Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: 20 Tan Trojaner Deutsche Bank

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.09.2010, 16:42   #1
schnppl
 
20 Tan Trojaner Deutsche Bank - Standard

20 Tan Trojaner Deutsche Bank



Hi,
ich habe das Problem, dass nach log in beim Online-Banking der deutschen Bank die Abfrage nach 20 Tans auftaucht.
Ich habe hier leider keinen Threat gefunden der nicht nach dem ersten Schritt schon so speziell wurde, dass er für mich keine Lösung mehr darstellte.
Ich würde mich super über Hilfe freuen.
Danke

OTL:
<textarea readonly cols="60" rows="20">OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.09.2010 16:27:21 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\schnppl\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 199,90 Gb Total Space | 39,97 Gb Free Space | 19,99% Space Free | Partition Type: NTFS
Drive D: | 200,00 Gb Total Space | 199,90 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Drive E: | 65,76 Gb Total Space | 7,27 Gb Free Space | 11,05% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SCHNPPL-PC
Current User Name: schnppl
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\schnppl\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\SOUNDGRAPH\iMON\iMON.exe (SoundGraph, Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\schnppl\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files (x86)\SOUNDGRAPH\iMON\SG_ShellMon.dll (SoundGraph, Inc.)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (NAV) -- C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe (Symantec Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (SYMTDIv) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symtdiv.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\ironx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symefa64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\cchpx64.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symds64.sys (Symantec Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (copperhd) -- C:\Windows\SysNative\drivers\copperhd.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\VirusDefs\20100906.024\EX64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\VirusDefs\20100906.024\ENG64.SYS (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\BASHDefs\20100810.004\BHDrvx64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\IPSDefs\20100906.001\IDSviA64.sys (Symantec Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FD 3C 9B 23 52 48 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\IPSFFPlgn\ [2010.09.01 12:15:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.08.03 20:52:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.08.23 17:26:28 | 000,000,000 | ---D | M]
 
[2010.08.03 20:52:22 | 000,000,000 | ---D | M] -- C:\Users\schnppl\AppData\Roaming\Mozilla\Extensions
[2010.08.31 21:57:50 | 000,000,000 | ---D | M] -- C:\Users\schnppl\AppData\Roaming\Mozilla\Firefox\Profiles\i6aj1hxs.default\extensions
[2010.08.04 20:20:43 | 000,000,000 | ---D | M] -- C:\Users\schnppl\AppData\Roaming\Mozilla\Firefox\Profiles\i6aj1hxs.default\extensions\firefox@tvunetworks.com
[2010.08.03 20:52:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.07.18 23:22:49 | 000,000,903 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [iMON] C:\Program Files (x86)\SOUNDGRAPH\iMON\iMON.exe (SoundGraph, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.191.74.11 213.191.92.82
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8074f8bd-ea53-11de-bd70-90e6ba5d1a5c}\Shell - "" = AutoRun
O33 - MountPoints2\{8074f8bd-ea53-11de-bd70-90e6ba5d1a5c}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: certentc - (C:\Windows\system32\ctfmshta.dll) - C:\Windows\SysWOW64\ctfmshta.dll ()
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.07 16:25:44 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\schnppl\Desktop\OTL.exe
[2010.09.07 16:04:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.07 16:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.07 15:42:58 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\schnppl\Desktop\mbam-setup-1.46.exe
[2010.09.01 20:30:26 | 000,000,000 | ---D | C] -- C:\Users\schnppl\Documents\KONAMI
[2010.09.01 20:14:38 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI
[2010.09.01 20:14:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KONAMI
[2010.09.01 00:01:25 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\srtsp64.sys
[2010.09.01 00:01:25 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symtdiv.sys
[2010.09.01 00:01:25 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symds64.sys
[2010.09.01 00:01:25 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symefa64.sys
[2010.09.01 00:01:25 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\srtspx64.sys
[2010.09.01 00:01:24 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\cchpx64.sys
[2010.09.01 00:01:24 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\ironx64.sys
[2010.09.01 00:01:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C
[2010.08.31 21:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010.08.31 21:35:41 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010.08.31 21:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010.08.31 21:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010.08.31 21:34:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64
[2010.08.31 21:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2010.08.31 21:34:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.08.31 21:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010.08.31 21:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010.08.29 15:21:37 | 000,000,000 | ---D | C] -- C:\Users\schnppl\Desktop\Prakt
[2010.08.23 18:20:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gs
[2010.08.23 18:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Blender
[2010.08.23 17:57:37 | 000,000,000 | ---D | C] -- C:\Users\schnppl\Documents\Template
[2010.08.23 17:25:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010.08.21 16:38:42 | 000,000,000 | ---D | C] -- C:\Users\schnppl\AppData\Roaming\download2
[2010.08.18 16:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DigiDNA
[2010.08.18 14:10:33 | 000,000,000 | ---D | C] -- C:\Users\schnppl\AppData\Roaming\DiskAid
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.07 16:29:43 | 003,932,160 | -HS- | M] () -- C:\Users\schnppl\ntuser.dat
[2010.09.07 16:25:47 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\schnppl\Desktop\OTL.exe
[2010.09.07 16:04:46 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.07 15:42:58 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\schnppl\Desktop\mbam-setup-1.46.exe
[2010.09.07 15:29:46 | 001,090,230 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\Cat.DB
[2010.09.07 12:53:55 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.07 12:53:55 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.07 12:46:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.07 12:46:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.07 12:46:40 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.04 20:40:37 | 004,393,852 | -H-- | M] () -- C:\Users\schnppl\AppData\Local\IconCache.db
[2010.09.01 20:30:41 | 000,001,281 | ---- | M] () -- C:\Users\Public\Desktop\PESEdit.com 2010 Patch.lnk
[2010.09.01 05:01:47 | 000,002,385 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010.08.31 21:35:40 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010.08.31 21:35:40 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010.08.31 21:35:40 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010.08.31 09:02:16 | 000,002,093 | ---- | M] () -- C:\Users\schnppl\Desktop\HijackThis.lnk
[2010.08.30 00:08:48 | 000,271,680 | ---- | M] () -- C:\Users\schnppl\Documents\dehst new.xlsm
[2010.08.26 17:30:21 | 000,717,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.26 17:30:21 | 000,609,896 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.26 17:30:21 | 000,104,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.25 10:43:19 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010.08.25 10:43:19 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2010.08.24 21:16:15 | 000,046,592 | -H-- | M] () -- C:\Windows\SysWow64\ctfmshta.dll
[2010.08.23 17:40:55 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010.08.23 17:31:17 | 000,108,840 | ---- | M] () -- C:\Users\schnppl\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.23 17:30:49 | 004,979,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.18 13:53:16 | 000,139,432 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.08.18 11:41:29 | 000,168,133 | ---- | M] () -- C:\Users\schnppl\Documents\dehst.xlsm
 
========== Files Created - No Company Name ==========
 
[2010.09.07 16:04:45 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.01 20:30:41 | 000,001,281 | ---- | C] () -- C:\Users\Public\Desktop\PESEdit.com 2010 Patch.lnk
[2010.09.01 05:01:01 | 001,090,230 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\Cat.DB
[2010.09.01 00:01:25 | 000,007,829 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symefa64.cat
[2010.09.01 00:01:25 | 000,007,787 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symnetv64.cat
[2010.09.01 00:01:25 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\srtspx64.cat
[2010.09.01 00:01:25 | 000,007,406 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symds64.cat
[2010.09.01 00:01:25 | 000,007,368 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symnet64.cat
[2010.09.01 00:01:25 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symefa.inf
[2010.09.01 00:01:25 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symds.inf
[2010.09.01 00:01:25 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symnetv.inf
[2010.09.01 00:01:25 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\symnet.inf
[2010.09.01 00:01:25 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\srtspx64.inf
[2010.09.01 00:01:24 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\srtsp64.cat
[2010.09.01 00:01:24 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\iron.cat
[2010.09.01 00:01:24 | 000,007,358 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\cchpx64.cat
[2010.09.01 00:01:24 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\cchpx64.inf
[2010.09.01 00:01:24 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\srtsp64.inf
[2010.09.01 00:01:24 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\iron.inf
[2010.09.01 00:01:11 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1107000.00C\isolate.ini
[2010.08.31 21:35:41 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010.08.31 21:35:41 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010.08.31 21:35:22 | 000,002,385 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010.08.31 09:02:16 | 000,002,093 | ---- | C] () -- C:\Users\schnppl\Desktop\HijackThis.lnk
[2010.08.25 10:43:06 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010.08.25 10:43:06 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2010.08.24 21:16:15 | 000,046,592 | -H-- | C] () -- C:\Windows\SysWow64\ctfmshta.dll
[2010.08.18 13:53:16 | 000,139,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.08.18 12:17:27 | 000,271,680 | ---- | C] () -- C:\Users\schnppl\Documents\dehst new.xlsm
[2010.08.03 20:45:14 | 000,000,000 | ---- | C] () -- C:\Users\schnppl\AppData\Roaming\193334A8D1A6415994998556736BDFE0.dat
[2010.06.12 00:29:08 | 000,000,901 | ---- | C] () -- C:\Windows\venple.ini
[2010.05.04 22:22:39 | 000,000,132 | ---- | C] () -- C:\Users\schnppl\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2010.02.07 18:54:06 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010.01.29 15:11:16 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.01.27 19:39:28 | 000,000,276 | ---- | C] () -- C:\Windows\_delis32.ini
[2010.01.27 19:35:25 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2010.01.21 10:43:54 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.12.16 15:43:52 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.12.16 15:43:50 | 000,028,617 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
< End of report >
         
--- --- ---
</textarea>

OTL Extra:

<textarea readonly cols="60" rows="20">OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 07.09.2010 16:27:21 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\schnppl\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 199,90 Gb Total Space | 39,97 Gb Free Space | 19,99% Space Free | Partition Type: NTFS
Drive D: | 200,00 Gb Total Space | 199,90 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Drive E: | 65,76 Gb Total Space | 7,27 Gb Free Space | 11,05% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SCHNPPL-PC
Current User Name: schnppl
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Users\schnppl\AppData\Local\Temp\0.41039457283498526.exe" = C:\Users\schnppl\AppData\Local\Temp\0.41039457283498526.exe:*:Enabled:ldrsoft -- File not found
"C:\Users\schnppl\AppData\Roaming\download2\svcnost.exe" = C:\Users\schnppl\AppData\Roaming\download2\svcnost.exe:*:Enabled:ldrsoft -- File not found
"C:\Users\schnppl\AppData\Local\Temp\0.41039457283498526.exe" = C:\Users\schnppl\AppData\Local\Temp\0.41039457283498526.exe:*:Enabled:ldrsoft -- File not found
"C:\Users\schnppl\AppData\Roaming\download2\svcnost.exe" = C:\Users\schnppl\AppData\Roaming\download2\svcnost.exe:*:Enabled:ldrsoft -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416017FF}" = Java(TM) 6 Update 17 (64-bit)
"{2729DB28-1CDC-EB41-A806-35D0AA7A8A72}" = ATI Catalyst Install Manager
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{53529DAD-F7C9-476E-87CC-1547C4E3E821}" = iTunes
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}" = Microsoft Xbox 360 Accessories 1.1
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"WinRAR archiver" = WinRAR archiver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}" = Mathcad 14 Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3B2A1453-E69E-5F62-AA11-AB09A4E962AD}" = Catalyst Control Center InstallProxy
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C6B29F03-4D97-3B4E-D906-70958E6B1448}" = HydraVision
"{C96A23CB-DDE6-4DEF-AD83-D5D5037D4316}" = iMON
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}" = Mathcad 14
"{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}" = Mathcad 14 Resource Center
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AFE37E47-37E7-435a-A665-729806B98AEF_is1" = PTFB Pro 4.0.0.0
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2(CREATED BY XEONKING©)
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DiskAid_is1" = DiskAid 4.05
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NAV" = Norton AntiVirus
"Office14.PRJPROR" = Microsoft Project Professional 2010
"R-Studio 4.6NSIS" = R-Studio 4.6
"SopCast" = SopCast 3.2.9
"StarCraft II Beta" = StarCraft II Beta
"Steam App 10" = Counter-Strike
"Veetle TV" = Veetle TV 0.9.17
"Vensim® PLE" = Vensim® PLE
"VLC media player" = VLC media player 1.0.3
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 31.08.2010 14:36:15 | Computer Name = schnppl-PC | Source = Application Error | ID = 1000
Description = Faulting application name: pes2010plus.exe, version: 1.3.2.8, time
stamp: 0x4c05f63f Faulting module name: pes2010plus.exe, version: 1.3.2.8, time 
stamp: 0x4c05f63f Exception code: 0xc0000005 Fault offset: 0x00005cd2 Faulting process
id: 0x1284 Faulting application start time: 0x01cb493b64635966 Faulting application
path: C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2010\pes2010plus.exe Faulting
module path: C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2010\pes2010plus.exe
Report
Id: a2ce525a-b52e-11df-b91c-90e6ba5d1a5c
 
Error - 31.08.2010 14:36:20 | Computer Name = schnppl-PC | Source = Application Error | ID = 1000
Description = Faulting application name: pes2010plus.exe, version: 1.3.2.8, time
stamp: 0x4c05f63f Faulting module name: pes2010plus.exe, version: 1.3.2.8, time 
stamp: 0x4c05f63f Exception code: 0xc0000005 Fault offset: 0x00005cd2 Faulting process
id: 0xa20 Faulting application start time: 0x01cb493b6736fbb2 Faulting application
path: C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2010\pes2010plus.exe Faulting
module path: C:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2010\pes2010plus.exe
Report
Id: a54c431d-b52e-11df-b91c-90e6ba5d1a5c
 
Error - 31.08.2010 15:02:31 | Computer Name = schnppl-PC | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.1.7600.16385, time
stamp: 0x4a5bced5 Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp:
0x4a8929b1 Exception code: 0xc0000005 Fault offset: 0x000000000005d272 Faulting process
id: 0x1134 Faulting application start time: 0x01cb493f0b7c7fda Faulting application
path: C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\VIASysFx.dll
Report
Id: 4e1ec229-b532-11df-b91c-90e6ba5d1a5c
 
Error - 01.09.2010 14:25:48 | Computer Name = schnppl-PC | Source = Application Hang | ID = 1002
Description = The program MSIEXEC.EXE version 5.0.7600.16385 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1224 Start
Time: 01cb4a02d4337f15 Termination Time: 10 Application Path: C:\Windows\SysWOW64\MSIEXEC.EXE
 
Report
Id: 50ed920a-b5f6-11df-9f0e-90e6ba5d1a5c 
 
Error - 01.09.2010 15:10:27 | Computer Name = schnppl-PC | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.1.7600.16385, time
stamp: 0x4a5bced5 Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp:
0x4a8929b1 Exception code: 0xc0000005 Fault offset: 0x000000000005d272 Faulting process
id: 0x1364 Faulting application start time: 0x01cb4a095547086f Faulting application
path: C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\VIASysFx.dll
Report
Id: 93ca2d3e-b5fc-11df-9f0e-90e6ba5d1a5c
 
Error - 02.09.2010 15:35:10 | Computer Name = schnppl-PC | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.1.7600.16385, time
stamp: 0x4a5bced5 Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp:
0x4a8929b1 Exception code: 0xc0000005 Fault offset: 0x000000000005d272 Faulting process
id: 0x1288 Faulting application start time: 0x01cb4acb6452a398 Faulting application
path: C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\VIASysFx.dll
Report
Id: 32b4967a-b6c9-11df-9f0e-90e6ba5d1a5c
 
Error - 02.09.2010 18:13:52 | Computer Name = schnppl-PC | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.1.7600.16385, time
stamp: 0x4a5bced5 Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp:
0x4a8929b1 Exception code: 0xc0000005 Fault offset: 0x000000000005d272 Faulting process
id: 0x1064 Faulting application start time: 0x01cb4aec1f7eaf53 Faulting application
path: C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\VIASysFx.dll
Report
Id: 5e0732d3-b6df-11df-9f0e-90e6ba5d1a5c
 
Error - 03.09.2010 05:10:48 | Computer Name = schnppl-PC | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.1.7600.16385, time
stamp: 0x4a5bced5 Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp:
0x4a8929b1 Exception code: 0xc0000005 Fault offset: 0x000000000005d272 Faulting process
id: 0xe88 Faulting application start time: 0x01cb4b47c58ecf83 Faulting application
path: C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\VIASysFx.dll
Report
Id: 239b2171-b73b-11df-b379-90e6ba5d1a5c
 
Error - 03.09.2010 09:18:07 | Computer Name = schnppl-PC | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.1.7600.16385, time
stamp: 0x4a5bced5 Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp:
0x4a8929b1 Exception code: 0xc0000005 Fault offset: 0x000000000005d272 Faulting process
id: 0x3e8 Faulting application start time: 0x01cb4b6a5e930fbb Faulting application
path: C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\VIASysFx.dll
Report
Id: b0844cc2-b75d-11df-b379-90e6ba5d1a5c
 
Error - 06.09.2010 17:10:13 | Computer Name = schnppl-PC | Source = Application Error | ID = 1000
Description = Faulting application name: AUDIODG.EXE, version: 6.1.7600.16385, time
stamp: 0x4a5bced5 Faulting module name: VIASysFx.dll, version: 1.0.0.0, time stamp:
0x4a8929b1 Exception code: 0xc0000005 Fault offset: 0x000000000005d272 Faulting process
id: 0x52c Faulting application start time: 0x01cb4e07e3f30d6e Faulting application
path: C:\Windows\system32\AUDIODG.EXE Faulting module path: C:\Windows\system32\VIASysFx.dll
Report
Id: 23387191-b9fb-11df-a250-90e6ba5d1a5c
 
[ OSession Events ]
Error - 29.06.2010 17:01:17 | Computer Name = schnppl-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 536
seconds with 420 seconds of active time. This session ended with a crash.
 
Error - 13.07.2010 17:03:01 | Computer Name = schnppl-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5262
seconds with 780 seconds of active time. This session ended with a crash.
 
[ System Events ]
Error - 06.09.2010 16:46:22 | Computer Name = schnppl-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 06.09.2010 16:46:23 | Computer Name = schnppl-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 06.09.2010 16:59:48 | Computer Name = schnppl-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 06.09.2010 17:59:02 | Computer Name = schnppl-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 06.09.2010 17:59:03 | Computer Name = schnppl-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 07.09.2010 06:46:46 | Computer Name = schnppl-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 07.09.2010 06:46:46 | Computer Name = schnppl-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 07.09.2010 06:46:48 | Computer Name = schnppl-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 07.09.2010 06:46:48 | Computer Name = schnppl-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 07.09.2010 06:48:55 | Computer Name = schnppl-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
 
< End of report >
         
--- --- ---
</textarea>

Malwarebytes:

<textarea readonly cols="60" rows="20">
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4562

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

07.09.2010 16:40:49
mbam-log-2010-09-07 (16-40-49).txt

Scan type: Quick scan
Objects scanned: 138282
Time elapsed: 2 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

</textarea>

Alt 08.09.2010, 11:42   #2
schnppl
 
20 Tan Trojaner Deutsche Bank - Standard

20 Tan Trojaner Deutsche Bank



Hat sich erledigt.
Wie schliesse ich den Threat?
__________________


Antwort

Themen zu 20 Tan Trojaner Deutsche Bank
20 tan, 20 tan trojaner, 20 tans, 64-bit, action center, adobe, antivirus, audiodg.exe, bho, bonjour, c:\windows\system32\rundll32.exe, call of duty, components, defender, deutsche bank, deutsche bank 20 tan trojaner, document, e-banking, error, excel, firefox, flash player, format, hijack, install.exe, intrusion prevention, langs, local\temp, location, log in, logfile, microsoft office word, mozilla, msiexec.exe, object, oldtimer, otl logfile, otl.exe, photoshop, problem, programdata, realtek, registry, rundll, saver, searchplugins, security, security update, shell32.dll, shortcut, software, sptd.sys, super, symantec, syswow64, tan trojaner, trojaner, usbaapl64, vdeck.exe, vlc media player, webcheck, windows



Ähnliche Themen: 20 Tan Trojaner Deutsche Bank


  1. Deutsche Bank Trojaner fordert 20 TANs an
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (9)
  2. Deutsche Bank Trojaner 100 Tan
    Log-Analyse und Auswertung - 12.04.2013 (7)
  3. Deutsche Bank Trojaner fordert 100 Tan´s
    Plagegeister aller Art und deren Bekämpfung - 03.12.2012 (3)
  4. Deutsche Bank Tan Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.07.2011 (3)
  5. 100 Tan Trojaner Deutsche Bank
    Plagegeister aller Art und deren Bekämpfung - 08.06.2011 (15)
  6. Deutsche Bank 100 TAN Trojaner - Was nun?
    Plagegeister aller Art und deren Bekämpfung - 29.05.2011 (34)
  7. Deutsche Bank Trojaner c:\recycle.bin (Trojan.Spyeyes)
    Plagegeister aller Art und deren Bekämpfung - 20.05.2011 (37)
  8. Deutsche Bank Trojaner, TAN Abfrage
    Plagegeister aller Art und deren Bekämpfung - 24.03.2011 (4)
  9. Deutsche Bank 30 tan trojaner
    Plagegeister aller Art und deren Bekämpfung - 08.01.2011 (22)
  10. Und nochmal Deutsche Bank TAN-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 03.11.2010 (16)
  11. Trojaner deutsche Bank TAN eingeben
    Plagegeister aller Art und deren Bekämpfung - 28.10.2010 (1)
  12. Trojaner Deutsche Bank
    Plagegeister aller Art und deren Bekämpfung - 27.10.2010 (34)
  13. Deutsche Bank Trojaner
    Plagegeister aller Art und deren Bekämpfung - 22.10.2010 (43)
  14. deutsche bank 30 tan trojaner
    Plagegeister aller Art und deren Bekämpfung - 12.10.2010 (6)
  15. 20 TAN Trojaner in Firefox- Deutsche Bank
    Plagegeister aller Art und deren Bekämpfung - 02.10.2010 (4)
  16. Deutsche Bank Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 22.09.2010 (13)
  17. Trojaner? Deutsche Bank will 30 Tans
    Plagegeister aller Art und deren Bekämpfung - 09.08.2010 (10)

Zum Thema 20 Tan Trojaner Deutsche Bank - Hi, ich habe das Problem, dass nach log in beim Online-Banking der deutschen Bank die Abfrage nach 20 Tans auftaucht. Ich habe hier leider keinen Threat gefunden der nicht nach - 20 Tan Trojaner Deutsche Bank...
Archiv
Du betrachtest: 20 Tan Trojaner Deutsche Bank auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.