Online-Banking durch Trojaner Gozi gesperrt

benski · 13.11.2010, 02:14

Hallo,

ich habe heute morgen erfahren, daß meine Bank mir meinen Online-Zugang aufgrund eines Trojaners gesperrt hat. Der entsprechende Techniker konnte / wollte mir nur sagen, daß es sich um den Trojaner Gozi handelt. Nun habe ich sowohl AVG Anti-Virus laufen lassen und auch Anti-Malware, aber beide haben nichts entdeckt. Ich hoffe, Ihr könnt mir vielleicht weiterhelfen?

Hier erstmal das log von Anti-Malware:

Zitat:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5104

Windows 5.2.3790 Service Pack 2
Internet Explorer 8.0.6001.18702

13.11.2010 01:45:01
mbam-log-2010-11-13 (01-45-01).txt

Scan type: Quick scan
Objects scanned: 151748
Time elapsed: 5 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Wie in der Anleitung beschrieben, habe ich auch OTL laufen lassen. Hier das erste [extras.txt]:

OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 13.11.2010 01:57:53 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\***\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 372,38 Gb Free Space | 79,95% Space Free | Partition Type: NTFS
Drive D: | 7,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 1863,01 Gb Total Space | 683,65 Gb Free Space | 36,70% Space Free | Partition Type: NTFS
Drive F: | 1863,02 Gb Total Space | 1367,30 Gb Free Space | 73,39% Space Free | Partition Type: NTFS
 
Computer Name: ***| User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url[@ = InternetShortcut] -- C:\WINDOWS\system32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- C:\WINDOWS\system32\ieframe.DLL (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 File not found
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
 
========== System Restore Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files (x86)\World of Warcraft\Launcher.exe" = C:\Program Files (x86)\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"C:\Program Files (x86)\Azureus\Azureus.exe" = C:\Program Files (x86)\Azureus\Azureus.exe:*:Enabled:Azureus -- (Aelitis)
"C:\Program Files (x86)\Codemasters\GRID\GRID.exe" = C:\Program Files (x86)\Codemasters\GRID\GRID.exe:*:Enabled:GRID -- (Codemasters)
"C:\Program Files (x86)\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe" = C:\Program Files (x86)\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files (x86)\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe" = C:\Program Files (x86)\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files (x86)\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe" = C:\Program Files (x86)\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files (x86)\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe" = C:\Program Files (x86)\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files (x86)\World of Warcraft\BackgroundDownloader.exe" = C:\Program Files (x86)\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Program Files (x86)\StarCraft II\StarCraft II.exe" = C:\Program Files (x86)\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files (x86)\StarCraft II\Versions\Base15405\SC2.exe" = C:\Program Files (x86)\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II -- (Blizzard Entertainment, Inc.)
"C:\Program Files (x86)\StarCraft II\Versions\Base16605\SC2.exe" = C:\Program Files (x86)\StarCraft II\Versions\Base16605\SC2.exe:*:Enabled:StarCraft II -- (Blizzard Entertainment, Inc.)
"C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe" = C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe:*:Enabled:Launcher.patch.exe -- File not found
"C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe" = C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnose 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG\AVG10\avgnsa.exe" = C:\Program Files (x86)\AVG\AVG10\avgnsa.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" = C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG-Installationsprogramm -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG\AVG10\avgemca.exe" = C:\Program Files (x86)\AVG\AVG10\avgemca.exe:*:Enabled:Personal eMail-Scanner -- (AVG Technologies CZ, s.r.o.)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- File not found
"C:\Program Files (x86)\World of Warcraft\Launcher.exe" = C:\Program Files (x86)\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"C:\Program Files (x86)\Azureus\Azureus.exe" = C:\Program Files (x86)\Azureus\Azureus.exe:*:Enabled:Azureus -- (Aelitis)
"C:\Program Files (x86)\Codemasters\GRID\GRID.exe" = C:\Program Files (x86)\Codemasters\GRID\GRID.exe:*:Enabled:GRID -- (Codemasters)
"C:\Program Files (x86)\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe" = C:\Program Files (x86)\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files (x86)\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe" = C:\Program Files (x86)\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files (x86)\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe" = C:\Program Files (x86)\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files (x86)\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe" = C:\Program Files (x86)\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- (Blizzard Entertainment)
"C:\Program Files (x86)\World of Warcraft\BackgroundDownloader.exe" = C:\Program Files (x86)\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Program Files (x86)\StarCraft II\StarCraft II.exe" = C:\Program Files (x86)\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\Program Files (x86)\StarCraft II\Versions\Base15405\SC2.exe" = C:\Program Files (x86)\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II -- (Blizzard Entertainment, Inc.)
"C:\Program Files (x86)\StarCraft II\Versions\Base16605\SC2.exe" = C:\Program Files (x86)\StarCraft II\Versions\Base16605\SC2.exe:*:Enabled:StarCraft II -- (Blizzard Entertainment, Inc.)
"C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe" = C:\Program Files (x86)\World of Warcraft\Launcher.patch.exe:*:Enabled:Launcher.patch.exe -- File not found
"C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe" = C:\Program Files (x86)\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnose 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG\AVG10\avgnsa.exe" = C:\Program Files (x86)\AVG\AVG10\avgnsa.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" = C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG-Installationsprogramm -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files (x86)\AVG\AVG10\avgemca.exe" = C:\Program Files (x86)\AVG\AVG10\avgemca.exe:*:Enabled:Personal eMail-Scanner -- (AVG Technologies CZ, s.r.o.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{319B58E8-4C80-4912-8EA7-24A9658120C6}" = AVG 2011
"{5BF8A577-B334-49BE-A7B2-349C1F1B0C58}" = AVG 2011
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"AVG" = AVG 2011
"ie8" = Windows Internet Explorer 8
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Windows x64 Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR archiver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1BA7B068-4719-42A3-B553-D4ED97434F92}" = ASUS Utilities
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Hi-Def Suite
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{402BB998-BE76-4A5A-817A-D0C6B47DF0A4}" = Gamepad Pro USB
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{71F17309-007D-43F9-9313-DBFBA5FCB3B3}" = LightScribe Optical Disc Kit
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B8.1015.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{9CE80D58-2E74-4FF4-A2D2-5E714E470F36}" = ASUS nVidia Driver
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1.2 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AnyDVD" = AnyDVD
"Azureus" = Azureus
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"Handbrake" = Handbrake 0.9.4
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"OpenAL" = OpenAL
"S2TNG" = The Settlers II - 10th Anniversary
"StarCraft II" = StarCraft II
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VLC media player 1.1.4
"World of Warcraft" = World of Warcraft
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 04.11.2010 19:51:42 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 05.11.2010 06:54:37 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Faulting application divx plus player.exe, version 10.2.1.13, faulting
module divxplaybackmodule.dll, version 3.2.2.7, fault address 0x0006a700.
 
Error - 05.11.2010 08:15:59 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Faulting application divx plus player.exe, version 10.2.1.13, faulting
module divx plus player.exe, version 10.2.1.13, fault address 0x0000bac1.
 
Error - 05.11.2010 08:17:30 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Faulting application divx plus player.exe, version 10.2.1.13, faulting
module divx plus player.exe, version 10.2.1.13, fault address 0x0000bac1.
 
Error - 06.11.2010 20:18:01 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Faulting application divxupdate.exe, version 1.0.2.118, faulting module
ntdll.dll, version 5.2.3790.4455, fault address 0x0004f053.
 
Error - 06.11.2010 20:46:21 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Faulting application divx plus player.exe, version 10.2.1.13, faulting
module divxplaybackmodule.dll, version 3.2.2.7, fault address 0x0006a700.
 
Error - 07.11.2010 20:06:02 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Faulting application divxupdate.exe, version 1.0.2.118, faulting module
ntdll.dll, version 5.2.3790.4455, fault address 0x0004f053.
 
Error - 07.11.2010 20:28:26 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 07.11.2010 20:58:47 | Computer Name = *** | Source = VSS | ID = 8211
Description = 
 
Error - 12.11.2010 20:43:38 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
 
[ System Events ]
Error - 09.11.2010 20:24:45 | Computer Name = *** | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}
 
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
 
Error - 09.11.2010 20:24:45 | Computer Name = *** | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}
 
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
 
Error - 10.11.2010 04:48:39 | Computer Name = *** | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}
 
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
 
Error - 10.11.2010 04:48:39 | Computer Name = *** | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}
 
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
 
Error - 10.11.2010 19:14:50 | Computer Name = *** | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}
 
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
 
Error - 10.11.2010 19:14:50 | Computer Name = *** | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}
 
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
 
Error - 11.11.2010 19:14:41 | Computer Name = *** | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}
 
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
 
Error - 11.11.2010 19:14:41 | Computer Name = *** | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}
 
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
 
Error - 12.11.2010 20:29:26 | Computer Name = *** | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}
 
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
 
Error - 12.11.2010 20:29:26 | Computer Name = *** | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}
 
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.
 
 
< End of report >

--- --- ---

Und hier das zweite [OTL.txt]:

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 13.11.2010 01:57:53 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\***\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 372,38 Gb Free Space | 79,95% Space Free | Partition Type: NTFS
Drive D: | 7,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 1863,01 Gb Total Space | 683,65 Gb Free Space | 36,70% Space Free | Partition Type: NTFS
Drive F: | 1863,02 Gb Total Space | 1367,30 Gb Free Space | 73,39% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Documents and Settings\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG\AVG10\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe ()
PRC - C:\Program Files (x86)\CoreTemp\Core Temp.exe ()
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Program Files (x86)\CyberLink\Shared Files\brs.exe (cyberlink)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Documents and Settings\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\wow64_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.4770_x-ww_8D2E3180\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\SysWOW64\msctfime.ime (Microsoft Corporation)
MOD - C:\WINDOWS\SysWOW64\comres.dll (Microsoft Corporation)
MOD - C:\WINDOWS\SysWOW64\wbem\framedyn.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (xmlprov) -- C:\WINDOWS\SysNative\xmlprov.dll File not found
SRV:64bit: - (WZCSVC) -- C:\WINDOWS\SysNative\wzcsvc.dll File not found
SRV:64bit: - (wuauserv) -- C:\WINDOWS\SysNative\wuauserv.dll File not found
SRV:64bit: - (Wmi) -- C:\WINDOWS\SysNative\advapi32.dll File not found
SRV:64bit: - (WmdmPmSN) -- C:\WINDOWS\SysNative\mspmsnsv.dll File not found
SRV:64bit: - (UPS) -- C:\WINDOWS\SysNative\ups.exe File not found
SRV:64bit: - (UMWdf) -- C:\WINDOWS\SysNative\wdfmgr.exe File not found
SRV:64bit: - (TlntSvr) -- C:\WINDOWS\SysNative\tlntsvr.exe File not found
SRV:64bit: - (SysmonLog) -- C:\WINDOWS\SysNative\smlogsvc.exe File not found
SRV:64bit: - (srservice) -- C:\WINDOWS\SysNative\srsvc.dll File not found
SRV:64bit: - (SCardSvr) -- C:\WINDOWS\SysNative\SCardSvr.exe File not found
SRV:64bit: - (RDSessMgr) -- C:\WINDOWS\SysNative\sessmgr.exe File not found
SRV:64bit: - (PlugPlay) -- C:\WINDOWS\SysNative\services.exe File not found
SRV:64bit: - (NVSvc) -- C:\WINDOWS\SysNative\nvsvc64.exe File not found
SRV:64bit: - (NtmsSvc) -- C:\WINDOWS\SysNative\ntmssvc.dll File not found
SRV:64bit: - (NetDDEdsdm) -- C:\WINDOWS\SysNative\netdde.exe File not found
SRV:64bit: - (NetDDE) -- C:\WINDOWS\SysNative\netdde.exe File not found
SRV:64bit: - (mnmsrvc) -- C:\WINDOWS\SysNative\mnmsrvc.exe File not found
SRV:64bit: - (Messenger) -- C:\WINDOWS\SysNative\msgsvc.dll File not found
SRV:64bit: - (ImapiService) -- C:\WINDOWS\SysNative\imapi.exe File not found
SRV:64bit: - (HTTPFilter) -- C:\WINDOWS\SysNative\w3ssl.dll File not found
SRV:64bit: - (Eventlog) -- C:\WINDOWS\SysNative\services.exe File not found
SRV:64bit: - (ERSvc) -- C:\WINDOWS\SysNative\ersvc.dll File not found
SRV:64bit: - (dmserver) -- C:\WINDOWS\SysNative\dmserver.dll File not found
SRV:64bit: - (dmadmin) -- C:\WINDOWS\SysNative\dmadmin.exe File not found
SRV:64bit: - (ClipSrv) -- C:\WINDOWS\SysNative\clipsrv.exe File not found
SRV:64bit: - (CiSvc) -- C:\WINDOWS\SysNative\cisvc.exe File not found
SRV:64bit: - (AppMgmt) -- C:\WINDOWS\SysNative\appmgmts.dll File not found
SRV:64bit: - (Alerter) -- C:\WINDOWS\SysNative\alrsvc.dll File not found
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (GEST Service) -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (UMWdf) -- C:\WINDOWS\SysWOW64\wdfmgr.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (wdmaud) -- C:\WINDOWS\SysNative\drivers\wdmaud.sys File not found
DRV:64bit: - (Update) -- C:\WINDOWS\SysNative\DRIVERS\update.sys File not found
DRV:64bit: - (sysaudio) -- C:\WINDOWS\SysNative\drivers\sysaudio.sys File not found
DRV:64bit: - (swmidi) -- C:\WINDOWS\SysNative\drivers\swmidi.sys File not found
DRV:64bit: - (sr) -- C:\WINDOWS\SysNative\DRIVERS\sr.sys File not found
DRV:64bit: - (sptd) -- C:\WINDOWS\SysNative\Drivers\sptd.sys File not found
DRV:64bit: - (splitter) -- C:\WINDOWS\SysNative\drivers\splitter.sys File not found
DRV:64bit: - (RTLE8023x64) Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) -- C:\WINDOWS\SysNative\DRIVERS\Rtenic64.sys File not found
DRV:64bit: - (redbook) -- C:\WINDOWS\SysNative\DRIVERS\redbook.sys File not found
DRV:64bit: - (Raspti) -- C:\WINDOWS\SysNative\DRIVERS\raspti.sys File not found
DRV:64bit: - (PxHlpa64) -- C:\WINDOWS\SysNative\Drivers\PxHlpa64.sys File not found
DRV:64bit: - (Ptilink) -- C:\WINDOWS\SysNative\DRIVERS\ptilink.sys File not found
DRV:64bit: - (PSched) -- C:\WINDOWS\SysNative\DRIVERS\psched.sys File not found
DRV:64bit: - (nv) -- C:\WINDOWS\SysNative\DRIVERS\nv4_mini.sys File not found
DRV:64bit: - (NIC1394) -- C:\WINDOWS\SysNative\DRIVERS\nic1394.sys File not found
DRV:64bit: - (kmixer) -- C:\WINDOWS\SysNative\drivers\kmixer.sys File not found
DRV:64bit: - (JRAID) -- C:\WINDOWS\SysNative\DRIVERS\jraid.sys File not found
DRV:64bit: - (IPSec) -- C:\WINDOWS\SysNative\DRIVERS\ipsec.sys File not found
DRV:64bit: - (IpInIp) -- C:\WINDOWS\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (Ip6Fw) -- C:\WINDOWS\SysNative\drivers\ip6fw.sys File not found
DRV:64bit: - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\SysNative\drivers\RTKHDA64.SYS File not found
DRV:64bit: - (imapi) -- C:\WINDOWS\SysNative\DRIVERS\imapi.sys File not found
DRV:64bit: - (Gpc) -- C:\WINDOWS\SysNative\DRIVERS\msgpc.sys File not found
DRV:64bit: - (Ftdisk) -- C:\WINDOWS\SysNative\DRIVERS\ftdisk.sys File not found
DRV:64bit: - (ElbyCDIO) -- C:\WINDOWS\SysNative\Drivers\ElbyCDIO.sys File not found
DRV:64bit: - (EIO_XP) -- C:\WINDOWS\SysNative\drivers\EIO64_XP.sys File not found
DRV:64bit: - (dmload) -- C:\WINDOWS\SysNative\drivers\dmload.sys File not found
DRV:64bit: - (dmio) -- C:\WINDOWS\SysNative\drivers\dmio.sys File not found
DRV:64bit: - (dmboot) -- C:\WINDOWS\SysNative\drivers\dmboot.sys File not found
DRV:64bit: - (CdaD10BA) -- C:\WINDOWS\SysNative\DRIVERS\CdaD10BA.sys File not found
DRV:64bit: - (CdaC15BA) -- C:\WINDOWS\SysNative\DRIVERS\CdaC15BA.sys File not found
DRV:64bit: - (Avgtdia) -- C:\WINDOWS\SysNative\DRIVERS\avgtdia.sys File not found
DRV:64bit: - (Avgrkx64) -- C:\WINDOWS\SysNative\DRIVERS\avgrkx64.sys File not found
DRV:64bit: - (Avgmfx64) -- C:\WINDOWS\SysNative\DRIVERS\avgmfx64.sys File not found
DRV:64bit: - (Avgldx64) -- C:\WINDOWS\SysNative\DRIVERS\avgldx64.sys File not found
DRV:64bit: - (AVGIDSEH) -- C:\WINDOWS\SysNative\DRIVERS\AVGIDSEH.Sys File not found
DRV:64bit: - (audstub) -- C:\WINDOWS\SysNative\DRIVERS\audstub.sys File not found
DRV:64bit: - (Atmarpc) -- C:\WINDOWS\SysNative\DRIVERS\atmarpc.sys File not found
DRV:64bit: - (Arp1394) -- C:\WINDOWS\SysNative\DRIVERS\arp1394.sys File not found
DRV:64bit: - (AnyDVD) -- C:\WINDOWS\SysNative\Drivers\AnyDVD.sys File not found
DRV:64bit: - (aec) -- C:\WINDOWS\SysNative\drivers\aec.sys File not found
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (AnyDVD) -- C:\WINDOWS\SysWOW64\Drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl (Cyberlink Corp.)
DRV - (mnmdd) -- C:\WINDOWS\SysWow64\mnmdd.dll (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010.11.10 01:15:39 | 000,000,000 | ---D | M]
 
 
Hosts file not found
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\SysNative\NvCpl.DLL File not found
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\SysNative\NvMcTray.DLL File not found
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4:64bit: - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\SysWOW64\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKCU..\Run: [Core Temp] C:\Program Files (x86)\CoreTemp\Core Temp.exe ()
O4 - HKCU..\Run: [Power2GoExpress] File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1245960196580 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1289003710875 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.0.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SysNative\wiascr.dll File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - C:\WINDOWS\SysNative\logonui.exe File not found
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20:64bit: - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20:64bit: - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - dimsntfy.dll - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - Reg Error: Key error. - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SysNative\stobject.dll File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.25 19:59:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.05.25 05:16:57 | 000,000,046 | RH-- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: ddesarts - (C:\WINDOWS\system32\cmdkedit.dll) - C:\WINDOWS\SysWow64\cmdkedit.dll File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.13 01:56:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\***\Desktop\OTL.exe
[2010.11.13 01:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\Malwarebytes
[2010.11.13 01:33:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysWow64\drivers\mbamswissarmy.sys
[2010.11.13 01:33:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.11.13 01:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.11.10 01:24:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010.11.10 01:16:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\AVG10
[2010.11.10 01:16:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010.11.10 01:15:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010.11.10 01:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010.11.05 11:54:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010.11.05 11:54:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.11.05 11:52:28 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2010.11.05 11:52:28 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2010.11.05 11:52:27 | 013,012,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2010.11.05 11:52:27 | 001,462,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2010.11.05 11:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.11.05 11:51:58 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.11.05 11:48:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2010.10.30 00:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Local Settings\Application Data\HandBrake
[2010.10.30 00:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\HandBrake
[2010.10.30 00:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Handbrake
[2010.10.30 00:48:09 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2010.10.30 00:47:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2010.10.30 00:27:31 | 004,411,392 | ---- | C] (Gabest) -- C:\Documents and Settings\***\Desktop\mplayerc.exe
[2010.10.30 00:27:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\Media Player Classic
[2010.10.24 23:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\***\Application Data\vlc
[2010.10.16 12:04:58 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwddi.dll
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.13 01:56:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\***\Desktop\OTL.exe
[2010.11.13 01:29:22 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\gdrv.sys
[2010.11.13 01:29:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.12 00:46:59 | 000,002,303 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010.11.12 00:20:26 | 000,000,799 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010.11.10 01:21:30 | 000,000,984 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.11.10 01:16:18 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010.11.10 01:16:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\avg\incavi.avm
[2010.11.10 01:16:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\avg\iavichjw.avm
[2010.11.07 11:29:36 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\***\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.06 01:46:39 | 000,497,776 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2010.10.24 23:31:54 | 000,000,761 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010.10.16 19:55:00 | 014,598,144 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvogl32.dll
[2010.10.16 19:55:00 | 013,012,992 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2010.10.16 19:55:00 | 004,882,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2010.10.16 19:55:00 | 002,932,840 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2010.10.16 19:55:00 | 002,666,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2010.10.16 19:55:00 | 001,462,272 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2010.10.16 19:55:00 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2010.10.16 12:04:58 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwddi.dll
[4 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.11.10 01:16:18 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010.10.30 00:48:56 | 000,497,776 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2009.07.02 09:15:11 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\***\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.01 14:24:11 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2009.06.29 22:16:20 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\***\Local Settings\Application Data\PUTTY.RND
[2009.06.26 03:28:22 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.06.04 01:13:58 | 001,278,464 | ---- | C] () -- C:\WINDOWS\SysWow64\quartz.dll
[2009.01.05 13:44:10 | 000,000,483 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2006.03.29 13:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\SysWow64\qedwipes.dll
[2006.03.29 13:00:00 | 000,512,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qedit.dll
[2006.03.29 13:00:00 | 000,498,742 | ---- | C] () -- C:\WINDOWS\SysWow64\dxmasf.dll
[2006.03.29 13:00:00 | 000,396,288 | ---- | C] () -- C:\WINDOWS\SysWow64\encdec.dll
[2006.03.29 13:00:00 | 000,385,536 | ---- | C] () -- C:\WINDOWS\SysWow64\qdvd.dll
[2006.03.29 13:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2006.03.29 13:00:00 | 000,279,040 | ---- | C] () -- C:\WINDOWS\SysWow64\qdv.dll
[2006.03.29 13:00:00 | 000,276,992 | ---- | C] () -- C:\WINDOWS\SysWow64\sbe.dll
[2006.03.29 13:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ir32_32.dll
[2006.03.29 13:00:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qcap.dll
[2006.03.29 13:00:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\SysWow64\msencode.dll
[2006.03.29 13:00:00 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\amstream.dll
[2006.03.29 13:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\SysWow64\mciqtz32.dll
[2006.03.29 13:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\devenum.dll
[2006.03.29 13:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysWow64\tsd32.dll
[2006.03.29 13:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\SysWow64\msdmo.dll
[2006.03.29 13:00:00 | 000,004,126 | ---- | C] () -- C:\WINDOWS\SysWow64\msdxmlc.dll
 
========== LOP Check ==========
 
[2010.11.10 01:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010.11.10 01:11:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009.07.09 18:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Codemasters
[2010.11.10 01:16:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009.07.01 14:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.11.10 01:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009.07.01 14:24:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SlySoft
[2009.06.30 10:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2010.11.10 01:16:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\***\Application Data\AVG10
[2010.05.26 08:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\***\Application Data\Azureus
[2009.07.01 14:24:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\***\Application Data\DAEMON Tools Lite
[2010.10.30 00:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\***\Application Data\HandBrake
[2010.11.12 10:34:08 | 000,032,648 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:00E4E7CF4C3A1F3F
 
< End of report >

--- --- ---

LG und vielen Dank!

Noch ein Zusatz, AVG hat zwar keine Viren gefunden, aber das hier ausgeben, weiß nicht, ob es bedeutend ist (und auch nicht, was mir AVG damit sagen möchte):

Zitat:

"Scan ""Gesamten Computer scannen"" wurde beendet."
"Informationen";"2"
"Für den Scanvorgang ausgewählte Ordner:";"Gesamten Computer scannen"
"Start des Scans:";"Samstag, 13. November 2010, 01:55:30"
"Scan beendet:";"Samstag, 13. November 2010, 02:23:02 (27 Minute(n) 31 Sekunde(n))"
"Gesamtanzahl gescannter Objekte:";"845627"
"Benutzer, der den Scan gestartet hat:";"***"

"Informationen"
"";"Datei";"Informationen";"Ergebnis"
"";"C:\System Volume Information\_restore{A05222F5-7D2C-4505-A736-52DC8E1AE659}\RP367\A0039672.exe";"Die Datei wurde von einer beschädigten digitalen Signatur signiert, die von Microsoft Corporation ausgestellt wurde.";""
"";"C:\System Volume Information\_restore{A05222F5-7D2C-4505-A736-52DC8E1AE659}\RP367\A0039671.exe";"Die Datei wurde von einer beschädigten digitalen Signatur signiert, die von Microsoft Corporation ausgestellt wurde.";""

Online-Banking durch Trojaner Gozi gesperrt

Plagegeister aller Art und deren Bekämpfung: Online-Banking durch Trojaner Gozi gesperrt

Online-Banking durch Trojaner Gozi gesperrt

Ähnliche Themen: Online-Banking durch Trojaner Gozi gesperrt