.13 03:02:28 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.12.30 12:52:15 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.12.22 23:57:35 | 000,000,934 | ---- | C] () -- C:\WINDOWS\System32\krl32mainweq.dll
[2009.12.22 23:56:12 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sysReserve.ini
[2009.07.08 12:12:00 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.06.14 12:51:56 | 000,598,016 | ---- | C] () -- C:\WINDOWS\System32\viscomqtde.dll
[2009.06.14 12:51:56 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009.06.13 00:25:47 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\winscp.rnd
[2009.02.05 08:24:31 | 000,022,040 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\addon.dat
[2008.03.10 16:33:11 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.02.27 12:52:20 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\dvmsg.dll
[2008.02.20 19:31:53 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\lxdcrwrd.ini
[2008.02.20 19:31:51 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\LXDCinst.dll
[2008.02.20 19:30:58 | 000,344,064 | R--- | C] () -- C:\WINDOWS\System32\lxdccoin.dll
[2008.02.09 05:58:22 | 000,941,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\CamthWDM.sys
[2007.12.01 21:23:20 | 000,000,046 | ---- | C] () -- C:\WINDOWS\Goya.INI
[2007.12.01 18:57:42 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2007.10.12 01:11:58 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007.10.11 18:59:24 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007.05.16 16:31:42 | 000,001,009 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2007.04.18 12:57:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdcgrd.dll
[2007.01.08 17:25:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006.12.22 23:55:26 | 000,000,010 | ---- | C] () -- C:\WINDOWS\smdat32m.sys
[2006.12.18 01:29:18 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2006.12.09 18:48:02 | 000,004,810 | ---- | C] () -- C:\WINDOWS\System32\Mapx16w6.dll
[2006.10.18 04:24:22 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\AVSDVDPlayer.m3u
[2006.10.18 04:17:31 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2006.08.03 00:09:47 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006.08.03 00:09:47 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006.08.03 00:09:47 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006.08.03 00:09:47 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006.08.03 00:09:47 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006.08.03 00:09:47 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006.07.11 00:51:48 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2006.07.07 17:13:32 | 000,006,067 | ---- | C] () -- C:\WINDOWS\UNWISE.INI
[2006.07.06 00:40:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\musicmaker.INI
[2006.07.06 00:28:06 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2006.07.06 00:27:15 | 000,006,768 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2006.05.18 15:47:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdcvs.dll
[2006.02.07 14:58:15 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.01.18 20:14:27 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\islzma.dll
[2005.12.23 14:40:15 | 000,000,025 | ---- | C] () -- C:\WINDOWS\System32\sysogg.dll
[2005.12.22 10:48:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005.12.22 00:03:04 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2005.12.07 11:10:55 | 000,000,057 | ---- | C] () -- C:\WINDOWS\ClonyDrives.ini
[2005.12.07 11:10:39 | 000,000,211 | ---- | C] () -- C:\WINDOWS\Clony2.ini
[2005.12.07 00:56:31 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dksav1.ini
[2005.12.07 00:55:34 | 000,000,018 | ---- | C] () -- C:\WINDOWS\cnc.ini
[2005.12.06 23:45:46 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\Unlha32.dll
[2005.12.06 23:45:45 | 000,473,600 | ---- | C] () -- C:\WINDOWS\System32\Harmony.dll
[2005.12.06 23:23:08 | 000,000,156 | ---- | C] () -- C:\WINDOWS\Pokervid.INI
[2005.12.06 23:14:49 | 000,000,067 | ---- | C] () -- C:\WINDOWS\IDMan.INI
[2005.12.03 05:50:04 | 000,000,039 | ---- | C] () -- C:\WINDOWS\VCDISC.INI
[2005.11.29 23:33:03 | 000,000,066 | ---- | C] () -- C:\WINDOWS\MPlayer.INI
[2005.11.25 18:31:54 | 000,000,442 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005.10.17 04:42:19 | 000,000,023 | ---- | C] () -- C:\WINDOWS\System32\w_madriver.dll
[2005.10.17 04:39:41 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2005.10.17 04:39:41 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2005.10.17 04:39:41 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2005.10.16 18:56:00 | 000,000,066 | ---- | C] () -- C:\WINDOWS\StationRipper.INI
[2005.10.12 23:54:21 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005.10.02 18:24:19 | 000,001,943 | ---- | C] () -- C:\WINDOWS\TVTEmulator.ini
[2005.09.21 21:45:42 | 000,000,258 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.09.18 22:19:56 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.09.16 20:15:45 | 000,000,327 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005.09.14 12:31:27 | 000,065,604 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoETNic2000.sys
[2005.09.14 12:31:27 | 000,053,334 | ---- | C] () -- C:\WINDOWS\System32\drivers\WrKPoET2000.sys
[2005.09.06 19:35:43 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2005.09.05 19:22:38 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2005.09.05 19:22:38 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2005.09.05 19:22:38 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2005.09.05 17:00:36 | 000,096,768 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.09.05 15:54:56 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Duy\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2005.08.31 14:32:21 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.08.31 14:29:19 | 000,000,315 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005.08.31 14:05:56 | 000,000,200 | ---- | C] () -- C:\WINDOWS\System32\dlbcplc.ini
[2005.08.31 14:05:20 | 000,000,398 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.07.15 19:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005.07.15 19:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005.07.13 14:05:56 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\winxp32.sys
[2004.08.22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2004.08.18 13:26:49 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.08.18 13:12:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.08.18 13:05:43 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\kb.dll
[2003.05.26 13:21:20 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\KazaaSocks.dll
[2002.07.31 17:32:04 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
 
========== LOP Check ==========
 
[2010.12.25 17:02:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Uniblue
[2010.12.25 17:42:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2011.01.21 15:38:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
[2005.10.04 20:24:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avg7
[2010.04.30 21:39:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2009.07.24 12:42:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2008.04.18 23:56:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2007.12.09 03:33:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2011.01.04 12:09:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mMmBh02109
[2006.08.06 16:12:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OD2
[2008.04.19 00:01:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2007.06.23 20:48:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\pixelStorm
[2011.01.05 22:22:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2005.09.05 20:38:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2010.12.12 11:48:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009.06.20 16:58:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VOWSoft
[2007.02.02 00:45:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\YoGen
[2008.12.25 01:23:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2009.04.01 07:38:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010.08.07 14:03:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.09.15 18:47:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.04.27 11:24:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2005.12.22 00:54:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\.ABC
[2006.05.07 16:21:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\.bittorrent
[2006.01.03 20:36:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\.CannaPower
[2005.10.16 23:27:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\AssistantTools.com
[2010.12.30 21:43:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Atfey
[2010.12.25 20:22:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Azureus
[2010.08.03 18:02:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Carambis
[2007.03.01 18:25:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Command & Conquer 3 Tiberium Wars Demo
[2011.01.06 00:33:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Daegpy
[2009.07.21 14:59:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\DiskAid
[2005.12.06 23:16:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\DMCache
[2010.10.10 18:22:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\DVDVideoSoft
[2010.01.02 19:13:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\FreeVideoConverter
[2007.12.11 23:21:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\gtk-2.0
[2005.09.11 23:49:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\InterVideo
[2005.09.24 01:20:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Kazaa Lite
[2010.12.10 08:14:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Kyty
[2005.09.05 17:19:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Leadertech
[2007.12.01 18:59:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\MAGIX
[2005.10.24 00:39:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\NetMedia Providers
[2011.01.13 18:09:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Netpad
[2008.04.24 09:35:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Nokia
[2010.12.21 21:43:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Ocdem
[2006.07.11 00:35:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\OD2
[2010.11.07 16:16:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Opdac
[2010.06.26 20:08:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\OpenOffice.org
[2010.12.15 20:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Opmyci
[2009.07.24 12:45:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Panasonic
[2008.04.28 00:29:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\PC Suite
[2005.12.06 21:43:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\phonostar-Player
[2005.10.24 00:39:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Publish Providers
[2010.12.10 08:14:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Qida
[2010.12.05 02:47:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Rymea
[2007.12.01 21:26:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Sony
[2007.12.01 18:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Sony Setup
[2008.02.27 13:23:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Tobit
[2011.01.13 18:09:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\TrusteerHelp
[2010.05.14 03:34:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\TS3Client
[2010.11.11 03:20:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Tuhye
[2010.12.23 16:28:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Uniblue
[2005.12.22 10:34:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\uTorrent
[2008.07.29 18:41:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Webcammax
[2008.12.25 01:23:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Zylom
[2011.01.19 23:55:00 | 000,000,470 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2005.09.06 22:45:11 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP-Anmeldungserinnerung 1.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2005.12.22 00:54:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\.ABC
[2006.05.07 16:21:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\.bittorrent
[2006.01.03 20:36:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\.CannaPower
[2011.01.24 17:45:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Adobe
[2005.09.18 21:44:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Ahead
[2009.09.15 19:17:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Apple Computer
[2008.03.10 16:36:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\ArcSoft
[2005.10.16 23:27:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\AssistantTools.com
[2010.12.30 21:43:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Atfey
[2010.12.25 20:22:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Azureus
[2010.08.03 18:02:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Carambis
[2007.03.01 18:25:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Command & Conquer 3 Tiberium Wars Demo
[2008.10.17 01:32:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Creative
[2005.09.11 04:37:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\CyberLink
[2011.01.06 00:33:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Daegpy
[2009.07.21 14:59:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\DiskAid
[2010.09.02 15:21:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\DivX
[2005.12.06 23:16:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\DMCache
[2010.03.20 02:39:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\dvdcss
[2010.10.10 18:22:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\DVDVideoSoft
[2010.01.02 19:13:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\FreeVideoConverter
[2007.12.11 23:21:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\gtk-2.0
[2005.09.14 12:35:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Help
[2004.08.18 13:23:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Identities
[2005.09.11 23:49:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\InterVideo
[2005.08.31 14:28:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Jasc Software Inc
[2005.09.24 01:20:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Kazaa Lite
[2010.12.10 08:14:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Kyty
[2007.08.02 20:46:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Lavasoft
[2005.09.05 17:19:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Leadertech
[2005.09.23 12:53:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Macromedia
[2007.12.01 18:59:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\MAGIX
[2009.05.24 14:43:02 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Microsoft
[2009.06.30 15:34:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Move Networks
[2009.02.28 20:35:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Mozilla
[2005.10.24 00:39:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\NetMedia Providers
[2011.01.13 18:09:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Netpad
[2008.04.24 09:35:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Nokia
[2010.12.21 21:43:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Ocdem
[2006.07.11 00:35:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\OD2
[2010.11.07 16:16:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Opdac
[2010.06.26 20:08:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\OpenOffice.org
[2010.12.15 20:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Opmyci
[2009.07.24 12:45:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Panasonic
[2008.04.28 00:29:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\PC Suite
[2005.12.06 21:43:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\phonostar-Player
[2005.10.24 00:39:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Publish Providers
[2010.12.10 08:14:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Qida
[2006.10.07 23:51:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Real
[2010.12.05 02:47:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Rymea
[2010.12.16 23:28:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Skype
[2010.12.16 23:27:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\skypePM
[2005.09.05 17:20:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Sonic
[2005.10.24 00:39:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Sonic Foundry
[2007.12.01 21:26:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Sony
[2007.12.01 18:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Sony Setup
[2005.08.31 14:19:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Sun
[2005.09.05 15:55:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Symantec
[2005.09.23 13:22:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Talkback
[2010.07.22 19:51:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\teamspeak2
[2008.02.27 13:23:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Tobit
[2011.01.13 18:09:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\TrusteerHelp
[2010.05.14 03:34:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\TS3Client
[2010.11.11 03:20:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Tuhye
[2010.12.23 16:28:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Uniblue
[2005.12.22 10:34:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\uTorrent
[2006.12.18 05:07:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\vlc
[2008.07.29 18:41:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Webcammax
[2006.01.29 00:45:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Webroot
[2007.12.03 23:52:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\WinRAR
[2008.01.22 18:11:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Yahoo!
[2008.12.25 01:23:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Zylom
 
< %APPDATA%\*.exe /s >
[2009.05.13 04:01:28 | 000,147,968 | ---- | M] (Macromedia, Inc.) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Kyty\wuri.exe
[2011.01.25 19:11:48 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2009.10.05 11:05:27 | 000,010,398 | R--- | M] () -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Microsoft\Installer\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}\_6FA99008F6BBB97A091E2D.exe
[2009.10.05 11:05:27 | 000,025,214 | R--- | M] () -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Microsoft\Installer\{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}\_E38944F26F8D876B004311.exe
[2009.06.09 11:59:08 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.01.25 17:26:55 | 000,279,552 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Netpad\twaind3d.exe
[2007.12.01 18:27:36 | 052,770,576 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Sony Setup\64993CD0-67D1-4244-A2BC-FD73F4DA5B62\dotnetfx3.exe
[2011.01.17 18:14:17 | 000,113,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\TrusteerHelp\spuninst.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.08.25 16:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.08.25 16:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004.08.04 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.08.25 16:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.08.25 16:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\i386\eventlog.dll
[2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2004.08.04 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 14:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=E98439A61C31BE2F10BC5F69070E462E -- C:\WINDOWS\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2005.04.25 13:28:14 | 000,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\Drivers\STORAGE\SATA\ONBOARD\iaStor.sys
[2005.04.25 13:28:14 | 000,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\i386\iaStor.sys
[2005.04.25 13:28:14 | 000,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\WINDOWS\system32\drivers\iaStor.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\i386\netlogon.dll
[2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\i386\scecli.dll
[2004.08.04 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 19:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll
[2007.03.08 16:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 19:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2004.08.04 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\i386\user32.dll
[2004.08.04 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll
[2007.03.08 16:48:39 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 03:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\i386\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\i386\winlogon.exe
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=D9ABB6EA254FD611A5A4F636ADD32B30 -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 03:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\i386\ws2ifsl.sys
[2004.08.04 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2004.08.18 13:11:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004.08.18 13:11:04 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004.08.18 13:11:04 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 03:22:09 | 000,357,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2008.04.14 03:22:09 | 000,205,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[2008.04.14 03:22:31 | 000,003,584 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\kb.dll
[24 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 319 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 121 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8

< End of report >
--- --- ---

markusg 25.01.2011 20:07
• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

:OTL
[2011.01.04 12:09:07 | 000,000,000 | ---D | C] -- C:\Programme\xerox
[2011.01.04 12:09:07 | 000,000,000 | ---D | C] -- C:\Programme\Parasol

:Files
C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Netpad
C:\Programme\SVoTnYXaÀ–Í”Ëxcmnvmwk.exe
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
öffne arbeitsplatz, c: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
lade das archiv in unserem upload channel hoch.
http://www.trojaner-board.de/54791-a...ner-board.html

Zickenalarm 25.01.2011 20:20
Erstmal hier das Textdokument:

Zitat:
All processes killed
========== OTL ==========
Folder move failed. C:\Programme\xerox\nwwia scheduled to be moved on reboot.
Folder move failed. C:\Programme\xerox scheduled to be moved on reboot.
C:\Programme\Parasol\MWManager folder moved successfully.
C:\Programme\Parasol folder moved successfully.
========== FILES ==========
C:\Dokumente und Einstellungen\Duy\Anwendungsdaten\Netpad folder moved successfully.
C:\Programme\SVoTnYXaÀ–Í”Ëxcmnvmwk.exe folder moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 662 bytes

User: All Users

User: Default User

User: Duy
->Flash cache emptied: 22924 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 26627005 bytes
->Temporary Internet Files folder emptied: 393216 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Duy
->Temp folder emptied: 1766450 bytes
->Temporary Internet Files folder emptied: 15150389 bytes
->Java cache emptied: 59291001 bytes
->FireFox cache emptied: 46682359 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 4932207 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 119561172 bytes

%systemdrive% .tmp files removed: 14 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 13726559 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1815 bytes
RecycleBin emptied: 50824249 bytes

Total Files Cleaned = 323,00 mb


OTL by OldTimer - Version 3.2.20.5 log created on 01252011_201259

Files\Folders moved on Reboot...
Folder move failed. C:\Programme\xerox\nwwia scheduled to be moved on reboot.
Folder move failed. C:\Programme\xerox\nwwia scheduled to be moved on reboot.
Folder move failed. C:\Programme\xerox scheduled to be moved on reboot.
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\SCEM4KC2\addyn_3.0_247.0_2291435_0_-1_ADTECH;alias=mikes-pchilfe.de-community-300x250;size=300x250;cookie=info;loc=100;target=_blank;key=cpu%20100%25%20services[1] not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\SCEM4KC2\addyn_3.0_247.0_2291435_0_-1_ADTECH;alias=mikes-pchilfe.de-community-728x90;size=728x90;cookie=info;loc=100;target=_blank;key=cpu%20100%25%20services[1] not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\SCEM4KC2\a_hid=1957275594&ga_fc=0&u_tz=60&u_his=4&u_java=1&u_h=768&u_w=1024&u_ah=738&u_aw=1024&u_cd=32&u_nplug=0&u_nmime=0&biw=1007& bih=610&ifk=2854457133&eid=33895209&fu=4&ifi=1&dtd=281 not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\SCEM4KC2\ra=ZZ3S56NDP12WCWRI4BWEPJT29XFN2SJT&cookie=GN9FA5DVEX4VEZPWO5YT0UDQX43M2TUI&vid=-1&meta=&alias=scareware[1].html&screen=1024x768&localtime=18%3A53 not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\RYN6UZKK\&ga_hid=527333081&ga_fc=0&u_tz=60&u_his=7&u_java=1&u_h=768&u_w=1024&u_ah=738&u_aw=1024&u_cd=32&u_nplug=0&u_nmime=0&biw=1007 &bih=610&ifk=2854457133&eid=33895208&fu=4&ifi=1&dtd=62 not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\PCQ99E97\addyn_3.0_247.0_2291435_0_-1_ADTECH;alias=mikes-pchilfe.de-community-728x90;size=728x90;cookie=info;loc=100;target=_blank;key=cpu%20100%25%20services[1] not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\PCQ99E97\a_hid=1607284279&ga_fc=0&u_tz=60&u_his=3&u_java=1&u_h=768&u_w=1024&u_ah=738&u_aw=1024&u_cd=32&u_nplug=0&u_nmime=0&biw=1007& bih=610&ifk=2854457133&eid=33895208&fu=4&ifi=1&dtd=625 not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\PCQ99E97\ga_hid=1707784932&ga_fc=0&u_tz=60&u_his=4&u_java=1&u_h=768&u_w=1024&u_ah=738&u_aw=1024&u_cd=32&u_nplug=0&u_nmime=0&biw=1007 &bih=610&ifk=2854457133&eid=33895209&fu=4&ifi=1&dtd=78 not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\6YNA7KLI\addyn_3.0_247.0_2291435_0_-1_ADTECH;alias=mikes-pchilfe.de-community-728x90;size=728x90;cookie=info;loc=100;target=_blank;key=cpu%20100%25%20services[1] not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\6YNA7KLI\addyn_3.0_247.0_2291435_0_-1_ADTECH;alias=mikes-pchilfe.de-community-728x90;size=728x90;cookie=info;loc=100;target=_blank;key=cpu%20100%25%20services[2] not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\6YNA7KLI\a_hid=1007556367&ga_fc=0&u_tz=60&u_his=5&u_java=1&u_h=768&u_w=1024&u_ah=738&u_aw=1024&u_cd=32&u_nplug=0&u_nmime=0&biw=1007& bih=610&ifk=2854457133&eid=33895209&fu=4&ifi=1&dtd=203 not found!
File\Folder C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\Temporary Internet Files\Content.IE5\6YNA7KLI\a_hid=1215436230&ga_fc=0&u_tz=60&u_his=4&u_java=1&u_h=768&u_w=1024&u_ah=738&u_aw=1024&u_cd=32&u_nplug=0&u_nmime=0&biw=1007& bih=610&ifk=2854457133&eid=33895208&fu=4&ifi=1&dtd=125 not found!
C:\Dokumente und Einstellungen\Duy\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KXYFGT2J\CA5ST6I4.htm moved successfully.
C:\Dokumente und Einstellungen\Duy\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KXYFGT2J\CAZEPH80.htm moved successfully.
C:\Dokumente und Einstellungen\Duy\Lokale Einstellungen\Temporary Internet Files\Content.IE5\45Y3KDYV\CAABODIN.htm moved successfully.
C:\Dokumente und Einstellungen\Duy\Lokale Einstellungen\Temporary Internet Files\Content.IE5\45Y3KDYV\CAS5IBOH.htm moved successfully.

Registry entries deleted on Reboot...
und die moved files kommen gleich

markusg 25.01.2011 20:27
ok, jetzt müsst ihr überlegen, da ihr bei ebay einkauft, sollte an auf nummer sicher gehen und neu machen, wir können ne bereinigung versuchen, die ist aber mit nem gewissen restrisiko behaftet.

Zickenalarm 25.01.2011 20:30
Okay, ich bespreche das später mal mit meiner Freundin und meinem Bruder.. Wir benutzen zu dritt den PC und dementsprechend ist auch von jedem etwas dabei!
Womit haben wir bei einer Neuaufsetzung zu rechnen? Daten, Fotos, Videos etc. alles weg? Was ist mit "Restrisiko" gemeint?
Lässt sich eine solche Bereinigung schnell durchführen und unkompliziert? Wenn nicht müsste das mein Bruder machen..

moved files.rar wurde hochgeladen..

Tausend Dank

markusg 25.01.2011 20:36
ihr könnt daten sichern auf externen festplatten, usb sticks und rolingen. die partition c: muss frei geräumt werden, vorher muss autorun ausgeschalten werden.
Tipparchiv - Autorun/Autoplay gezielt für Laufwerkstypen oder -buchstaben abschalten - WinTotal.de
eine reinigung dauert ungefähr genauso lange wie ein neu aufsetzen, dass hängt von mehreren faktoren ab.
restrisiko bedeutet, dass versteckte komponennten instaliert worden sein können und systemenderungen vorgenommen worden sein können, die nicht mehr nachvollziebar sind, dadurch kann das system in zukunft instabiel laufen.

Zickenalarm 25.01.2011 20:47
Okay, erstmal eine Bereinigung.. Wärst du so lieb und hilfst dabei?
Falls es schief geht, kann ja immer noch neu aufgesetzt werden :)

markusg 25.01.2011 20:53
ok aber wie gesagt der pc ist auch danach nicht für ebay amazon oder sonst etwas in der art geeignet.

bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Zickenalarm 25.01.2011 21:17
So, hab das jetzt mal alles haargenau befolgt - hier das Script:

Combofix Logfile:
Code:
ComboFix 11-01-24.02 - Duy 25.01.2011  21:02:31.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.2046.1619 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\Duy\Desktop\ComboFix.exe
AV: AntiVir PersonalEdition Classic Virenschutz *Disabled/Updated* {81515A7C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Disabled/Updated* {815B4A4C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Disabled/Updated* {816FCDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Disabled/Updated* {819628BC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Disabled/Updated* {81A089F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Disabled/Updated* {81A53B44-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Disabled/Updated* {81A76054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Disabled/Updated* {81AFB7F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Disabled/Updated* {81B37054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Outdated* {00000000-0000-0000-0000-000000000000}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {000000E1-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {00000202-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {00000246-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {804FF086-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8142164C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81421904-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81425314-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81425C44-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8142641C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81426DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81428054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81428DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8142A07C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8142A23C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8142ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8142BC1C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8142D054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8142F054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81430BEC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81431AFC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81432DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814332C4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8143345C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81434054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8143447C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81434DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81435A74-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81435DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81436054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814368EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81438DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81439664-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81439764-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8143A2A4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8143B054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8143B4CC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8143DB6C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8143E054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8143FB64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814407BC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81441564-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8144390C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81445DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81446DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81446DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81448DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81449DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8144B69C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8144D924-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8145066C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81451A3C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8145453C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814551DC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81455504-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81458054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8145963C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8145CB64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8145E3A4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81461574-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81463CA4-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81468B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81469A1C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8146A5D4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8146ADDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8146DC54-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8146E404-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8146EB1C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8147250C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81475054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81475054-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81475AE4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81477054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81477CA4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81478054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81479DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8147D864-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8147F7BC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81480B34-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81481384-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81482B04-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81483458-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8148376C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81483DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8148648C-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814867B4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8148779C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8148AB64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8148ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81490DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81494614-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81494DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8149524C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81495DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814982BC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8149DD9C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814A231C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814A384C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814A609C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814A9AC4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814A9DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814ABDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814AC89C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814AEDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814B0BFC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814B439C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814B7A5C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814BA054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814BA7A4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814BB054-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814BB66C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814BD304-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814BD824-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814BE054-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814C280C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814C2DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814C3584-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814C385C-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814C3B8C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814C45A4-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814C480C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814C9054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814CB41C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814CBDDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814CC304-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814CDB8C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814CF054-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814D039C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814D0CA4-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814D3494-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814D4ACC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814D657C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814D9054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814DAA24-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814DD5D4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814DD6D4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814DF054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814E32EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814E59F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814EA374-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814EA9F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814EB054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814EBDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814ECDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814EFDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814F0054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814F0B0C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814F33BC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814F34A4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814F48EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814F7054-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814F766C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814F8DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814F95EC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814FA31C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814FBDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814FC9EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814FCB84-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814FD30C-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814FECBC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {814FEDDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8150337C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81503D04-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81505AFC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815063FC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8150644C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81509564-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8150A1BC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8150B054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8150BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8150C664-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815118EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81511D24-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81512054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815127F4-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815128F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81512C04-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81514054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815155F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8151766C-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81517BC4-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8151A054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8151A054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8151A5C4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8151C9BC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815207B4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81521CFC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81522054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81522B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81523054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81524DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81526434-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81527054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8152751C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815289BC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81529A34-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8152A634-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8152AD44-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8152C69C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8152CCBC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8152D054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8152D374-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8152D74C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8152E554-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8152EB64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81530ACC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81534234-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81534DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81535464-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81535784-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81536054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8153738C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81538244-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81538C04-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8153ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8153C054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8153C97C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8153DCE4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8153DDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8153F644-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8153F67C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8154084C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81541AEC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81542B64-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81544B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81547D84-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81548DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81549DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8154A8CC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8154C054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8154D424-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8154E994-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81551DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81552054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815542CC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81554D7C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815551AC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815552E4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815565E4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81556DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81557054-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81557A0C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815583F4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81558B5C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8155AAA4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8155C21C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8155DDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8155EBAC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81562384-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81563DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81564DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815654B4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81567B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81568754-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81569DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8156BBD4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8156CC44-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8156E7AC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8156F054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8156F37C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8156F81C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8156F8A4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81570274-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81570DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81571DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81572DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81573DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81574514-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81574844-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81574DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815778C4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81577D24-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815781EC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81578B64-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81578DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81579514-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157A6B4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157A9BC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157ADDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157BB64-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157C054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157C054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157CB04-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157DAEC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157DB04-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157E6BC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8157FDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81580DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81582DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8158389C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8158452C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81584DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81585434-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8158755C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81587DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8158AAAC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8158F804-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81590054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8159069C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8159135C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81591DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81592054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815925A4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81596CAC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81598D84-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8159ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8159DB64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8159E4BC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8159F95C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A02EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A08DC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A1ABC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A2DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A2DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A3054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A3B8C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A4054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A53F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A7DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815A9DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815AA054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815ABB64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815AF674-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815AF7D4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815AFDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815B1054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815B15FC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815B1D9C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815B1DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815B2A44-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815B4054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815B5874-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815B5A14-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815B6054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815B8054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815BADDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815BADDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815BC644-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815BE8E4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815C0054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815C1BFC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815C1DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815C3DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815C68DC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815C6B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815C7DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815CADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815CC5EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815CD4F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815CED44-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815CF3FC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D0054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D1020-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D1D1C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D2DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D3334-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D367C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D3A34-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D3B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D6054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D69E4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D7434-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815D7CE4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815DA4BC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815DA874-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815DBB64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815DD054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815DD6BC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815DE814-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815E03FC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815E08FC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815E0DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815E1DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815E2424-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815E2DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815E4834-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815E4D3C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815E6DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815E8DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815EB92C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815EBC4C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815EC4FC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815EF054-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F12EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F5B54-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F6624-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F6A5C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F6B64-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F6CEC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F8054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F86CC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F89A4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F8A64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815F9DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815FA604-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815FADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815FBAAC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815FD20C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815FD41C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815FD664-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815FFA2C-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {815FFDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816008FC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81602DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816034AC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816038F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81604B24-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81604D44-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8160788C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81608A6C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81608DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8160AAA4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8160BB84-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8160CC44-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8160CDAC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8160DDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8160E604-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8160F2BC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81611594-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816124C4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816138BC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81614584-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8161490C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81616724-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81617054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81617DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8161ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8161BC84-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8161CDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8161E054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8161E424-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8161E48C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8161F794-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81621B34-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81623DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816257C4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8162779C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8162BB64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8163138C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81631564-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81632614-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816326BC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81639794-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81639894-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8163A4EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8163D054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81645354-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81647A14-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8164986C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8164A994-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8164D054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8164D654-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8164F49C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8164F9AC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8164FA74-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81651054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816511D4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81653DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816569FC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816583F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8165A674-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8165C9A4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81661DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8166768C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8166B8EC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8166F054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816748E4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81674B5C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81678744-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81678874-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81679054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8167AA4C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8167CCBC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8167F304-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8167F414-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8168048C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81682A4C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81687564-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8168A4DC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8168B6FC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8168F054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8168F824-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81698054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81699054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8169AB64-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816A9CCC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816D4794-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816DB054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816DBB74-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816DE904-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816EA334-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816EA6C4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {816ED054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8172A5EC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81733D7C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81751054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817525B4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817618EC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8176BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81770804-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817726D4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81773054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81773564-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81776054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8177C78C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8177DB64-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8178333C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81798054-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8179F054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817A8054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817BDDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817BEDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817C5264-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817D1554-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817DE054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817E7B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817EBA2C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {817EC6C4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8180A8F4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81825B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8184B794-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8187A714-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8188D054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {818A9DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {818B5C6C-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {818D5054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {818E57D4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {818EC7E4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {818EDB54-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {818EFD9C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8190BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8190C3BC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8192CC54-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8192FDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81930C0C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819416BC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81945524-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81947054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81950CE4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81957DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81960B7C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81960CE4-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81960DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8196676C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8196792C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81970684-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81972DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8197CDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8197D41C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8197EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8197F84C-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8198AD44-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8198C054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8198C6FC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8198C7EC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8198DB6C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8198E4FC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {8198E714-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819939D4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81996CAC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81997654-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819982AC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819B14D4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819B5054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819BBCF4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819C4B14-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819C5B14-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819C5CA4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819C63B4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819C77FC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819CA854-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819CB5DC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819D0A94-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819D3DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819D6C6C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819D842C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819DB054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819DBB64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819E2DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819E767C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819FC9A4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {819FE64C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A0179C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A069F4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A0E054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A13054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A19B64-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A1CCC4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A20DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A23B14-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A2BBFC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A2D054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A33B64-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A3E5E4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A4683C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A4A71C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A51ADC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A51DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A52744-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A63204-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A6349C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A7B52C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A7F144-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A7FA6C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A80D74-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A8336C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A84734-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A86AFC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A8AD74-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A8C8EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A8F054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A94DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A99054-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81A9EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AA1AFC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AA4DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AAA2A4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AC285C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81ACF55C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AD6A2C-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AE57FC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AE9654-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AF2A54-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AF4A74-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AFADDC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81AFE724-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B00CAC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B0470C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B079BC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B0AA4C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B0BC9C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B0CA4C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B0E61C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B0FD74-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B1CA6C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B1EC4C-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B21DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B2B47C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B38DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B3BDDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B461B4-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B47A64-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {81B490FC-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {825A7D24-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {825D10E8-FFA4-00DE-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {BADB0D00-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {BADB0D00-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FCFBF054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FD00E054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FEA51114-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF38CBAC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF3B62A4-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF3C273C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF3CB4CC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF3E7C34-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF418CFC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF46D97C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF46E5F4-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF4C4774-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF5149EC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF526A8C-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF528DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF5BB054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF5F7364-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF60EB24-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF634D7C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF682DDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF6BAD44-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF76F054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF792B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF82EDDC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF84E904-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF8C7054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF9B4B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF9BFDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF9D0B64-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FF9D0DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FFA796A4-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FFB214DC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FFB47CCC-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FFB59A54-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FFB6127C-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FFB6D054-FFA4-00EF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FFB862BC-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FFB9C3F4-FFA4-0100-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virenschutz *Enabled/Updated* {FFDFF540-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\dokumente und einstellungen\All Users\Anwendungsdaten\sysReserve.ini
c:\dokumente und einstellungen\Duy\Anwendungsdaten\addon.dat
c:\dokumente und einstellungen\Duy\Anwendungsdaten\Atfey
c:\dokumente und einstellungen\Duy\Anwendungsdaten\Atfey\dydor.obr
c:\dokumente und einstellungen\Duy\Anwendungsdaten\Atfey\dydor.tmp
c:\dokumente und einstellungen\Duy\Anwendungsdaten\avdrn.dat
c:\dokumente und einstellungen\Duy\Anwendungsdaten\desktop.ini
c:\dokumente und einstellungen\Duy\Anwendungsdaten\Kyty
c:\dokumente und einstellungen\Duy\Anwendungsdaten\Kyty\wuri.exe
c:\dokumente und einstellungen\Duy\Anwendungsdaten\Qida
c:\dokumente und einstellungen\Duy\Anwendungsdaten\Qida\opisp.rau
c:\programme\Internet Explorer\complete.dat
c:\programme\Internet Explorer\dmlconf.dat
c:\programme\Mozilla Firefox\plugins\npclntax.dll
c:\windows\daemon.dll
c:\windows\regedit.com
c:\windows\smdat32m.sys
c:\windows\ST6UNST.000
c:\windows\system32\drivers\etc\host1
c:\windows\system32\H8SRTpqlnvkvpmx.dat
c:\windows\system32\kazaabackupfiles
c:\windows\system32\kb.dll
c:\windows\system32\krl32mainweq.dll
c:\windows\system32\srcr.dat
c:\windows\system32\STEC3.sys
c:\windows\system32\taskmgr.com
c:\windows\system32\twunk_32.exe

Infizierte Kopie von c:\windows\system32\winlogon.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\ServicePackFiles\i386\winlogon.exe wurde wiederhergestellt

Infizierte Kopie von c:\windows\explorer.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\ServicePackFiles\i386\explorer.exe wurde wiederhergestellt

.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_H8SRTd.sys
-------\Legacy_STEC3
-------\Service_H8SRTd.sys
-------\Service_STEC3


(((((((((((((((((((((((  Dateien erstellt von 2010-12-25 bis 2011-01-25  ))))))))))))))))))))))))))))))
.

2011-01-25 19:12 . 2011-01-25 19:20        --------        d-----w-        C:\_OTL
2011-01-25 18:11 . 2011-01-25 18:11        388096        ----a-r-        c:\dokumente und einstellungen\Duy\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-25 18:11 . 2011-01-25 18:11        --------        d-----w-        c:\programme\hijacker
2011-01-18 17:31 . 2009-10-01 01:22        49904        ----a-r-        c:\windows\system32\drivers\BVRPMPR5.SYS
2011-01-13 17:09 . 2011-01-13 17:09        --------        d-----w-        c:\dokumente und einstellungen\Duy\Anwendungsdaten\TrusteerHelp
2011-01-10 13:48 . 2011-01-25 16:24        29996        ---h--w-        c:\dokumente und einstellungen\Duy\Anwendungsdaten\ntuser.dat
2011-01-04 12:23 . 2011-01-12 22:34        --------        d-----w-        c:\programme\CCleaner
2011-01-04 12:19 . 2010-11-02 15:17        40960        ------w-        c:\windows\system32\dllcache\ndproxy.sys
2011-01-04 11:09 . 2011-01-04 11:09        --------        d-----w-        c:\windows\system32\wbem\Repository
2011-01-04 11:09 . 2011-01-04 11:09        --------        d-----w-        c:\programme\Kate's Video Cutter
2011-01-04 11:09 . 2011-01-04 11:09        --------        d--h--w-        c:\programme\Creative Installation Information
2011-01-04 11:09 . 2011-01-04 11:09        --------        d-----w-        c:\programme\Creative
2011-01-04 11:09 . 2011-01-04 11:09        --------        d-----w-        c:\programme\AviSynth 2.5
2011-01-04 11:09 . 2011-01-04 11:09        --------        d-----w-        c:\programme\Alwil Software
2011-01-04 11:09 . 2011-01-04 11:09        --------        d-----w-        C:\Hotspot Shield
2011-01-04 11:07 . 2011-01-04 11:07        --------        d-----w-        c:\programme\StarCraft II Beta

.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2004-08-18 12:17        86016        ----a-w-        c:\windows\system32\isign32.dll
2010-11-09 14:51 . 2004-08-18 12:05        249856        ----a-w-        c:\windows\system32\odbc32.dll
2010-11-05 05:04 . 2004-08-18 12:05        672768        ----a-w-        c:\windows\system32\wininet.dll
2010-11-05 05:04 . 2004-08-18 12:05        61952        ----a-w-        c:\windows\system32\tdc.ocx
2010-11-05 05:04 . 2004-08-18 12:05        81920        ----a-w-        c:\windows\system32\ieencode.dll
2010-11-05 05:02 . 2004-08-18 12:05        371200        ----a-w-        c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-18 12:05        40960        ----a-w-        c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:12 . 2004-08-18 12:05        290048        ----a-w-        c:\windows\system32\atmfd.dll
2004-07-03 20:09 . 2006-01-30 04:23        140800        ----a-w-        c:\programme\mozilla firefox\plugins\al2np.dll
2006-05-03 10:06        163328        --sh--r-        c:\windows\system32\flvDX.dll
2007-02-21 11:47        31232        --sh--r-        c:\windows\system32\msfDX.dll
2008-03-16 13:30        216064        --sh--r-        c:\windows\system32\nbDX.dll
.

((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 339968]
"ISUSScheduler"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" [2006-03-20 86960]
"IAAnotif"="c:\programme\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-04-25 139264]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"avgnt"="c:\programme\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-30 344064]
"a-winpoet-service"="c:\programme\WinPoET Broadband Connection\winpppoverethernet.exe" [2003-05-29 299008]
"LogitechCommunicationsManager"="c:\programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-09-08 421888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]
@="Service"

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Speed Launch.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Synchronizer.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^InterVideo WinCinema Manager.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Duy^Startmenü^Programme^Autostart^Xfire.lnk]
path=c:\dokumente und einstellungen\Duy\Startmenü\Programme\Autostart\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\Programme
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\programme\Craps
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\programme\Craps\Anti Virus & Firewallz
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\programme\Craps\Anti Virus & Firewallz\Spybot - Search & Destroy

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVGCtrl]
2005-11-03 15:55        180327        ----a-w-        c:\programme\Craps\Anti Virus & Firewallz\Anit Virus\AVGNT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-08-20 19:45        1164584        ----a-w-        c:\programme\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-25 12:02        136176        ----atw-        c:\dokumente und einstellungen\Duy\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-24 01:10        421160        ----a-w-        c:\programme\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2007-10-25 15:37        2178832        ----a-w-        c:\programme\Logitech\QuickCam\Quickcam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdcamon]
2007-03-05 20:40        20480        ----a-w-        c:\programme\Lexmark 1300 Series\lxdcamon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 14:44        3883840        ----a-w-        c:\programme\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50        155648        ----a-w-        c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-18 14:28        1242448        ----a-w-        c:\programme\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-11 13:21        246504        ----a-w-        c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Games\\Warcraft III\\Warcraft III.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Steam\\Steam.exe"=
"c:\\Programme\\Games\\Warcraft III\\Frozen Throne.exe"=
"c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\config\\systemprofile\\Anwendungsdaten\\xssend2\\svcnost.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:wc 6112
"6113:TCP"= 6113:TCP:wc 6113
"6114:TCP"= 6114:TCP:wc 6114
"6115:TCP"= 6115:TCP:wc 6115
"6116:TCP"= 6116:TCP:wc 6116
"6117:TCP"= 6117:TCP:wc 6117
"6118:TCP"= 6118:TCP:wc 6118
"6119:TCP"= 6119:TCP:wc 6119
"6112:UDP"= 6112:UDP:udp 6112
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"6113:UDP"= 6113:UDP:udp 6113
"6114:UDP"= 6114:UDP:udp 6114
"6115:UDP"= 6115:UDP:udp 6115
"6116:UDP"= 6116:UDP:udp 6116
"6117:UDP"= 6117:UDP:udp 6117
"6118:UDP"= 6118:UDP:udp 6118
"6119:UDP"= 6119:UDP:udp 6119

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [02.02.2006 22:10 22360]
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [07.12.2005 11:20 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [07.12.2005 11:20 5248]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [23.12.2009 23:55 64288]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [02.02.2006 22:10 45400]
R2 lxdc_device;lxdc_device;c:\windows\system32\lxdccoms.exe -service --> c:\windows\system32\lxdccoms.exe -service [?]
R2 lxdcCATSCustConnectService;lxdcCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdcserv.exe [30.04.2007 21:04 99248]
R2 TopWinPoETDriver;WinPoET PPPoE Optimized Driver;c:\windows\system32\drivers\WrKPoET2000.sys [14.09.2005 12:31 53334]
R3 WrKPoET2000;WrKPoET2000;c:\programme\WinPoET Broadband Connection\WrKPoET2000.sys [14.09.2005 12:31 53334]
R3 WRSWanDD;iVasion PoET Adapter;c:\windows\system32\drivers\WrKPoETNic2000.sys [14.09.2005 12:31 65604]
S0 tffsport;M-Systems DiskOnChip-2000;c:\windows\system32\drivers\tffsport.sys [16.10.2007 21:55 149376]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\programme\Lavasoft\Ad-Aware\AAWService.exe" --> c:\programme\Lavasoft\Ad-Aware\AAWService.exe [?]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.sys [29.11.2005 23:26 25244]
S3 Fadpu16E;Fadpu16E;\??\c:\dokume~1\Duy\LOKALE~1\Temp\Fadpu16E.sys --> c:\dokume~1\Duy\LOKALE~1\Temp\Fadpu16E.sys [?]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [20.05.2009 22:12 28672]
S4 wuaPCDD;wuaPCDD; [x]
.
Inhalt des "geplante Tasks" Ordners

2011-01-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2005-09-06 c:\windows\Tasks\ISP-Anmeldungserinnerung 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-08-18 02:22]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de/
mStart Page = hxxp://www.euro.dell.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Add to Windows &Live Favorites - hxxp://favorites.live.com/quickadd.aspx
FF - ProfilePath - c:\dokumente und einstellungen\Duy\Anwendungsdaten\Mozilla\Firefox\Profiles\0ndhfipc.Default User\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.de
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Move Media Player: moveplayer@movenetworks.com - %profile%\extensions\moveplayer@movenetworks.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKCU-Run-Dvdmod - c:\dokumente und einstellungen\Duy\Anwendungsdaten\Netpad\twaind3d.exe
MSConfigStartUp-BLASC - c:\programme\Games\World of Warcraft\BLASC\BLASC.exe
MSConfigStartUp-TeaTimer - c:\programme\Craps\Anti Virus & Firewallz\Spybot - Search & Destroy\TeaTimer.exe
MSConfigStartUp-DAEMON Tools-1033 - c:\programme\Craps\D-Tools\daemon.exe
MSConfigStartUp-Dvdmod - c:\dokumente und einstellungen\Duy\Anwendungsdaten\Netpad\twaind3d.exe
MSConfigStartUp-ICQ Lite - c:\programme\Craps\ICQLite\ICQLite.exe
MSConfigStartUp-NetPumper - c:\programme\NetPumper\NetPumperIEProxy.exe
MSConfigStartUp-SpybotSD TeaTimer - c:\programme\Craps\Anti Virus & Firewallz\Spybot - Search & Destroy\TeaTimer.exe
MSConfigStartUp-SpySweeper - c:\programme\Webroot\Spy Sweeper\SpySweeper.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-01-25 21:09
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'explorer.exe'(7132)
c:\programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll
c:\programme\Windows Media Player\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\programme\AntiVir PersonalEdition Classic\sched.exe
c:\programme\AntiVir PersonalEdition Classic\avguard.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Intel\Intel Matrix Storage Manager\iaantmon.exe
c:\programme\Java\jre6\bin\jqs.exe
c:\programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\lxdccoms.exe
c:\programme\WinPoET Broadband Connection\WrOS.EXE
c:\windows\stsystra.exe
c:\windows\system32\rundll32.exe
c:\programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-01-25  21:15:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-01-25 20:15

Vor Suchlauf: 14 Verzeichnis(se), 26.912.546.816 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 26.847.657.984 Bytes frei

WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
[spybotsd]
timeout.old=30

- - End Of File - - A0ACB2215AFEB3425131B6B39656FD0E
--- --- ---

markusg 25.01.2011 21:23
rechtsklick avira schirm, guard deaktivieren.
öffne dann arbietsplatz c: dort rechtsklick auf qoobox und im upload channel hochladen.
danach weiter:
download malwarebytes:
Malwarebytes
instalieren, öffnen, registerkarte aktualisierung, programm updaten.
schalte alle laufenden programme ab, trenne die internetverbindung.
registerkarte scanner, komplett scan, funde entfernen, log posten.

Zickenalarm 25.01.2011 22:21
So, beim ersten Mal ist Malwarebytes bei 28:40 mins abgeschmiert, starte grad einen neuen Versuch.. Wenns heute nix mehr wird dann probier ich's morgen nochmal.. Du armer Kerl hast bestimmt auch deine Ruhezeiten :)

Edit:
Habs doch hinbekommen :)
Jetzt aber:

Zitat:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5600

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

25.01.2011 23:08:09
mbam-log-2011-01-25 (23-08-08).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 257339
Laufzeit: 1 Stunde(n), 0 Minute(n), 58 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 16

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.1.8 (Trojan.AntiLeechPlugin) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP12\A0014481.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP12\A0014482.exe (Trojan.Zbot) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP15\A0014764.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP16\A0014849.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP17\A0014916.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP18\A0014995.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP20\A0015089.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP22\A0015227.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP9\A0012355.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP9\A0012363.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP9\A0012365.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP9\A0012354.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\system volume information\_restore{08a5f15b-d5f0-4d17-893d-8b358608dcf6}\RP9\A0012559.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\anwendungsdaten\xssend2\svcnost.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\networkservice\anwendungsdaten\abpzlw.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\anwendungsdaten\abpzlw.dat (Malware.Trace) -> Quarantined and deleted successfully.


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:39 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55