Avira AntiVir reagiert mergwürdig

Stelzenbein · 22.07.2010, 23:10

Hallo erst mal, http://www.trojaner-board.de/images/smilies/huepp.gif

Ich habe das problem das jedesmal wenn ich den Rechner anmache ich ewig warten muss bis ich meinen Computer nutzen kann und alle Programme gestartet sind. (ewig = 2 bis 3 Minuten nach dem ich schon auf dem Desktop bin)

Und jedes mal werde ich gefragt ob Antivir änderungen an meiner Festplatte vornehmen kann. Vom der Toolbar aus kann ich AntiVir auch nicht mehr bedienen es reagiert weder auf die Linke noch auf die Rechte Maustaste.

Ich mache mir sorgen das ich mir was gefangen haben könnte und würde mich freuen wenn ihr mal hier rüberschauen könntet.

HiJackthis Logfile:

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:56:08, on 22.07.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\***\Desktop\Virus\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) -  - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [BackgroundSwitcher] "C:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (file missing)
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O13 - Gopher Prefix: 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**ps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Virtual CD v10 Management Service (VC10SecS) - H+H Software GmbH - C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9119 bytes

--- --- ---

Ich sag dann schon mal danke für eure Mühe

Larusso · 23.07.2010, 14:05

Ich sehe an der Logfile nichts was mich aufschreiben lassen würde.
Aber gucken wir mal genauer nach

Downloade Dir bitte Load.exe

Das Tool benötigt eine aktive Internetverbindung, aber keinen offenen Browser
Sollte deine Firewall meckern, die Anwendung bitte zulassen.

Speichere die Datei am Desktop.
Doppelklick auf die load.exe
Belasse die Häckchen wie sie sind.
Schließe nun alle offenen Programme.
Klicke auf Download
Bitte während dem Download nicht in das Fenster klicken.
Folge den Anweisungen auf dem Bildschirm.
Wenn das Fenster Status aufpoppt klicke Start.

Nach dem Neustart findest Du einen Ordner MFTools auf dem Desktop. Darin befindet sich eine Anleitung.pdf.
Diese bitte öffnen und die darin beschriebenen Schritte abarbeiten.

Stelzenbein · 23.07.2010, 18:56

Danke für die schnelle Antwort ich werde es gleich mal machen wenn ich zuhause bin.

aber könntest du auch mal über
http://www.trojaner-board.de/88344-1...nebetrieb.html

drüber schauen? Ist glaube ich untergegangen. Es ist der Rechner von meiner Frau. An dem war meine 16 Jahre alte Nichte zu gange.

Stelzenbein · 23.07.2010, 22:47

Malware log:

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4342

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

23.07.2010 23:20:17
mbam-log-2010-07-23 (23-20-17).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 122180
Laufzeit: 3 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 23.07.2010 23:36:08 - Run 3
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Marc\Desktop\MFTools
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 69,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 808,22 Gb Total Space | 350,17 Gb Free Space | 43,33% Space Free | Partition Type: NTFS
Drive D: | 74,50 Gb Total Space | 63,78 Gb Free Space | 85,61% Space Free | Partition Type: NTFS
Drive E: | 589,05 Gb Total Space | 235,22 Gb Free Space | 39,93% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MARC-PC
Current User Name: Sicherheit
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Marc\Desktop\MFTools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe (H+H Software GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Marc\Desktop\MFTools\OTL.exe (OldTimer Tools)
MOD - C:\Program Files (x86)\Internet Explorer\ieproxy.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4974_none_50940634bcb759cb\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4974_none_50940634bcb759cb\msvcp90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4974_none_51cdc180bbe4500f\ATL90.dll (Microsoft Corporation)
MOD - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
MOD - C:\PROGRA~2\MIF5BA~1\Office14\1031\GrooveIntlResource.dll (Microsoft Corporation)
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\SysWOW64\rsaenh.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\WindowsCodecs.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\thumbcache.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\StructuredQuery.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\srvcli.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\slc.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\SearchFolder.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\RpcRtRemote.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\EhStorShell.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\cscapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\actxprxy.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (MSSQLServerADHelper100) -- c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE (Microsoft Corporation)
SRV:64bit: - (MSSQL$SQLEXPRESS) -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV:64bit: - (SQLAgent$SQLEXPRESS) -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (nTuneService) -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (VC10SecS) -- C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe (H+H Software GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (UpdateCenterService) -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (DAUpdaterSvc) -- C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe (BioWare)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe (Sonic Solutions)
SRV - (RoxMediaDB12) -- C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe (Sonic Solutions)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (vdrv1000) -- C:\Windows\SysNative\drivers\vdrv1000.sys (H+H Software GmbH)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (nvoclk64) -- C:\Windows\SysNative\drivers\nvoclk64.sys (NVIDIA Corp.)
DRV:64bit: - (c2scsi64) -- C:\Windows\SysNative\drivers\C2SCSI64.SYS (Sonic Solutions)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (HH10Help.sys) -- C:\Windows\SysNative\drivers\HH10Help.sys (H+H Software GmbH)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RsFx0103) -- C:\Windows\SysNative\drivers\RsFx0103.sys (Microsoft Corporation)
DRV:64bit: - (vcd10bus) -- C:\Windows\SysNative\drivers\vcd10bus.sys (H+H Software GmbH)
DRV - (VSPerfDrv100) -- C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys (Microsoft Corporation)
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.06.29 15:25:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.06.30 14:32:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.05.04 04:56:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2010.05.24 16:18:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.24 16:18:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.22 10:28:27 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.22 10:28:27 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.22 10:28:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.22 10:28:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.22 10:28:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
Hosts file not found
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Windows\SysNative\nvraidservice.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.07.23 23:15:32 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.07.23 23:14:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010.07.23 23:08:55 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\Desktop\MFTools
[2010.07.23 23:03:38 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\AppData\Roaming\Malwarebytes
[2010.07.23 12:52:54 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\AppData\Roaming\Adobe
[2010.07.23 11:03:43 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\AppData\Roaming\Avira
[2010.07.22 23:43:18 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\AppData\Local\Logitech
[2010.07.22 23:43:00 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Searches
[2010.07.22 23:42:04 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\AppData\Local\NVIDIA Corporation
[2010.07.22 23:42:02 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\AppData\Roaming\Identities
[2010.07.22 23:42:01 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Contacts
[2010.07.22 23:42:00 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\AppData\Local\VirtualStore
[2010.07.22 23:41:55 | 000,000,000 | --SD | C] -- C:\Users\Sicherheit\AppData\Roaming\Microsoft
[2010.07.22 23:41:55 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Videos
[2010.07.22 23:41:55 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Saved Games
[2010.07.22 23:41:55 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Pictures
[2010.07.22 23:41:55 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Music
[2010.07.22 23:41:55 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Links
[2010.07.22 23:41:55 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Favorites
[2010.07.22 23:41:55 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Downloads
[2010.07.22 23:41:55 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Documents
[2010.07.22 23:41:55 | 000,000,000 | R--D | C] -- C:\Users\Sicherheit\Desktop
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Vorlagen
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\AppData\Local\Verlauf
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\AppData\Local\Temporary Internet Files
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Startmenü
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\SendTo
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Recent
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Netzwerkumgebung
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Lokale Einstellungen
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Documents\Eigene Videos
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Documents\Eigene Musik
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Eigene Dateien
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Documents\Eigene Bilder
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Druckumgebung
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Cookies
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\AppData\Local\Anwendungsdaten
[2010.07.22 23:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Sicherheit\Anwendungsdaten
[2010.07.22 23:41:55 | 000,000,000 | -H-D | C] -- C:\Users\Sicherheit\AppData
[2010.07.22 23:41:55 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\AppData\Local\Temp
[2010.07.22 23:41:55 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\AppData\Local\Microsoft
[2010.07.22 23:41:55 | 000,000,000 | ---D | C] -- C:\Users\Sicherheit\AppData\Roaming\Media Center Programs
[2010.07.17 18:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2010.07.17 13:21:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.07.17 13:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.07.17 13:20:47 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.07.17 13:20:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.07.17 12:59:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.07.17 11:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2010.07.17 11:25:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2010.07.08 09:06:40 | 000,000,000 | ---D | C] -- C:\PCWELT
[2010.07.04 20:20:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kalypso
[2010.06.26 19:37:30 | 000,000,000 | ---D | C] -- C:\Games
[2010.06.07 10:51:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BpDatabase
[2010.05.24 16:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.05.24 16:18:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.05.14 19:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010.05.14 19:00:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2010.05.14 18:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010.05.14 18:57:44 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.05.14 18:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2010.05.14 18:56:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010.05.14 18:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.05.14 18:56:06 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.05.04 20:38:04 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RsFx
[2010.05.04 20:36:51 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 9.0
[2010.05.04 20:36:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2010.05.04 20:36:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2010.05.04 20:36:09 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.05.04 20:30:25 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server
[2010.05.04 20:29:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2010.05.04 20:28:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Sync Framework
[2010.05.04 20:28:18 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Synchronization Services
[2010.05.04 20:28:18 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition
[2010.05.04 20:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2010.05.04 20:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010.05.04 20:26:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions
[2010.05.04 20:19:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2010.05.04 20:19:33 | 000,000,000 | ---D | C] -- C:\Programme\IIS
[2010.05.04 20:19:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IIS
[2010.05.04 20:11:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1031
[2010.05.04 20:10:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft F#
[2010.05.04 20:10:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2010.05.04 20:10:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTML Help Workshop
[2010.05.04 20:10:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0
[2010.05.04 20:06:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2010.05.04 20:06:34 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2010.05.04 20:06:34 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 10.0
[2010.05.04 20:06:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2010.05.04 20:06:34 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Help Viewer
[2010.05.04 20:06:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1031
[2010.05.04 19:24:51 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.05.03 20:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2010.05.03 20:36:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010.05.03 20:34:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.05.03 20:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegCleaner
[2010.04.30 19:12:30 | 000,000,000 | ---D | C] -- C:\totalcmd
[2010.04.28 17:43:36 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2010.04.28 17:43:36 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.04.28 17:43:36 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010.04.28 17:43:36 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010.04.28 17:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.04.28 17:43:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
 
========== Files - Modified Within 90 Days ==========
 
[2010.07.23 23:36:05 | 001,048,576 | -HS- | M] () -- C:\Users\Sicherheit\NTUSER.DAT
[2010.07.23 23:20:31 | 000,014,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.23 23:20:31 | 000,014,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.23 23:16:45 | 001,826,638 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.07.23 23:16:45 | 000,772,926 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.07.23 23:16:45 | 000,726,544 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.07.23 23:16:45 | 000,177,608 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.07.23 23:16:45 | 000,149,824 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.07.23 23:14:42 | 000,000,924 | ---- | M] () -- C:\Users\Sicherheit\Desktop\NTREGOPT.lnk
[2010.07.23 23:14:42 | 000,000,905 | ---- | M] () -- C:\Users\Sicherheit\Desktop\ERUNT.lnk
[2010.07.23 23:12:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.23 23:12:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.23 23:12:11 | 3220,074,496 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.22 23:44:51 | 000,524,288 | -HS- | M] () -- C:\Users\Sicherheit\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.07.22 23:44:51 | 000,524,288 | -HS- | M] () -- C:\Users\Sicherheit\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.07.22 23:44:51 | 000,065,536 | -HS- | M] () -- C:\Users\Sicherheit\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.07.22 23:44:47 | 000,940,030 | -H-- | M] () -- C:\Users\Sicherheit\AppData\Local\IconCache.db
[2010.07.22 23:43:41 | 000,128,464 | ---- | M] () -- C:\Users\Sicherheit\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.22 23:41:55 | 000,000,020 | -HS- | M] () -- C:\Users\Sicherheit\ntuser.ini
[2010.07.17 18:01:21 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010.07.17 13:21:07 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.04 20:37:09 | 000,000,000 | ---- | M] () -- C:\Users\Public\Documents\000016CD.LCS
[2010.07.04 20:30:24 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\Disciples III.lnk
[2010.06.29 13:47:54 | 005,501,224 | ---- | M] () -- C:\Program Files (x86)\tfbl.db4
[2010.06.29 13:47:47 | 000,579,116 | ---- | M] () -- C:\Program Files (x86)\tfwl.db5
[2010.06.29 13:47:41 | 000,065,147 | ---- | M] () -- C:\Program Files (x86)\Statistics.xml
[2010.06.29 13:47:41 | 000,004,397 | ---- | M] () -- C:\Program Files (x86)\Blogs.htm
[2010.06.12 13:21:32 | 000,471,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.05.14 18:57:39 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010.05.04 20:06:29 | 001,617,102 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.04.30 19:12:32 | 000,000,632 | ---- | M] () -- C:\Users\Public\Desktop\Total Commander.lnk
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2010.07.23 23:14:42 | 000,000,924 | ---- | C] () -- C:\Users\Sicherheit\Desktop\NTREGOPT.lnk
[2010.07.23 23:14:42 | 000,000,905 | ---- | C] () -- C:\Users\Sicherheit\Desktop\ERUNT.lnk
[2010.07.22 23:41:55 | 001,048,576 | -HS- | C] () -- C:\Users\Sicherheit\NTUSER.DAT
[2010.07.22 23:41:55 | 000,524,288 | -HS- | C] () -- C:\Users\Sicherheit\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.07.22 23:41:55 | 000,524,288 | -HS- | C] () -- C:\Users\Sicherheit\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.07.22 23:41:55 | 000,262,144 | -HS- | C] () -- C:\Users\Sicherheit\ntuser.dat.LOG1
[2010.07.22 23:41:55 | 000,065,536 | -HS- | C] () -- C:\Users\Sicherheit\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.07.22 23:41:55 | 000,000,020 | -HS- | C] () -- C:\Users\Sicherheit\ntuser.ini
[2010.07.22 23:41:55 | 000,000,000 | -HS- | C] () -- C:\Users\Sicherheit\ntuser.dat.LOG2
[2010.07.17 18:01:21 | 000,002,037 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010.07.17 13:21:07 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.04 20:37:09 | 000,000,000 | ---- | C] () -- C:\Users\Public\Documents\000016CD.LCS
[2010.07.04 20:30:24 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\Disciples III.lnk
[2010.06.29 13:47:55 | 005,501,224 | ---- | C] () -- C:\Program Files (x86)\tfbl.db4
[2010.06.07 10:51:43 | 000,579,116 | ---- | C] () -- C:\Program Files (x86)\tfwl.db5
[2010.06.07 10:51:43 | 000,065,147 | ---- | C] () -- C:\Program Files (x86)\Statistics.xml
[2010.06.07 10:51:43 | 000,004,397 | ---- | C] () -- C:\Program Files (x86)\Blogs.htm
[2010.04.30 19:12:32 | 000,000,632 | ---- | C] () -- C:\Users\Public\Desktop\Total Commander.lnk
[2010.04.30 19:12:30 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2010.04.30 19:12:30 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2010.04.30 19:12:30 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2010.04.30 19:12:30 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2010.04.30 19:12:30 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2010.04.30 19:12:30 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2010.04.30 19:12:30 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2010.04.19 11:02:20 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010.03.26 18:13:19 | 001,617,102 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.01.11 22:50:14 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.10.18 13:31:51 | 000,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll
[2009.10.18 13:30:30 | 000,000,424 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.01.25 23:10:48 | 000,179,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.01.09 01:01:22 | 000,629,760 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2004.01.30 15:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\SysWow64\unicows.dll
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
 
========== LOP Check ==========
 
[2010.07.23 10:47:10 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.* >
[2008.04.11 10:07:18 | 000,003,820 | ---- | M] () -- C:\eula.1028.txt
[2008.04.11 10:07:18 | 000,015,428 | ---- | M] () -- C:\eula.1031.txt
[2008.04.11 10:07:18 | 000,010,058 | ---- | M] () -- C:\eula.1033.txt
[2008.04.11 10:07:18 | 000,012,246 | ---- | M] () -- C:\eula.1036.txt
[2008.04.11 10:07:18 | 000,013,912 | ---- | M] () -- C:\eula.1040.txt
[2008.04.11 10:07:18 | 000,005,868 | ---- | M] () -- C:\eula.1041.txt
[2008.04.11 10:07:18 | 000,005,970 | ---- | M] () -- C:\eula.1042.txt
[2008.04.11 10:07:18 | 000,010,134 | ---- | M] () -- C:\eula.1049.txt
[2008.04.11 10:07:18 | 000,003,814 | ---- | M] () -- C:\eula.2052.txt
[2008.04.11 10:07:18 | 000,012,936 | ---- | M] () -- C:\eula.3082.txt
[2008.04.11 10:07:18 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010.07.23 23:12:11 | 3220,074,496 | -HS- | M] () -- C:\hiberfil.sys
[2008.04.11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2008.04.11 10:07:18 | 000,000,843 | ---- | M] () -- C:\install.ini
[2008.04.11 08:03:48 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2008.04.11 08:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2008.04.11 08:03:48 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2008.04.11 08:03:48 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2008.04.11 08:03:48 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2008.04.11 08:03:48 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2008.04.11 08:03:48 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2008.04.11 10:09:24 | 000,093,200 | ---- | M] (Microsoft Corporation) -- C:\install.res.1049.dll
[2008.04.11 08:03:48 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2008.04.11 08:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2006.12.01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010.07.23 23:12:16 | 4293,435,392 | -HS- | M] () -- C:\pagefile.sys
[2008.04.11 10:07:18 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2008.04.11 10:09:38 | 003,797,292 | ---- | M] () -- C:\VC_RED.cab
[2008.04.11 10:11:40 | 000,233,472 | ---- | M] () -- C:\VC_RED.MSI
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.08.29 08:59:32 | 011,406,336 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll
 
< %systemroot%\Tasks\*.job /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\drivers\*.sys /90 >
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
 
< %systemroot%\system32\user32.dll /md5 >
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
 
< %systemroot%\system32\ws2_32.dll /md5 >
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
 
< %systemroot%\system32\ws2help.dll /md5 >
[2009.07.14 03:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\SysWOW64\ws2help.dll
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >

--- --- ---

eine Extras.txt habe ich nicht gefunden

Larusso · 24.07.2010, 21:53

Versuchen wir mal Avira neu zu installieren.
Systemstart schneller geworden ?

lade dir den Avira Registry Cleaner sowie
Avira 9 herunter.( noch nicht installieren)
Extrahiere den Inhalt des .zip-Ordners in den Vorgegebenen Pfad.
deinstallliere AntiVir über die Systemsteuerung
starte deinen Rechner neu.
doppelklick auf den entstandenen Ordner --> klick auf die regcleaner.exe
Im Cleaner auf "keys auslesen" --> alle markieren --> löschen klicken
PC neu starten.
Installiere nun Avira bevor Du wieder ins Netz gehst

Stelzenbein · 24.07.2010, 22:31

das Ist dann aber Avira 10 und nicht 9 so wie beschrieben soll ich dann den 10er laden?

Stelzenbein · 30.07.2010, 09:02

Ich habe als Admin auf dem admin ACC instaliert, aber ich bekomme das nicht ans laufen. Habe aber auch mitlerweile erfahren das die erkennung von unbekannten vieren und Würmer wohl bei der 64 bit version von Windows Probleme macht und dann Microsoft Security Essentials instaliert. Das ging ohne probleme.

Larusso · 30.07.2010, 09:54

Lass mal CCleaner laufen. Ich steh zwar nicht auf RegCleaner, aber da dürfte sich jetzt ne menge Müll gesammelt haben.

Sollte CCleaner immer den selben Schlüssel melden und wird nicht gelöscht, keine Panik der gehört Avira und geht nicht weg

Noch Fragen etc ?

Stelzenbein · 03.08.2010, 08:44

Erstmal keine Fragen mehr danke für deine Arbeit

Larusso · 03.08.2010, 11:01

Dieses Thema scheint erledigt und wird aus den Abos gelöscht. Solltest Du das Thema erneut benötigen, bitte eine PN an mich.

Jeder andere möge bitte einen eigenen Thread starten.

Avira AntiVir reagiert mergwürdig

Log-Analyse und Auswertung: Avira AntiVir reagiert mergwürdig