Windows-Blockierung durch Trojaner ("50 Euro-Virus")

Martin22 · 04.02.2012, 22:23

Hallo zusammen,

ich hab leider auch diesen Trojaner auf dem Rechner,
der Windows blockiert und auf Grund angeblich
besuchter pornografischer Seiten 50 Euro zur
Bereinigung des Systems erfordert.

Diese OTL-Datei habe ich bereits runtergeladen
und entsprechend der Hinweise (hoffentlich richtig) verwendet:

Nachfolgend die OTL.Txt.-"Ergebnisse"

OTL logfile created on: 04.02.2012 21:55:10 - Run 1
OTL by OldTimer - Version 3.2.31.0 Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,82% Memory free
6,19 Gb Paging File | 5,06 Gb Available in Paging File | 81,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,97 Gb Total Space | 628,28 Gb Free Space | 68,89% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 13,58 Gb Free Space | 69,54% Space Free | Partition Type: FAT32

Computer Name: HOME | User Name: | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Iris.Home\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
PRC - C:\Programme\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Google\Google EULA\GoogleEULALauncher.exe (Google)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Norton Ghost\Shared\Drivers\SymSnapService.exe (Symantec)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Windows\System32\PSIService.exe ()
PRC - C:\Programme\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe (Belkin)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3238.38646__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3238.38722__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3238.38632__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3238.38648__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3238.38703__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3238.38684__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3238.38643__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3238.38670__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3238.38639__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3238.38673__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3238.38640__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3238.38736__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3238.38649__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3238.38698__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3238.38689__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3238.38648__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3238.38723__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3238.38681__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3238.38690__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3238.38672__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3238.38736__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3238.38638__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3238.38689__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3238.38721__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3238.38651__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3238.38681__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3238.38666__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3238.38671__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3218.28666__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3218.28705__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3238.38670__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3218.28702__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3238.38671__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3218.28664__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3218.28685__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3238.38682__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3218.28665__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3218.28727__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3218.28701__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3218.28687__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3218.28672__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3218.28689__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3218.28677__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3218.28672__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3218.28686__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3218.28687__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3218.28688__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3218.28676__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3218.28683__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3218.28685__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3238.38731__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3218.28686__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3218.28685__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3218.28678__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3238.38739__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3238.38630__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3238.38636__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3238.38712__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3238.38643__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3238.38717__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3238.38630__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3238.38630__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3238.38716__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3238.38631__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3218.28675__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3218.28672__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3238.38717__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3218.28686__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3218.28695__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3238.38628__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3238.38629__90ba9c70f846762e\AEM.Server.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll ()
MOD - c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Belkin\USB F5D7050\Wireless Utility\BelkinwcuiDLL.dll ()
MOD - C:\Programme\Belkin\USB F5D7050\Wireless Utility\BelkinHWStatus.dll ()

========== Win32 Services (SafeList) ==========

SRV - (NMIndexingService) -- File not found
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Norton Ghost) -- C:\Programme\Norton Ghost\Agent\VProSvc.exe (Symantec Corporation)
SRV - (SymSnapService) -- C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe (Symantec)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()

========== Driver Services (SafeList) ==========

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (v2imount) -- C:\Windows\System32\drivers\v2imount.sys (Symantec Corporation)
DRV - (symsnap) -- C:\Windows\system32\DRIVERS\symsnap.sys (StorageCraft)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (VProEventMonitor) -- C:\Windows\System32\drivers\vproeventmonitor.sys (Symantec Corporation)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin) -- C:\Windows\System32\drivers\BLKWGU.sys (Belkin Corporation)
DRV - (ZD1211U(ZyXEL)) ZyAIR G-220 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyXEL) -- C:\Windows\System32\drivers\ZD1211U.sys (ZyDAS Technology Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.medion.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\npPDFXCviewNPPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{191d3f14-ff4c-4895-bdea-db54526cb49a}: C:\Program Files\Adobe\Flash [2009.07.19 12:11:47 | 000,000,000 | ---D | M]

[2009.04.30 16:56:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

Hosts file not found
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe (Google)
O4 - HKLM..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" File not found
O4 - HKLM..\Run: [Norton Ghost 14.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" File not found
O4 - HKCU..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Öffnen mit WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{225CC8E2-4EDF-40B5-B4CB-76F32A607D8C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C60502B-F3C2-4A8F-AAE8-EEA6D509944D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62FFFEA9-0BC6-4137-9629-95F6DE95A957}: NameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Iris.Home\Anwendungsdaten\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Iris.Home\Anwendungsdaten\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.22 19:28:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\AUTOEXEC.BAT.bak -- [ NTFS ]
O33 - MountPoints2\{48ddad0f-109a-11de-a5fb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{48ddad0f-109a-11de-a5fb-806e6f6e6963}\Shell\AutoRun\command - "" = E:\cdrun.exe
O34 - HKLM BootExecute: (autocheck autochk /p \??\I

O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.02.04 21:58:12 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.02.04 21:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.04 21:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.04 21:58:02 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.04 21:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.04 20:05:50 | 000,000,000 | ---D | C] -- C:\Users\Iris.Home\Eigene Dateien\Meine empfangenen Dateien
[2012.01.29 11:11:57 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[1996.11.18 23:15:46 | 000,018,944 | ---- | C] ( ) -- C:\Windows\System32\IMPLODE.DLL
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.02.04 21:59:21 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.02.04 21:58:05 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.04 21:46:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.04 21:46:39 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.04 21:46:31 | 3220,414,464 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.04 20:08:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2012.02.04 20:08:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2012.02.04 18:29:00 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2012.02.04 18:29:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2012.02.03 20:31:32 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2012.02.03 20:31:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2012.02.02 22:46:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2012.02.02 22:46:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2012.02.02 22:19:58 | 000,000,723 | ---- | M] () -- C:\Toolbars.dat
[2012.02.01 22:40:23 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2012.02.01 22:40:23 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2012.01.31 21:17:19 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2012.01.31 21:17:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2012.01.30 22:15:25 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2012.01.30 22:15:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2012.01.29 20:53:50 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2012.01.29 20:53:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2012.01.29 11:11:57 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.01.28 22:54:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2012.01.28 22:54:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2012.01.27 21:58:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2012.01.27 21:58:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2012.01.27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.01.26 20:55:22 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2012.01.26 20:55:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2012.01.25 22:11:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2012.01.25 22:11:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2012.01.25 12:24:47 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2012.01.25 12:24:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2012.01.24 21:31:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2012.01.24 21:31:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2012.01.23 20:25:14 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2012.01.23 20:25:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2012.01.22 19:55:50 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2012.01.22 19:55:50 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2012.01.21 20:00:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2012.01.21 20:00:49 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2012.01.20 19:46:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2012.01.20 19:46:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2012.01.19 21:16:42 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2012.01.19 21:16:42 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2012.01.18 22:24:58 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2012.01.18 22:24:58 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.02.04 21:58:05 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011.06.11 17:28:20 | 000,003,461 | ---- | C] () -- C:\Windows\LITERAT.INI
[2009.04.04 12:43:34 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2009.03.14 14:20:06 | 000,003,636 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009.01.08 13:04:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.01.08 12:08:39 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009.01.08 12:08:39 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.01.08 12:08:38 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.01.08 12:08:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.01.08 12:08:38 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009.01.08 11:53:01 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.01.08 11:53:01 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.12.18 19:34:22 | 000,016,098 | ---- | C] () -- C:\Windows\German2.ini
[2008.12.11 13:43:20 | 000,215,144 | R--- | C] () -- C:\Windows\pw32a.dll
[2008.12.11 13:43:20 | 000,215,144 | R--- | C] () -- C:\Windows\patchw32.dll
[2008.11.24 21:04:29 | 000,180,224 | ---- | C] () -- C:\Windows\UninstallWSST.exe
[2008.11.23 18:45:34 | 000,000,083 | ---- | C] () -- C:\Windows\WSST_Screen_Saver.ini
[2008.11.23 18:45:28 | 000,145,167 | ---- | C] () -- C:\Windows\unstall.exe
[2008.11.23 14:35:52 | 000,552,960 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.11.23 14:35:52 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.11.23 14:35:51 | 000,008,704 | ---- | C] () -- C:\Windows\System32\vidccleaner.exe
[2008.11.23 14:25:18 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2008.11.22 21:12:17 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.11.22 20:37:43 | 000,084,644 | ---- | C] () -- C:\Windows\System32\drivers\FwRad17.bin
[2008.11.22 20:37:43 | 000,083,024 | ---- | C] () -- C:\Windows\System32\drivers\FwRad16.bin
[2008.11.22 20:07:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ZDWlan.dll
[2008.11.22 20:07:53 | 000,040,960 | ---- | C] () -- C:\Windows\System32\PassAPP.dll
[2008.11.22 20:07:53 | 000,028,672 | ---- | C] () -- C:\Windows\System32\InsDrvZD.dll
[2008.11.22 19:50:31 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.11.22 19:31:24 | 000,001,082 | ---- | C] () -- C:\Windows\System32\OEMINFO.INI
[2008.11.22 19:26:04 | 000,021,740 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2008.11.22 19:01:06 | 000,004,161 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008.11.22 19:00:06 | 000,249,456 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2008.02.27 11:30:18 | 000,000,022 | ---- | C] () -- C:\ProgramData\60a7806a-0eea-424c-a464-20f4730cd631
[2007.08.23 18:30:00 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2006.11.02 20:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat.defect
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.07.12 14:44:42 | 000,015,872 | ---- | C] () -- C:\Windows\System32\InsDrvZD64.DLL
[2004.08.02 14:20:40 | 000,004,569 | ---- | C] () -- C:\Windows\System32\secupd.dat
[2003.07.30 10:49:22 | 013,107,200 | ---- | C] () -- C:\Windows\System32\oembios.bin
[2003.07.30 10:48:28 | 000,004,711 | ---- | C] () -- C:\Windows\System32\oembios.dat
[2003.04.02 13:00:00 | 001,868,868 | ---- | C] () -- C:\Windows\System32\RSA32_16.DLL
[2003.04.02 13:00:00 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003.04.02 13:00:00 | 000,621,704 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2003.04.02 13:00:00 | 000,589,884 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2003.04.02 13:00:00 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2003.04.02 13:00:00 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2003.04.02 13:00:00 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2003.04.02 13:00:00 | 000,123,654 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2003.04.02 13:00:00 | 000,101,896 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2003.04.02 13:00:00 | 000,046,258 | ---- | C] () -- C:\Windows\System32\mib.bin
[2003.04.02 13:00:00 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2003.04.02 13:00:00 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2003.04.02 13:00:00 | 000,001,804 | ---- | C] () -- C:\Windows\System32\dcache.bin
[2003.04.02 13:00:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2003.03.14 12:24:00 | 000,024,576 | ---- | C] () -- C:\Windows\System32\ZyDelReg.exe
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2002.05.26 17:53:00 | 000,054,272 | ---- | C] () -- C:\Windows\System32\P2IRDAO.DLL
[2001.08.03 19:22:00 | 000,182,896 | ---- | C] () -- C:\Windows\System32\drivers\NAVAP.SYS
[1998.05.11 00:00:00 | 000,748,160 | ---- | C] () -- C:\Windows\System32\CO2C40EN.DLL
[1996.11.18 23:15:52 | 000,131,072 | ---- | C] () -- C:\Windows\System32\P2SODBC.DLL
[1996.11.18 23:15:50 | 000,050,176 | ---- | C] () -- C:\Windows\System32\P2CTDAO.DLL
[1996.11.18 23:15:50 | 000,036,352 | ---- | C] () -- C:\Windows\System32\P2BBND.DLL

< End of report >

Windows-Blockierung durch Trojaner ("50 Euro-Virus")

Log-Analyse und Auswertung: Windows-Blockierung durch Trojaner ("50 Euro-Virus")

Windows-Blockierung durch Trojaner ("50 Euro-Virus")

Ähnliche Themen: Windows-Blockierung durch Trojaner ("50 Euro-Virus")