Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Taskmanager geht nicht mehr (windows 7)

Taskmanager geht nicht mehr (windows 7)


Plagegeister aller Art und deren Bekämpfung: Taskmanager geht nicht mehr (windows 7)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.10.2010, 19:46   #1
RealSnapshot
 
Taskmanager geht nicht mehr (windows 7) - Standard

Taskmanager geht nicht mehr (windows 7)


Hallo,

habe folgendes Problem: Mein Taskmanager geht nicht mehr wenn ich Strg+Alt+Entfernen drücke

Hier schon mal der Ani-Malware Logfile. Was braucht ihr noch? Danke im voraus

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4800

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12.10.2010 17:25:31
mbam-log-2010-10-12 (17-25-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 280335
Laufzeit: 1 Stunde(n), 13 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 7
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 2
Infizierte Dateien: 20

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\AnVi (Rogue.AnVi) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.AntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\bk (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tzuxopacaju (Trojan.Agent.U) -> Delete on reboot.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\Program Files\AnVi (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi (Rogue.AntiVirus) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Program Files\AnVi\about.ico (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\AnVi\activate.ico (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\AnVi\avt.db (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\AnVi\buy.ico (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\AnVi\help.ico (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\AnVi\scan.ico (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\AnVi\settings.ico (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\AnVi\splash.mp3 (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\AnVi\update.ico (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\AnVi\virus.mp3 (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\About.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Activate.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Antivirus Support.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Antivirus.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Buy.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Scan.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Settings.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVi\Update.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antivirus.lnk (Rogue.AntiVirus) -> Quarantined and deleted successfully.
C:\Users\Snapshot\AppData\Local\uhemokab.dll (Trojan.Agent.U) -> Delete on reboot.

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.10.2010 17:43:38 - Run 2
OTL by OldTimer - Version 3.2.15.1     Folder = C:\Users\Snapshot\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68,74 Gb Total Space | 39,63 Gb Free Space | 57,66% Space Free | Partition Type: NTFS
Drive D: | 50,01 Gb Total Space | 24,76 Gb Free Space | 49,51% Space Free | Partition Type: NTFS
Drive E: | 114,14 Gb Total Space | 68,07 Gb Free Space | 59,64% Space Free | Partition Type: NTFS
Drive F: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: SNAPSHOT-PC | User Name: Snapshot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Snapshot\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Adobe\Reader 9.0\Reader\Eula.exe (Adobe Systems Incorporated)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programme\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Users\Snapshot\Desktop\CryptLoad_1.1.8\CryptLoad.exe (hxxp://cryptload.info)
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Common Files\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG)
PRC - C:\Programme\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Snapshot\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\wtsapi32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\winsta.dll (Microsoft Corporation)
MOD - C:\Users\Snapshot\AppData\Local\uhemokab.dll ()
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\opengl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\glu32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\ddraw.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dciman32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe File not found
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (postgresql-8.4) -- D:\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
SRV - (DBService) -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe (DATA BECKER GmbH & Co KG)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (catchme) -- C:\Users\Snapshot\AppData\Local\Temp\catchme.sys File not found
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (xusb21) -- C:\Windows\System32\drivers\xusb21.sys (Microsoft Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC-Seriellschnittstellentreiber (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) Brother MFC-WDM-Treiber (USB,seriell) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) Brother WDM-Treiber (seriell) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation                                            )
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (CLEDX) -- C:\Windows\System32\drivers\cledx.sys (Team H2O)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C4 FC 8D E1 22 60 CA 01  [binary data]
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://google.de"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {83DEA7B3-5F29-4BF8-971A-4CA86AEEC008}:1.9.1
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{83DEA7B3-5F29-4BF8-971A-4CA86AEEC008}: C:\Users\Snapshot\AppData\Local\{83DEA7B3-5F29-4BF8-971A-4CA86AEEC008} [2010.10.11 18:13:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.16 17:25:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.03 09:56:31 | 000,000,000 | ---D | M]
 
[2009.11.08 05:31:36 | 000,000,000 | ---D | M] -- C:\Users\Snapshot\AppData\Roaming\mozilla\Extensions
[2010.10.12 17:28:18 | 000,000,000 | ---D | M] -- C:\Users\Snapshot\AppData\Roaming\mozilla\Firefox\Profiles\rmejjtr4.default\extensions
[2010.10.11 15:38:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Snapshot\AppData\Roaming\mozilla\Firefox\Profiles\rmejjtr4.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.08.29 16:39:29 | 000,000,000 | ---D | M] -- C:\Users\Snapshot\AppData\Roaming\mozilla\Firefox\Profiles\rmejjtr4.default\extensions\vshare@toolbar
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Snapshot\AppData\Roaming\Mozilla\FireFox\Profiles\rmejjtr4.default\searchplugins\icqplugin.xml
[2010.10.12 17:28:18 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.07.22 10:52:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2008.02.22 17:24:06 | 000,095,832 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPPDLicenseHelper.dll
[2010.09.09 21:28:42 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.09.09 21:28:42 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.09 21:28:42 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.09 21:28:42 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.09 21:28:42 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.07.27 17:41:01 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [H2O] C:\Programme\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Tzuxopacaju] C:\Users\Snapshot\AppData\Local\uhemokab.DLL ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\PROGRA~1\ICQ6.5\ICQ.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.220.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 08:21:09 | 000,000,000 | ---D | M] - F:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2010.01.31 10:21:13 | 000,367,686 | R--- | M] () - F:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:55:03 | 009,965,568 | R--- | M] () - F:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:54:55 | 000,000,155 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.12 09:13:13 | 000,000,000 | ---D | C] -- C:\Programme\RegCleaner
[2010.10.11 20:21:20 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\AppData\Roaming\download2
[2010.10.11 18:13:56 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\AppData\Local\{83DEA7B3-5F29-4BF8-971A-4CA86AEEC008}
[2010.10.11 18:11:04 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\AppData\Local\DBControl
[2010.10.11 16:37:39 | 000,000,000 | RH-D | C] -- C:\Users\Snapshot\AppData\Roaming\SecuROM
[2010.10.11 16:28:18 | 000,000,000 | ---D | C] -- C:\Programme\JoWooD Entertainment AG
[2010.10.11 16:15:38 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\Documents\888poker
[2010.10.11 16:15:36 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\Start Menu
[2010.10.11 15:57:08 | 000,000,000 | ---D | C] -- C:\Programme\uTorrent
[2010.10.11 15:38:39 | 000,000,000 | ---D | C] -- C:\Programme\ICQ6Toolbar
[2010.10.11 15:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.10.11 15:37:31 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\AppData\Local\AOL
[2010.10.11 15:36:45 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.2
[2010.10.08 11:39:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2010.10.08 11:39:27 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\Documents\ArcaniA - Gothic 4 Demo
[2010.10.08 11:39:03 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010.10.08 11:39:03 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010.10.08 11:39:03 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010.10.08 11:39:03 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010.10.08 11:39:02 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010.10.08 11:39:02 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010.10.08 11:39:02 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.10.08 11:39:02 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010.10.08 11:39:02 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010.10.08 11:39:02 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.10.08 11:39:02 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.10.08 11:39:02 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.10.05 20:18:43 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\AppData\Roaming\HEM Data
[2010.09.29 15:28:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.26 17:17:36 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\AppData\Roaming\teamspeak2
[2010.09.26 17:17:30 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2010.09.26 17:17:26 | 000,000,000 | ---D | C] -- C:\Programme\Teamspeak2_RC2
[2010.09.25 21:48:46 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\AppData\Roaming\DivX
[2010.09.25 21:47:55 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.09.25 20:50:39 | 000,000,000 | ---D | C] -- C:\Poker
[2010.09.24 15:01:42 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\AppData\Roaming\UB
[2010.09.24 15:01:37 | 000,000,000 | ---D | C] -- C:\Poker Application
[2010.09.15 18:05:48 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\Documents\KONAMI
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.12 17:43:09 | 000,000,120 | ---- | M] () -- C:\Users\Snapshot\AppData\Local\Knomiweloha.dat
[2010.10.12 17:25:34 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\gncthgwn.sys
[2010.10.12 16:12:14 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.12 16:12:13 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.12 16:06:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.12 16:06:52 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.12 09:13:15 | 000,000,928 | ---- | M] () -- C:\Users\Snapshot\Desktop\RegCleaner.lnk
[2010.10.12 09:11:19 | 000,000,000 | ---- | M] () -- C:\Users\Snapshot\AppData\Local\Fvoxo.bin
[2010.10.11 21:15:59 | 228,367,269 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.10.11 20:22:24 | 000,000,150 | ---- | M] () -- C:\Users\Snapshot\AppData\Roaming\dsfsds.bat
[2010.10.11 16:36:27 | 000,002,224 | ---- | M] () -- C:\Users\Public\Desktop\ArcaniA - Gothic 4 starten.lnk
[2010.10.11 15:57:08 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.10.06 17:29:53 | 000,011,562 | ---- | M] () -- C:\Users\Snapshot\Documents\Klingel.docx
[2010.10.05 20:03:44 | 000,647,138 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.10.05 20:03:44 | 000,609,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.10.05 20:03:44 | 000,127,198 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.10.05 20:03:44 | 000,104,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.28 17:57:20 | 000,133,589 | ---- | M] () -- C:\Users\Snapshot\Desktop\Perso.jpg
[2010.09.26 17:17:30 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2010.09.26 12:48:00 | 000,000,716 | ---- | M] () -- C:\Users\Public\Desktop\Boylepoker.lnk
[2010.09.22 21:54:05 | 000,139,128 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.09.22 21:53:55 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.09.22 16:58:00 | 000,000,016 | ---- | M] () -- C:\Windows\System32\w3data.vss
[2010.09.22 16:58:00 | 000,000,016 | ---- | M] () -- C:\Windows\System32\msvcsv60.dll
[2010.09.22 16:58:00 | 000,000,016 | ---- | M] () -- C:\Windows\msocreg32.dat
 
========== Files Created - No Company Name ==========
 
[2010.10.12 17:25:34 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\gncthgwn.sys
[2010.10.12 09:13:15 | 000,000,928 | ---- | C] () -- C:\Users\Snapshot\Desktop\RegCleaner.lnk
[2010.10.11 20:22:24 | 000,000,150 | ---- | C] () -- C:\Users\Snapshot\AppData\Roaming\dsfsds.bat
[2010.10.11 18:13:57 | 000,000,120 | ---- | C] () -- C:\Users\Snapshot\AppData\Local\Knomiweloha.dat
[2010.10.11 18:13:57 | 000,000,000 | ---- | C] () -- C:\Users\Snapshot\AppData\Local\Fvoxo.bin
[2010.10.11 18:11:04 | 000,000,000 | ---- | C] () -- C:\Users\Snapshot\AppData\Local\googleupdate.log
[2010.10.11 16:36:27 | 000,002,224 | ---- | C] () -- C:\Users\Public\Desktop\ArcaniA - Gothic 4 starten.lnk
[2010.10.11 15:57:08 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.10.06 17:24:34 | 000,011,562 | ---- | C] () -- C:\Users\Snapshot\Documents\Klingel.docx
[2010.09.28 17:57:20 | 000,133,589 | ---- | C] () -- C:\Users\Snapshot\Desktop\Perso.jpg
[2010.09.26 12:48:00 | 000,000,716 | ---- | C] () -- C:\Users\Public\Desktop\Boylepoker.lnk
[2010.07.28 19:44:44 | 000,000,016 | ---- | C] () -- C:\Windows\System32\msvcsv60.dll
[2010.05.03 22:01:47 | 000,023,552 | ---- | C] () -- C:\Users\Snapshot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.06 17:43:24 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.03.06 17:43:24 | 000,138,056 | ---- | C] () -- C:\Users\Snapshot\AppData\Roaming\PnkBstrK.sys
[2009.12.05 21:19:29 | 000,007,680 | ---- | C] () -- C:\Windows\System32\CNMVS5y.DLL
[2009.11.22 16:04:35 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.11.09 18:46:07 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2009.11.08 17:39:06 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.10.31 03:56:44 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.08.16 12:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 01:24:44 | 000,206,848 | ---- | C] () -- C:\Users\Snapshot\AppData\Local\uhemokab.dll
[2009.05.29 17:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.29 17:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.04.22 01:19:06 | 000,172,173 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2007.02.05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
 
< End of report >
--- --- ---

mag keiner helfen!?

Alt 17.10.2010, 14:29   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Taskmanager geht nicht mehr (windows 7) - Standard

Taskmanager geht nicht mehr (windows 7)


Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
ATTFilter
:OTL
MOD - C:\Users\Snapshot\AppData\Local\uhemokab.dll ()
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
O4 - HKLM..\Run: [H2O] C:\Programme\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [Tzuxopacaju] C:\Users\Snapshot\AppData\Local\uhemokab.DLL ()
O32 - AutoRun File - [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 08:21:09 | 000,000,000 | ---D | M] - F:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2010.01.31 10:21:13 | 000,367,686 | R--- | M] () - F:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:55:03 | 009,965,568 | R--- | M] () - F:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:54:55 | 000,000,155 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
[2010.10.11 20:21:20 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\AppData\Roaming\download2
[2010.10.11 18:13:56 | 000,000,000 | ---D | C] -- C:\Users\Snapshot\AppData\Local\{83DEA7B3-5F29-4BF8-971A-4CA86AEEC008}
[2010.10.12 17:43:09 | 000,000,120 | ---- | M] () -- C:\Users\Snapshot\AppData\Local\Knomiweloha.dat
[2010.10.12 17:25:34 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\gncthgwn.sys
[2010.10.12 09:11:19 | 000,000,000 | ---- | M] () -- C:\Users\Snapshot\AppData\Local\Fvoxo.bin
[2010.10.11 20:22:24 | 000,000,150 | ---- | M] () -- C:\Users\Snapshot\AppData\Roaming\dsfsds.bat
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________

__________________
Antwort

Themen zu Taskmanager geht nicht mehr (windows 7)
anti-malware, antivirus, appdata, avgntflt.sys, becker, brauch, components, corp./icp, dateien, disabletaskmgr, entfernen, excel.exe, explorer, files, firefox.exe, folge, fontcache, geht nicht mehr, langs, launch, load.exe, local\temp, location, microsoft, nicht mehr, nodrives, nvlddmkm.sys, nvstor.sys, oldtimer, otl.exe, plug-in, problem, programdata, roaming, sched.exe, searchplugins, shell, software, sptd.sys, start, start menu, strg, system, taskhost.exe, taskmanager, trojan.agent, trojan.agent.u, version, windows, windows 7, winlogon


« Trojaner: Porn Pop-Ups, Taskmanager down, keine Handlungsmöglichkeit! | TR/Crypt.XPACK.Gen3 in C:\Users\***\AppData\Local\umevevukoviker.dll und JAVA/Agent.HN' »


Ähnliche Themen: Taskmanager geht nicht mehr (windows 7)


  1. Internet und Windows Update geht nicht mehr
    Alles rund um Windows - 11.11.2015 (1)
  2. USB Maus geht nicht mehr - neue Maus geht nach 2 Tagen auch nicht mehr!
    Netzwerk und Hardware - 26.10.2015 (4)
  3. Avira Desktop lässt sich nicht aktivieren & Windows Updates geht nicht mehr: Schlüssel im angegebenen Status nicht gültig!
    Antiviren-, Firewall- und andere Schutzprogramme - 08.11.2014 (16)
  4. Windows 7 Pc geht nicht mehr an, piept 1x lang und 2x kurz
    Alles rund um Windows - 24.07.2014 (3)
  5. Taskmanager geht nicht mehr Windows 7 Taskmanager trojaner 2014
    Alles rund um Windows - 18.06.2014 (48)
  6. Win7 herunterfahren Button reagiert nicht, strg+alt+entf geht nicht mehr & cmd.exe geht nicht auf
    Plagegeister aller Art und deren Bekämpfung - 15.12.2011 (25)
  7. Taskmanager geht nicht & minimierte Dinge sind nicht auf der Taskleiste sichtbar
    Plagegeister aller Art und deren Bekämpfung - 13.12.2011 (1)
  8. Trojan.Spyeyes, Taskmanager nicht mehr auffindbar, Acrobat Reader funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 17.10.2011 (8)
  9. Windows XP geht nicht mehr Virus, Trojaner ?
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (0)
  10. XP keine DESKTOPICONS, KEIN TASKMANAGER, Neuinstallation geht nicht.. :-(
    Alles rund um Windows - 23.03.2010 (28)
  11. Taskmanager Geht nicht mehr. Alles stürzt ab.
    Alles rund um Windows - 22.05.2009 (1)
  12. Win startet explorer nich+Taskmanager geht nicht
    Plagegeister aller Art und deren Bekämpfung - 18.03.2009 (0)
  13. pc langsam taskmanager geht nicht mehr
    Log-Analyse und Auswertung - 11.03.2009 (5)
  14. Windows Update und google geht nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 01.03.2009 (0)
  15. Taskmanager in Windows-Sicherheits Box nicht mehr wählbar
    Alles rund um Windows - 11.08.2007 (2)
  16. Windows Firewall geht nicht mehr!
    Log-Analyse und Auswertung - 17.02.2007 (1)
  17. Brauche Hilfe - Windows Firewall geht nicht mehr
    Antiviren-, Firewall- und andere Schutzprogramme - 13.04.2006 (15)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Taskmanager geht nicht mehr (windows 7) - Hallo, habe folgendes Problem: Mein Taskmanager geht nicht mehr wenn ich Strg+Alt+Entfernen drücke Hier schon mal der Ani-Malware Logfile. Was braucht ihr noch? Danke im voraus Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org - Taskmanager geht nicht mehr (windows 7)...
Archiv
Du betrachtest: Taskmanager geht nicht mehr (windows 7) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19