Avira Antivir updatet nicht mehr / hohe CPU-Auslastung

lrisch · 23.10.2011, 16:51

Hi,

mein Avira Antivir updatet nicht mehr automatisch, auch manuelle Updates scheinen nicht zu funktionieren (Programm zeigt "rot" und "unsicher" an). Seit einigen Wochen kommt mir der PC außerdem langsamer vor, außerdem recht hohe CPU-Auslastung.

Hier ist das OTL-File und im Anhang das Extras.txt. Besten Dank!

OTL logfile created on: 22.10.2011 16:46:56 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1023,48 Mb Total Physical Memory | 287,75 Mb Available Physical Memory | 28,11% Memory free
2,40 Gb Paging File | 1,54 Gb Available in Paging File | 64,28% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 186,31 Gb Total Space | 41,52 Gb Free Space | 22,29% Space Free | Partition Type: NTFS
Drive D: | 186,31 Gb Total Space | 186,12 Gb Free Space | 99,90% Space Free | Partition Type: NTFS
Drive E: | 683,92 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: WOODSTOCK | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.10.22 16:46:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\OTL(1).exe
PRC - [2011.09.23 18:08:16 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.09.23 18:01:05 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.09.23 11:38:18 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.09.16 02:34:40 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.09.05 15:46:50 | 000,362,200 | ---- | M] (facemoods.com) -- C:\Programme\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
PRC - [2011.06.14 07:34:02 | 001,703,936 | ---- | M] (Ascentive LLC) -- C:\Programme\Ascentive\PC Prima\PCPrima.Exe
PRC - [2011.04.28 09:59:58 | 000,220,552 | ---- | M] (Geek Software GmbH) -- C:\Programme\pdf24\pdf24.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2011.01.05 12:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.10.29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.04.28 23:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG) -- C:\Programme\Free Download Manager\fdm.exe
PRC - [2010.03.23 14:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010.03.17 02:58:44 | 002,162,688 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe
PRC - [2010.02.28 05:45:02 | 005,344,807 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe
PRC - [2010.02.20 14:15:02 | 000,352,256 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Programme\Privoxy\privoxy.exe
PRC - [2009.04.14 11:50:26 | 000,487,992 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe
PRC - [2009.02.26 16:12:34 | 000,053,248 | ---- | M] (HP) -- C:\Programme\Hp\ToolboxFX\bin\HPTLBXFX.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.08 17:44:58 | 000,036,864 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\hppusg.exe
PRC - [2005.11.28 22:09:38 | 000,180,269 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
PRC - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [1998.11.10 15:47:30 | 000,019,968 | ---- | M] (TEXTware A/S) -- C:\Programme\TEXTware\HotKey\TWALINK.EXE

========== Modules (No Company Name) ==========

MOD - [2011.10.15 02:22:58 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\24331b719aa25ac2b21099e32232840c\Microsoft.VisualBasic.ni.dll
MOD - [2011.10.15 02:15:49 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
MOD - [2011.10.15 02:15:13 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\36bf3d5f05a40c9e3cadca5789c8a469\System.Runtime.Remoting.ni.dll
MOD - [2011.10.15 02:14:33 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.d ll
MOD - [2011.10.15 02:14:30 | 001,801,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\cc5ac99e8af2738e85cda5525fdd944f\System.Deployment.ni.dll
MOD - [2011.10.15 02:14:04 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.15 02:11:30 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.10.12 22:38:04 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.12 22:37:37 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.12 22:36:32 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.12 22:32:59 | 014,328,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\054488924fcc579cce9fa0209dafe28b\PresentationFramework.ni.dll
MOD - [2011.10.12 22:29:59 | 012,215,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll
MOD - [2011.10.12 22:29:12 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll
MOD - [2011.10.12 22:29:01 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.12 22:28:33 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.09.16 02:05:58 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011.08.28 23:19:12 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2011.07.21 11:09:24 | 000,985,088 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.05.20 09:08:06 | 000,450,560 | ---- | M] () -- C:\WINDOWS\system32\AscSQLite.dll
MOD - [2010.12.19 02:41:21 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2010.12.19 02:41:21 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2010.12.19 02:41:21 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2010.12.19 02:41:21 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2010.12.19 02:41:20 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l
MOD - [2010.12.19 02:41:20 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2010.12.19 02:41:20 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.12.19 02:41:20 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.12.19 02:41:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.12.19 02:41:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll
MOD - [2010.12.19 02:41:19 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2010.12.19 02:41:19 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010.12.19 02:41:19 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.12.19 02:41:19 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.12.19 02:41:19 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.12.19 02:41:19 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l
MOD - [2010.12.19 02:41:18 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.12.19 02:41:18 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2010.12.19 02:41:18 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2010.12.19 02:41:17 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.12.19 02:41:17 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.12.19 02:41:17 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.12.19 02:41:13 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.12.19 02:41:13 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.12.19 02:41:13 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.12.19 02:41:13 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll
MOD - [2010.12.19 02:41:13 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.12.19 02:41:12 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2010.12.19 02:41:12 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll
MOD - [2010.12.19 02:41:12 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll
MOD - [2010.12.19 02:41:12 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll
MOD - [2010.12.19 02:41:12 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll
MOD - [2010.12.19 02:41:11 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2010.12.19 02:41:11 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010.12.19 02:41:11 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.12.19 02:41:11 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.12.19 02:41:11 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.12.19 02:41:10 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.12.19 02:41:10 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.12.19 02:41:10 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.12.19 02:41:10 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.12.19 02:41:09 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010.12.19 02:41:09 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.12.19 02:41:09 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.12.19 02:41:09 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.12.19 02:41:09 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.12.19 02:41:07 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.12.19 02:41:07 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.12.19 02:41:07 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2010.12.19 02:41:07 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.12.19 02:41:07 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2010.12.19 02:41:07 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.12.19 02:41:06 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.12.19 02:41:06 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.12.19 02:41:06 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.12.19 02:41:06 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.12.19 02:41:06 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.12.19 02:41:06 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.12.19 02:41:06 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.12.19 02:41:06 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.12.19 02:41:05 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.12.19 02:41:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.12.19 02:41:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2010.12.19 02:41:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.12.19 02:41:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.12.19 02:41:04 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.12.19 02:41:04 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.12.19 02:41:03 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.12.19 02:41:03 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l
MOD - [2010.12.19 02:41:02 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.12.19 02:41:02 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.12.19 02:41:02 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.12.19 02:41:02 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.12.19 02:41:02 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.12.19 02:41:02 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l
MOD - [2010.12.19 02:41:02 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.12.19 02:41:02 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.12.19 02:41:02 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l
MOD - [2010.12.19 02:41:01 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementatio n.dll
MOD - [2010.12.19 02:41:01 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.12.19 02:41:01 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2010.12.19 02:41:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.12.19 02:41:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.12.19 02:40:59 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.12.19 02:40:59 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010.12.19 02:40:59 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2010.12.19 02:40:59 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2010.12.19 02:40:59 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010.12.19 02:40:58 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.12.19 02:40:58 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.12.19 02:40:58 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.12.19 02:40:58 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.12.19 02:40:58 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.12.19 02:40:58 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.12.19 02:40:57 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010.12.19 02:40:57 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.12.19 02:40:57 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.12.19 02:40:57 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.12.19 02:40:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.12.19 02:40:55 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.12.19 02:40:55 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2010.12.19 02:40:55 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.12.19 02:40:55 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.12.19 02:40:55 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.12.19 02:40:55 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.12.19 02:40:54 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
MOD - [2010.12.19 02:40:54 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
MOD - [2010.11.21 23:20:28 | 000,010,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\Interop.hpqusg.dll
MOD - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
MOD - [2010.03.23 14:26:48 | 000,201,512 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll
MOD - [2010.03.17 02:58:44 | 002,162,688 | ---- | M] () -- C:\Programme\Vidalia Bundle\Tor\tor.exe
MOD - [2010.03.15 16:57:20 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2010.02.28 05:45:02 | 005,344,807 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe
MOD - [2010.02.22 05:27:20 | 002,740,224 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\QtCore4.dll
MOD - [2010.02.20 14:15:00 | 000,086,528 | ---- | M] () -- C:\Programme\Privoxy\mgwz.dll
MOD - [2009.11.28 09:12:30 | 000,019,763 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\mingwm10.dll
MOD - [2009.11.24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.09.29 13:55:52 | 011,265,024 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\QtGui4.dll
MOD - [2009.09.29 13:38:26 | 001,395,200 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\QtNetwork4.dll
MOD - [2009.09.29 13:36:12 | 000,510,464 | ---- | M] () -- C:\Programme\Vidalia Bundle\Vidalia\QtXml4.dll
MOD - [2009.08.22 01:59:22 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.classic.dll
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2009.02.26 16:12:18 | 000,552,960 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\Alerts.dll
MOD - [2009.02.26 16:12:18 | 000,102,400 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\HPFaxUtilities.dll
MOD - [2009.02.26 16:11:48 | 000,593,920 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\HPAppTools.dll
MOD - [2009.02.26 16:11:42 | 000,069,632 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\AppConstants.dll
MOD - [2009.02.26 16:11:40 | 000,040,960 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\Enumeration.dll
MOD - [2009.02.26 16:11:36 | 000,126,976 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\HPToolkit.dll
MOD - [2009.02.26 16:11:32 | 000,069,632 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\HPTools.dll
MOD - [2009.02.26 16:10:54 | 000,086,016 | ---- | M] () -- C:\Programme\Hp\ToolboxFX\bin\NativeUtils.dll
MOD - [2008.12.30 02:03:26 | 000,098,304 | ---- | M] () -- C:\Programme\Free Download Manager\iefdm2.dll
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.12.06 05:50:44 | 000,401,408 | ---- | M] () -- C:\Programme\Free Download Manager\FUM\fumcore.dll
MOD - [2007.05.08 17:44:58 | 000,114,688 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\HPToolkit.dll
MOD - [2007.05.08 17:44:58 | 000,057,344 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\HPUsageTracking.dll
MOD - [2007.05.08 17:44:58 | 000,036,864 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\hppusg.exe
MOD - [2007.05.08 17:44:58 | 000,036,864 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\Enumeration.dll
MOD - [2007.05.08 17:44:44 | 000,065,536 | ---- | M] () -- C:\Programme\Hp\HP UT\bin\HPTools.dll
MOD - [2006.10.01 21:02:49 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2006.10.01 21:02:47 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2006.10.01 21:02:44 | 000,385,024 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll
MOD - [2005.10.19 12:56:28 | 000,125,952 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2000.05.09 11:16:34 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\TwaHky32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.09.23 18:08:16 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.09.23 18:01:05 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.01.05 12:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.23 14:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.07.29 22:33:19 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2005.11.01 13:23:50 | 000,114,784 | ---- | M] () [Disabled | Stopped] -- C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005.11.01 13:23:48 | 000,266,338 | ---- | M] () [Disabled | Stopped] -- C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2005.11.01 13:23:24 | 001,081,344 | ---- | M] (Cyberlink) [Disabled | Stopped] -- C:\Programme\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)

========== Driver Services (SafeList) ==========

DRV - [2011.09.18 08:39:27 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.09.15 23:55:04 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.15 23:55:03 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.03.23 14:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2010.02.11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.01.28 16:12:02 | 000,095,232 | R--- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.11.16 19:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007.11.14 20:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007.07.16 23:29:33 | 000,017,432 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2007.06.24 15:07:30 | 000,611,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007.01.18 21:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2007.01.09 17:59:50 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPC220NC.SYS -- (SPC220NC)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.10.19 17:53:32 | 000,787,840 | R--- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhilCap.sys -- (PhilCap)
DRV - [2005.09.30 15:14:08 | 000,078,336 | R--- | M] (DVB-TV Provide) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\878BDA.sys -- (878BDA)
DRV - [2005.09.23 18:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.06.20 09:12:00 | 000,215,040 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sis163u.sys -- (SIS163u)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.01.07 18:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.08.04 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.04 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004.08.04 03:08:36 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2004.08.04 03:08:30 | 000,105,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2003.02.19 15:04:38 | 000,041,344 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = hxxp://google.icq.com/search/search_frame.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = hxxp://google.icq.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:58364

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2240: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2298: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1348: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Programme\Mozilla Firefox 2\components [2011.10.01 10:45:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox 2\plugins [2011.05.14 17:09:15 | 000,000,000 | ---D | M]

[2008.10.16 00:13:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2011.10.04 22:26:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ajdqdk7h.default\extensions
[2010.11.30 19:00:38 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ajdqdk7h.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2005.11.23 20:52:17 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ajdqdk7h.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.10.04 22:26:40 | 000,000,000 | ---D | M] (Facemoods) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ajdqdk7h.default\extensions\ffxtlbr@Facemoods.com
[2011.10.11 19:16:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions
[2010.07.13 09:56:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.09.27 20:37:54 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.08.18 14:19:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.10.02 16:40:44 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\ocmzychx.Standard-Benutzer\extensions\vshare@toolbar
[2009.06.22 17:08:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2008.07.01 18:51:41 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.10.04 22:26:46 | 000,002,048 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\fcmdSrch.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =

O1 HOSTS File: ([2011.02.12 13:54:22 | 000,000,542 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 27.195.49.225 perspeak.avira-update.com
O1 - Hosts: 137.100.165.192 personal.nl.avira-update.com
O1 - Hosts: 212.225.142.151 profpeak.avira-update.com
O1 - Hosts: 189.53.10.239 professional.nl.avira-update.com
O1 - Hosts: 11.44.241.74 prempeak.avira-update.com
O1 - Hosts: 202.166.51.225 premium.nl.avira-update.com
O1 - Hosts: 229.218.186.62 personal.avira-update.com
O1 - Hosts: 185.11.69.119 professional.avira-update.com
O1 - Hosts: 167.47.212.153 premium.avira-update.com
O1 - Hosts: 47.214.46.4 perspeak.avira-update.com
O1 - Hosts: 155.194.238.70 profpeak.avira-update.com
O1 - Hosts: 186.148.192.64 prempeak.avira-update.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll ()
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll (facemoods.com)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [conhost] C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft\conhost.exe File not found
O4 - HKLM..\Run: [facemoods] C:\Programme\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [HPPQVideo] "C:\Programme\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CP1510_Series -f PQOptimizerVideo.xml -o remindLater File not found
O4 - HKLM..\Run: [HPUsageTracking] C:\Programme\HP\HP UT\bin\hppusg.exe ()
O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Programme\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKLM..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKCU..\Run: [Free Download Manager] C:\Programme\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [PC Prima] C:\Programme\Ascentive\PC Prima\PCPrima.exe (Ascentive LLC)
O4 - HKCU..\Run: [Vidalia] C:\Programme\Vidalia Bundle\Vidalia\vidalia.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HotKey.lnk = C:\Programme\TEXTware\HotKey\TWALINK.EXE (TEXTware A/S)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Privoxy.lnk = C:\Programme\Privoxy\privoxy.exe (The Privoxy team - www.privoxy.org)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk = C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\HP Print View Resource Center.lnk = C:\Programme\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe (Hewlett-Packard)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
F3 - HKCU WinNT: Load - (C:\DOKUME~1\***~1\LOKALE~1\Temp\csrss.exe) - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download by Arles Download Manager - C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Ariel Download Manager\DownloadManager.htm ()
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Programme\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABA4E0B8-793B-42ED-9D4C-44D03FEA91AA}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Dokumente und Einstellungen\***\Anwendungsdaten\dwm.exe) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.11.07 18:51:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.12.20 13:36:08 | 000,000,000 | ---D | M] - C:\Autoruns -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - Windows Messenger 5.1
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A6E6B552-B569-6152-BB06-FC71C667CA7B} - DirectX
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EFCE7BE0-510E-4932-9475-F44CD90DE16A} - Microsoft .NET Framework 1.1 Security Update (KB2572067)
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "CLSched"
MsConfig - Services: "CyberLink Media Library Service"
MsConfig - Services: "CLCapSvc"
MsConfig - Services: "iPodService"
MsConfig - Services: "ISSVC"
MsConfig - Services: "RichVideo"
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk - - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Office-Bibliothek-Direktsuche.lnk - C:\Programme\Office-Bibliothek\PCLib.exe - ()
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^TrayMin220.lnk - C:\Programme\Philips\Philips SPC220NC Webcam\TrayMin220.exe - ()
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^***^Startmenü^Programme^Autostart^Adobe Gamma.lnk - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe - (Adobe Systems, Inc.)
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^***^Startmenü^Programme^Autostart^Dropbox.lnk - C:\Dokumente und Einstellungen\***\Anwendungsdaten\Dropbox\bin\Dropbox.exe - ()
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^***^Startmenü^Programme^Autostart^Microsoft.exe - - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^***^Startmenü^Programme^Autostart^PowerReg Scheduler.exe - - File not found
MsConfig - StartUpReg: AIM - hkey= - key= - File not found
MsConfig - StartUpReg: Babylon Client - hkey= - key= - C:\Programme\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - File not found
MsConfig - StartUpReg: E07DXLRD_14546890 - hkey= - key= - C:\Programme\Microsoft Encarta\Encarta 2007 - Enzyklopaedie DVD\EDICT.EXE (Microsoft Corporation)
MsConfig - StartUpReg: E07DXLRD_663703 - hkey= - key= - C:\Programme\Microsoft Encarta\Encarta 2007 - Enzyklopaedie DVD\EDICT.EXE (Microsoft Corporation)
MsConfig - StartUpReg: Flashget - hkey= - key= - C:\Programme\FlashGet\FlashGet.exe (FlashGet.com)
MsConfig - StartUpReg: ISTray - hkey= - key= - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Monitor - hkey= - key= - C:\WINDOWS\Philips\SPC220NC\Monitor.exe (PixArt Imaging Incorporation)
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: PCMService - hkey= - key= - C:\Programme\CyberLink\PowerCinema\PCMService.exe (CyberLink Corp.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Programme\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
MsConfig - StartUpReg: Shareaza - hkey= - key= - C:\Programme\Shareaza\Shareaza.exe (Shareaza Development Team)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - File not found
MsConfig - StartUpReg: swg - hkey= - key= - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: updateMgr - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.10.22 16:27:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Ascentive
[2011.10.22 16:27:31 | 000,000,000 | ---D | C] -- C:\Programme\Ascentive
[2011.10.22 02:37:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DL
[2011.10.22 02:22:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\.Zettelkasten
[2011.10.05 03:30:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Avira
[2011.10.05 03:29:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2011.10.05 03:28:39 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011.10.05 03:28:31 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.10.05 03:28:31 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2011.10.05 03:28:30 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.10.05 03:27:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\facemoods.com
[2011.10.05 03:27:29 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2011.10.05 03:27:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2011.10.04 22:26:36 | 000,000,000 | ---D | C] -- C:\Programme\facemoods.com
[2011.09.30 01:58:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\foobar2000
[2011.09.30 01:57:51 | 000,000,000 | ---D | C] -- C:\Programme\foobar2000
[2011.09.30 01:42:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\NeroVision
[6 C:\Dokumente und Einstellungen\***\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\***\Desktop\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[100 C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.10.22 16:44:35 | 000,001,345 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\HP Print View Resource Center.lnk
[2011.10.22 16:43:17 | 000,002,423 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk
[2011.10.22 16:42:11 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.22 16:41:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.22 16:37:33 | 000,000,257 | ---- | M] () -- C:\WINDOWS\TEXTWARE.INI
[2011.10.22 16:35:09 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2011.10.22 16:24:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.22 16:23:07 | 000,000,502 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.new
[2011.10.20 22:56:07 | 000,178,688 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.16 19:21:12 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.10.12 22:27:31 | 000,499,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.10.12 20:51:36 | 000,864,738 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.10.12 20:51:36 | 000,791,054 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.10.12 20:51:36 | 000,241,402 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.10.12 20:51:36 | 000,204,818 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.10.12 20:39:39 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.10.05 03:29:19 | 000,001,677 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2011.09.30 07:28:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.09.30 01:58:01 | 000,000,684 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\foobar2000.lnk
[6 C:\Dokumente und Einstellungen\***\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\***\Desktop\*.tmp -> ]
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[100 C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\***\Eigene Dateien\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.10.22 16:34:25 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2011.10.05 03:29:19 | 000,001,677 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2011.10.04 22:25:36 | 000,001,593 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\JDownloader.lnk
[2011.10.04 22:25:35 | 000,001,572 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\JDownloader Deinstallationsprogramm.lnk
[2011.10.04 22:25:35 | 000,001,551 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\JDownloader Update.lnk
[2011.09.30 01:58:01 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\foobar2000.lnk
[2011.09.30 01:58:01 | 000,000,684 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\foobar2000.lnk
[2011.07.27 01:33:37 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011.07.27 01:31:29 | 000,017,394 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2011.05.20 09:08:06 | 000,450,560 | ---- | C] () -- C:\WINDOWS\System32\AscSQLite.dll
[2011.05.12 22:24:44 | 000,540,392 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.04.14 21:08:44 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011.02.12 13:49:11 | 000,030,684 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\6966.5F0
[2010.12.19 02:36:54 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010.11.21 23:21:53 | 000,169,557 | ---- | C] () -- C:\WINDOWS\hppins09.dat.temp
[2010.11.21 23:07:11 | 000,000,355 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2010.11.21 23:06:10 | 000,168,159 | ---- | C] () -- C:\WINDOWS\hppins09.dat
[2010.11.21 23:06:10 | 000,004,144 | ---- | C] () -- C:\WINDOWS\hppmdl09.dat
[2010.11.21 22:01:22 | 000,000,621 | ---- | C] () -- C:\WINDOWS\System32\hppapr09.dat
[2010.11.21 21:35:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2010.11.18 20:13:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.11.18 20:13:26 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.11.18 20:13:26 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.11.18 20:13:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010.11.18 20:13:06 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010.08.23 01:49:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TwaHky32.dll
[2010.08.23 01:49:06 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\WIN32CMI.DLL
[2010.08.23 01:46:54 | 000,000,427 | ---- | C] () -- C:\WINDOWS\WINWORD6.INI
[2010.08.16 18:01:28 | 000,000,257 | ---- | C] () -- C:\WINDOWS\TEXTWARE.INI
[2010.08.02 03:39:01 | 000,006,907 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\.freeciv-client-rc-2.2
[2010.06.24 02:27:47 | 000,000,118 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\kpref
[2010.03.23 14:26:48 | 000,201,512 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2010.03.23 14:17:40 | 000,197,416 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2009.12.27 01:51:48 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009.12.27 01:51:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.12.27 01:51:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.12.27 01:51:48 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009.12.27 01:51:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.12.20 16:35:23 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2009.03.06 23:56:29 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc
[2009.01.25 02:07:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2008.09.21 14:47:47 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008.09.21 14:47:47 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2030.DAT
[2008.08.10 21:00:37 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.08.04 12:59:17 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SPC220NC.INI
[2008.06.28 16:09:01 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008.06.06 16:31:37 | 000,000,145 | ---- | C] () -- C:\WINDOWS\NLB.INI
[2008.05.02 09:06:58 | 000,136,448 | ---- | C] () -- C:\WINDOWS\RMTOOLS.DLL
[2007.11.17 23:28:03 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007.11.17 23:28:02 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2007.11.17 23:28:02 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2007.11.17 23:28:02 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2007.11.17 23:28:02 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2007.11.17 23:28:02 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007.08.23 13:54:16 | 000,293,712 | ---- | C] () -- C:\WINDOWS\System32\Tbsql03.dll
[2007.08.23 13:54:16 | 000,246,368 | ---- | C] () -- C:\WINDOWS\System32\Tbqry03.dll
[2007.08.23 13:54:16 | 000,145,696 | ---- | C] () -- C:\WINDOWS\System32\Tblib.dll
[2007.08.23 13:54:16 | 000,090,688 | ---- | C] () -- C:\WINDOWS\System32\Tbutl03.dll
[2007.08.23 13:54:16 | 000,014,512 | ---- | C] () -- C:\WINDOWS\System32\Tbgui03.dll
[2007.08.23 13:54:16 | 000,005,488 | ---- | C] () -- C:\WINDOWS\System32\Tbmds03.dll
[2007.06.24 15:24:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\editor.INI
[2007.06.23 15:08:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2007.06.02 18:46:38 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
[2007.04.15 20:46:57 | 000,000,032 | ---- | C] () -- C:\WINDOWS\autostart.INI
[2007.01.20 16:54:32 | 000,000,380 | -H-- | C] () -- C:\WINDOWS\WINRDPDN40.SYS
[2007.01.20 16:47:36 | 000,000,380 | -H-- | C] () -- C:\WINDOWS\WINRDP40.SYS
[2006.12.28 00:26:29 | 000,000,019 | ---- | C] () -- C:\WINDOWS\rrver.ini
[2006.12.17 20:47:09 | 000,000,356 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2006.07.23 10:54:37 | 000,000,032 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.04.29 22:42:12 | 000,000,032 | ---- | C] () -- C:\WINDOWS\AMPlayer.INI
[2006.04.23 00:57:06 | 000,001,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2006.04.19 21:42:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006.04.17 00:39:20 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2006.03.31 22:50:42 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2006.03.31 14:51:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\Hooks.dll
[2005.12.12 00:30:09 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\TXTUSER.EXE
[2005.12.07 20:21:32 | 000,000,422 | ---- | C] () -- C:\WINDOWS\bobdown.ini
[2005.12.07 20:18:17 | 000,960,512 | ---- | C] () -- C:\WINDOWS\System32\Vorbis.dll
[2005.12.07 20:18:17 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2005.12.07 20:18:17 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ViscomID3.dll
[2005.12.07 20:18:17 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ViscomAudioCD.dll
[2005.12.07 20:18:17 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\tagWriter.dll
[2005.11.28 22:17:56 | 000,000,348 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005.11.27 22:21:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.11.25 21:23:50 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2005.11.25 21:23:50 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2005.11.24 07:58:43 | 000,178,688 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.11.23 20:52:13 | 000,099,970 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2005.11.23 20:51:55 | 000,003,663 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005.11.22 22:18:12 | 000,042,840 | ---- | C] () -- C:\WINDOWS\System32\compare.dat
[2005.11.22 22:17:52 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2005.11.07 20:06:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.11.07 19:41:00 | 000,001,412 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.11.07 19:39:39 | 000,009,220 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2005.11.07 19:39:10 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005.11.07 19:33:28 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2005.11.07 19:31:42 | 000,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2005.11.07 19:20:19 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005.11.07 19:11:46 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.11.07 18:53:50 | 000,000,778 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.11.07 18:52:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005.11.07 18:49:33 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005.11.07 18:48:35 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.11.07 18:45:16 | 000,004,312 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.11.07 18:44:37 | 000,499,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005.11.07 10:49:35 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Option.ini
[2005.11.07 10:45:10 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\unwlsdrv.exe
[2005.11.07 10:45:06 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\716xCoInstaller.dll
[2005.11.07 10:44:36 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2005.11.07 10:38:01 | 000,864,738 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2005.11.07 10:38:01 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2005.11.07 10:38:01 | 000,241,402 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2005.11.07 10:38:01 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2005.11.07 10:37:55 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\NSREG.DLL
[2005.11.07 10:37:52 | 000,791,054 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005.11.07 10:37:52 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005.11.07 10:37:52 | 000,204,818 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005.11.07 10:37:52 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005.11.07 10:37:52 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005.11.07 10:37:50 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005.11.07 10:37:50 | 000,004,643 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005.11.07 10:37:49 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.11.07 10:37:47 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005.11.07 10:37:47 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005.11.07 10:37:43 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005.11.07 10:37:41 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.07.07 05:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1999.07.29 18:27:10 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll

========== LOP Check ==========

[2007.05.04 21:51:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Advanced Chemistry Development
[2009.12.20 16:13:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2007.10.02 18:17:16 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2008.03.23 11:39:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Catalog.LiveSubscribeSymantec
[2010.07.31 03:50:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreeDownloadManager.ORG
[2010.11.30 19:00:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2005.11.07 19:37:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2010.09.20 22:53:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MGS
[2010.05.06 17:20:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Storm
[2005.11.23 16:33:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2005.11.23 16:21:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online_ZusatzSoftware
[2010.06.24 01:51:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009.06.29 20:37:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2011.02.12 06:30:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.08.02 02:55:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\.freeciv
[2009.06.29 20:38:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\acccore
[2006.03.17 21:20:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Aim
[2007.06.02 18:52:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Anvil Studio
[2008.12.27 18:38:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Babylon
[2011.04.15 03:03:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Canon
[2007.08.22 00:35:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\capella-software
[2011.10.22 02:37:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DL
[2009.12.20 13:10:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Dropbox
[2010.03.04 12:48:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Exif Viewer
[2011.10.05 03:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\facemoods.com
[2011.09.20 00:11:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FileZilla
[2007.10.20 16:51:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\flightgear.org
[2011.09.30 01:59:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\foobar2000
[2011.10.22 16:55:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Free Download Manager
[2006.07.05 16:58:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\funkitron
[2007.05.29 09:35:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\hidires(2)
[2011.10.22 16:16:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ
[2007.02.26 23:09:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ Toolbar
[2006.05.13 09:27:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQLite
[2007.05.11 20:20:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\KlipFolio
[2011.08.29 17:25:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\kompozer.net
[2011.09.24 02:10:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microgaming
[2006.07.07 15:42:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\My Games
[2008.01.03 23:55:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\NCH Swift Sound
[2011.07.21 11:11:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenOffice.org
[2009.06.16 17:42:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\QIP
[2007.02.25 16:34:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Shareaza
[2007.03.17 20:03:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\SmartDraw
[2005.11.23 16:22:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\T-Online
[2009.12.20 16:32:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Uniblue

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >
[2011.08.12 01:58:16 | 000,000,000 | ---D | M] -- C:\2
[2010.12.19 02:32:36 | 000,000,000 | ---D | M] -- C:\ATI
[2009.11.01 20:30:20 | 000,000,000 | ---D | M] -- C:\AudioSuite
[2009.12.20 13:36:08 | 000,000,000 | ---D | M] -- C:\Autoruns
[2005.11.25 00:08:34 | 000,000,000 | ---D | M] -- C:\BJPrinter
[2010.03.01 18:05:33 | 000,000,000 | ---D | M] -- C:\Bluebyte
[2008.05.04 12:43:05 | 000,000,000 | ---D | M] -- C:\Capitalism II
[2010.06.27 19:55:14 | 000,000,000 | ---D | M] -- C:\Casino
[2009.12.27 02:19:25 | 000,000,000 | RHSD | M] -- C:\cmdcons
[2009.12.27 02:17:02 | 000,000,000 | ---D | M] -- C:\Cofi
[2009.12.28 16:23:49 | 000,000,000 | ---D | M] -- C:\Cofi20873C
[2010.03.23 14:55:24 | 000,000,000 | ---D | M] -- C:\cofi29451c
[2011.10.22 16:45:09 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2009.04.06 19:28:14 | 000,000,000 | ---D | M] -- C:\D
[2007.01.10 01:54:09 | 000,000,000 | ---D | M] -- C:\digibib3
[2009.08.08 18:39:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2011.03.10 21:46:06 | 000,000,000 | ---D | M] -- C:\Downloads
[2010.11.21 21:31:36 | 000,000,000 | ---D | M] -- C:\HP Universal Print Driver PCL5 v5.1.1.8283
[2010.11.21 22:00:20 | 000,000,000 | ---D | M] -- C:\HP_CP1510_Default_Install_4.0
[2010.11.21 22:23:29 | 000,000,000 | ---D | M] -- C:\HP_CP1510_full_solution_v4.0
[2010.11.21 21:42:45 | 000,000,000 | ---D | M] -- C:\HP_CP1510_win32_PS_add_printer_package_v61.072.52.00
[2008.05.02 01:23:47 | 000,000,000 | ---D | M] -- C:\Imperialismus
[2010.08.01 05:59:50 | 000,000,000 | ---D | M] -- C:\INSTALL
[2008.11.22 00:35:58 | 000,000,000 | ---D | M] -- C:\Klett Werkstatt
[2010.01.24 22:04:07 | 000,000,000 | ---D | M] -- C:\Longman iBT Prep 2.0
[2009.12.26 23:36:01 | 000,000,000 | ---D | M] -- C:\Lop SD
[2011.04.06 19:14:01 | 000,000,000 | -H-D | M] -- C:\Masher1.rar
[2008.05.02 09:06:57 | 000,000,000 | ---D | M] -- C:\MAXIS
[2011.06.17 23:26:31 | 000,000,000 | ---D | M] -- C:\OALD6
[2006.06.01 06:52:43 | 000,000,000 | ---D | M] -- C:\pc-bib
[2011.01.11 16:20:13 | 000,000,000 | -H-D | M] -- C:\portwexexe.exe
[2007.11.17 23:28:01 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.10.22 16:27:31 | 000,000,000 | ---D | M] -- C:\Programme
[2008.03.17 00:11:06 | 000,000,000 | ---D | M] -- C:\PSFONTS
[2010.03.23 14:55:22 | 000,000,000 | ---D | M] -- C:\Qoobox
[2010.03.24 14:49:39 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2010.08.01 05:30:25 | 000,000,000 | ---D | M] -- C:\RedAlert1_AlliedDisc
[2010.08.01 05:43:36 | 000,000,000 | ---D | M] -- C:\RedAlert1_SovietDisc
[2010.03.04 17:56:48 | 000,000,000 | ---D | M] -- C:\rsit
[2008.03.17 01:01:33 | 000,000,000 | ---D | M] -- C:\RTL Playtainment
[2004.11.02 11:18:16 | 000,000,000 | ---D | M] -- C:\Settlers2gold
[2011.08.12 01:56:11 | 000,000,000 | ---D | M] -- C:\SIMCITY
[2009.12.22 23:44:28 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2006.01.15 21:35:44 | 000,000,000 | ---D | M] -- C:\Temp
[2010.01.08 01:12:24 | 000,000,000 | ---D | M] -- C:\toefl
[2011.08.12 00:57:36 | 000,000,000 | ---D | M] -- C:\Westwood
[2011.10.15 00:00:06 | 000,000,000 | ---D | M] -- C:\WINDOWS

< %PROGRAMFILES%\*.exe >

Invalid Environment Variable: LOCALAPPDATA

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< MD5 for: EXPLORER.EXE >
[2004.08.04 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB884883$\explorer.exe
[2007.06.13 15:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2005.04.07 20:46:59 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=64322E8399B205B7281FF883737A9B03 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: REGEDIT.EXE >
[2004.08.04 14:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2004.08.04 14:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\I386\REGEDIT.EXE
[2008.04.14 04:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe
[2008.04.14 04:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
[2008.04.14 04:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\system32\dllcache\regedit.exe

< MD5 for: USERINIT.EXE >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.04 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtUninstallKB883529$\winlogon.exe
[2004.08.25 18:59:56 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=325A82EBBD69248D75C5F831E8817D17 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-12 18:52:08

========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

FC5A2B2
@Alternate Data Stream - 102 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8FB6501C

< End of report >

cosinus · 24.10.2011, 11:13

Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

lrisch · 29.10.2011, 10:16

Vollscan mit malwarebytes:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8005

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.2180

23.10.2011 23:50:39
mbam-log-2011-10-23 (23-50-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Durchsuchte Objekte: 365270
Laufzeit: 4 Stunde(n), 27 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 18

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Value: Load -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Value: Shell -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Trojan.Agent) -> Value: conhost -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\portwexexe.exe (Trojan.SpyEyes.WC) -> No action taken.

Infizierte Dateien:
c:\OALD6\MPGPLAY.EXE (Backdoor.Bot) -> No action taken.
c:\dokumente und einstellungen\***\eigene dateien\downloads\sims-completecollection-keygen\sims 1, 2 keygen\ea games generic multi keygen 190.exe (RiskWare.Tool.CK) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\18C.exe (Spyware.Passwords.XGen) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\1C7.exe (Spyware.Passwords.XGen) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\1F8.exe (Spyware.Passwords.XGen) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\31F.exe (Backdoor.CycBot.Gen) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\359.exe (Trojan.Agent.Gen) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\3E.exe (Spyware.Passwords.XGen) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\2C5.exe (Backdoor.CycBot.Gen) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\1E0.exe (Spyware.Passwords.XGen) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\A1.exe (Trojan.Agent) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\C3.exe (Trojan.Agent) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\C6.exe (Trojan.Agent) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\2B2.exe (Backdoor.CycBot.Gen) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\126.exe (Trojan.Agent) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\127.exe (Trojan.Agent) -> No action taken.
c:\dokumente und einstellungen\***\lokale einstellungen\temp\5E.exe (Trojan.Agent) -> No action taken.
c:\portwexexe.exe\config.bin (Trojan.SpyEyes.WC) -> No action taken.

---
ESET-log

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=ed1598f7a6d63348b517179c4183609d
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-29 06:18:41
# local_time=2011-10-29 08:18:41 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 58494407 58494407 0 0
# compatibility_mode=1792 16777179 100 0 1200278 1200278 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=184150
# found=22
# cleaned=0
# scan_time=55611
C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\cc95v106b_r1_full.zip probably a variant of Win32/Agent.JHODDUJ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\Facemoods.exe probably a variant of Win32/InstallCore.A application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Eigene Dateien\Oberon Media\Downloads\SoftonicDownloader45973(2).exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Eigene Dateien\Oberon Media\Downloads\SoftonicDownloader45973.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Eigene Dateien\Oberon Media\drucker\FreeYouTubeDownload.exe Win32/Adware.ADON application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Eigene Dateien\Oberon Media\drucker\registrybooster.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\161.exe Win32/IRCBot.NDS trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\1B5.exe a variant of Win32/Kryptik.LCE trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\246.exe a variant of Win32/Kryptik.MCL trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\89.exe a variant of Win32/Kryptik.LHY trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\9B.exe a variant of Win32/Kryptik.LHY trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\B1.exe a variant of Win32/Kryptik.LHY trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\B4.exe a variant of Win32/Kryptik.LCE trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\D2.exe Win32/IRCBot.NDS trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\E2.exe Win32/IRCBot.NDS trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\E8.exe a variant of Win32/Kryptik.LCE trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\E9.exe a variant of Win32/Kryptik.LCE trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\temp\plugtmp-597\plugin-2fdp.php JS/Exploit.Pdfka.PCS.Gen trojan (unable to clean) 00000000000000000000000000000000 I
C:\Programme\eMule\Incoming\luhmann soziologie des risikos.zip probably a variant of Win32/Injector.KAX trojan (unable to clean) 00000000000000000000000000000000 I
C:\Programme\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I
C:\Programme\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application (unable to clean) 00000000000000000000000000000000 I
C:\Westwood\C&C95\funpark.exe probably a variant of Win32/Agent.JHODDUJ trojan (unable to clean) 00000000000000000000000000000000 I

cosinus · 29.10.2011, 16:04

Zitat:

C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\cc95v106b_r1_full.zip probably a variant of Win32/Agent.JHODDUJ trojan

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!

Avira Antivir updatet nicht mehr / hohe CPU-Auslastung

Log-Analyse und Auswertung: Avira Antivir updatet nicht mehr / hohe CPU-Auslastung