Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?

Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?


Log-Analyse und Auswertung: Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 11.11.2010, 19:36   #1
charles89
 
Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben? - Standard

Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?


Hallo,
ich habe meinen Laptop mit Windows 7 erst seit circa 2 Monaten, doch ich habe das Problem, dass der Taskmanager deaktiviert ist. Ich habe auf diversen Seiten gelesen, den Fehler in der Registrierung zu beheben, doch diese ist angeblich durch den Administrator deaktiviert.
Also weiter gelesen, dort bin ich dann auf diese Seite gestoßen: hxxp://forum.chip.de/viren-trojaner-wuermer/msn-virus-bekomm-ihn-weg-1341391-page2.html, wo ich dann Malwarebytes Anti-Malware heruntergeladen habe und gescannt habe.

Das Ergebnis:
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5095

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11.11.2010 19:01:29
mbam-log-2010-11-11 (19-01-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|H:\|)
Durchsuchte Objekte: 388492
Laufzeit: 1 Stunde(n), 11 Minute(n), 40 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Bin dann auf hxxp://forum.chip.de/viren-trojaner-wuermer/erste-hilfe-infektionen-viren-wuermer-etc-973778.html#post6749164 gestoßen und wollte jetzt die Logdatei posten:


Code:
ATTFilter
OTL logfile created on: 11.11.2010 19:16:37 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\***\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 44,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 228,12 Gb Total Space | 139,93 Gb Free Space | 61,34% Space Free | Partition Type: NTFS
Drive H: | 227,02 Gb Total Space | 160,76 Gb Free Space | 70,81% Space Free | Partition Type: NTFS
 
Computer Name: ***-VAIO | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.11.11 19:16:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2010.10.30 09:18:20 | 000,912,344 | ---- | M] (Mozilla Corporation) -- H:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.10.30 09:18:20 | 000,016,856 | ---- | M] (Mozilla Corporation) -- H:\Programme\Mozilla Firefox\plugin-container.exe
PRC - [2010.08.13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.08.12 15:15:34 | 000,081,296 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCSpt.exe
PRC - [2010.07.23 06:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
PRC - [2010.05.28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2010.05.18 13:38:46 | 000,075,776 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2010.04.29 12:19:18 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010.03.28 15:47:30 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.02.19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2009.12.14 21:06:24 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.12.14 21:06:08 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.12.01 22:03:52 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009.11.21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.11.21 00:25:22 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.10.24 03:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
PRC - [2009.09.14 19:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009.09.14 18:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009.09.04 22:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2008.09.24 13:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.09.24 13:32:42 | 001,561,896 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBCore.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007.04.24 18:19:54 | 003,581,680 | ---- | M] (Stardock) -- H:\Programme\Stardock\ObjectDock\ObjectDock.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.11.11 19:16:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.09.30 15:58:08 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.08.12 15:15:34 | 000,257,936 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010.04.09 13:37:36 | 001,223,024 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2010.02.19 19:19:28 | 000,115,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2010.02.19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2010.01.27 21:10:56 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.11.30 19:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009.11.25 19:06:06 | 000,821,760 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2009.09.01 21:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2010.10.18 20:41:26 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- H:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.09.30 16:03:04 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- H:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.09.30 15:58:02 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.08.20 20:16:03 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.08.13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.07.23 06:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe -- (NIS)
SRV - [2010.05.28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.03.28 15:47:30 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.14 21:06:24 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.12.14 21:06:08 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.11.21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.10.15 16:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009.10.15 16:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009.10.15 16:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009.10.15 16:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009.10.15 16:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009.09.14 19:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009.09.14 19:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009.09.14 18:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009.09.04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.08.31 01:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009.08.31 01:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.24 13:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2010.10.18 19:55:06 | 000,174,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010.10.03 16:22:05 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.09.06 10:32:57 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.09.06 10:32:57 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.07.29 04:33:05 | 000,821,808 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1201000.025\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2010.07.29 03:54:37 | 000,715,824 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1201000.025\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010.07.29 03:54:37 | 000,040,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1201000.025\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010.07.13 02:20:22 | 000,381,488 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1201000.025\symnets.sys -- (SymNetS)
DRV:64bit: - [2010.06.27 05:05:55 | 000,168,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1201000.025\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2010.06.13 11:50:57 | 000,450,096 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1201000.025\SymDS64.sys -- (SymDS)
DRV:64bit: - [2010.04.19 19:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.01.27 21:10:59 | 006,106,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.12.17 23:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009.12.16 21:03:59 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009.12.16 21:03:04 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.12.16 05:04:17 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.12.16 03:49:48 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.12.14 21:06:07 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.11.21 00:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.11.18 05:30:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.11.18 05:30:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.11.18 05:30:32 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.11.18 05:30:21 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.11.18 05:23:46 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.11.13 21:08:21 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.11.12 21:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.11.12 21:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.06 21:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009.10.10 03:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.15 21:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009.08.19 21:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.05.20 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2010.11.04 01:07:05 | 000,953,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20101104.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010.10.19 21:36:20 | 000,476,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20101109.001\IDSviA64.sys -- (IDSVia64)
DRV - [2010.10.18 20:05:28 | 001,804,336 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20101111.002\EX64.SYS -- (NAVEX15)
DRV - [2010.10.18 20:05:28 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010.10.18 20:05:28 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010.10.18 20:05:28 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20101111.002\ENG64.SYS -- (NAVENG)
DRV - [2010.02.24 13:41:50 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- H:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google.de"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: StrataBuddy@ReduxTeam:0.6.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: tabprogressbar@studio17.wordpress.com:0.6
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.1
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:4.5.2.0
FF - prefs.js..extensions.enabledItems: Strata40@SpewBoy.au:0.6.2
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2010.10.18 19:55:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn\ [2010.10.18 19:54:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: H:\Programme\Mozilla Firefox\components [2010.11.06 21:23:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: H:\Programme\Mozilla Firefox\plugins [2010.11.07 22:23:18 | 000,000,000 | ---D | M]
 
[2010.08.19 18:18:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.11.11 07:21:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions
[2010.10.01 17:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010.10.24 08:32:33 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.09.28 09:29:32 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.11.08 20:22:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions\2020Player@2020Technologies.com
[2010.09.10 18:08:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions\check4change-owner@mozdev.org
[2010.10.01 19:57:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions\Strata40@SpewBoy.au
[2010.10.01 19:58:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions\StrataBuddy@ReduxTeam
[2010.10.01 20:02:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions\tabprogressbar@studio17.wordpress.com
[2010.08.26 09:02:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions\youtube2mp3@mondayx.de
[2010.10.01 19:57:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\flhwvtsk.default\extensions\Strata40@SpewBoy.au\chrome\mozapps\extensions
[2010.09.12 12:58:48 | 000,002,101 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\flhwvtsk.default\searchplugins\googlede.xml
[2010.10.18 20:31:10 | 000,002,443 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\flhwvtsk.default\searchplugins\safesearch.xml
 
O1 HOSTS File: ([2010.10.02 10:57:33 | 000,001,377 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com:443
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\IPSBHO.DLL (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [NBCore] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBCore.exe (Nero AG)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = H:\Programme\Stardock\ObjectDock\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - H:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - H:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - H:\Programme\Stardock\IconPackager\iprepair64.dll (Stardock.net, Inc)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - H:\Programme\Stardock\IconPackager\iprepair.dll (Stardock.net, Inc)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c92fc51a-abb7-11df-ab16-506313b2534c}\Shell - "" = AutoRun
O33 - MountPoints2\{c92fc51a-abb7-11df-ab16-506313b2534c}\Shell\AutoRun\command - "" = J:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.11 17:24:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.11.11 17:24:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.11 17:24:16 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.11 17:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.11.11 17:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.11 12:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\NewSoft
[2010.11.10 12:28:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\InstallShield
[2010.11.07 22:28:34 | 000,000,000 | ---D | C] -- C:\Update
[2010.11.01 17:46:24 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\MetaX
[2010.10.30 16:23:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\mkvtoolnix
[2010.10.30 15:37:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Xilisoft
[2010.10.30 15:37:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Xilisoft
[2010.10.30 15:22:20 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Xilisoft Corporation
[2010.10.30 15:22:17 | 000,000,000 | ---D | C] -- C:\Users\***\Application Data
[2010.10.30 15:15:45 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\DreamVideoSoft
[2010.10.30 15:14:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\dream-mkv-converter
[2010.10.30 15:06:46 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2010.10.30 15:06:46 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2010.10.30 15:06:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2010.10.29 13:17:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Electronic Arts
[2010.10.28 14:21:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2010.10.20 14:50:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Axialis
[2010.10.19 18:41:34 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\WarnerBrothersStudioSet
[2010.10.19 18:07:01 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Set vorstellen
[2010.10.18 21:52:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\CrashDumps
[2010.10.18 20:09:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010.10.18 19:55:06 | 000,174,640 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010.10.18 19:55:06 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Symantec Shared
[2010.10.18 19:55:06 | 000,000,000 | ---D | C] -- C:\Programme\Symantec
[2010.10.18 19:54:55 | 000,821,808 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1201000.025\SymEFA64.sys
[2010.10.18 19:54:55 | 000,715,824 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1201000.025\srtsp64.sys
[2010.10.18 19:54:55 | 000,450,096 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1201000.025\SymDS64.sys
[2010.10.18 19:54:55 | 000,381,488 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1201000.025\symnets.sys
[2010.10.18 19:54:55 | 000,168,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1201000.025\Ironx64.sys
[2010.10.18 19:54:55 | 000,040,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1201000.025\srtspx64.sys
[2010.10.18 19:54:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2010.10.18 19:54:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1201000.025
[2010.10.18 19:54:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2010.10.18 19:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.10.18 19:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010.10.18 19:54:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010.10.16 17:07:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Bewerbungen
[2010.10.16 17:07:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Lebenshilfe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.11 17:25:35 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.11 17:25:35 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.11 17:24:19 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.11 17:17:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.11 17:17:08 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.11 17:04:13 | 000,000,690 | ---- | M] () -- C:\Users\***\Desktop\AudioConverter.exe.lnk
[2010.11.11 15:30:53 | 001,512,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.11 15:30:53 | 000,659,004 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.11 15:30:53 | 000,620,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.11 15:30:53 | 000,132,542 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.11 15:30:53 | 000,108,332 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.11 12:33:59 | 000,151,566 | ---- | M] () -- C:\Windows\SysWow64\UninstIPP.isu
[2010.11.03 17:31:37 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib
[2010.11.02 11:03:33 | 000,000,735 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2010.10.31 10:02:29 | 005,648,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.10.27 04:45:16 | 001,202,730 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\Cat.DB
[2010.10.20 17:58:15 | 000,000,132 | ---- | M] () -- C:\Users\***\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.10.20 10:27:37 | 003,664,755 | ---- | M] () -- C:\Users\***\Desktop\rct3importer-v18b2-svn130-dist.zip
[2010.10.19 18:41:40 | 000,981,593 | ---- | M] () -- C:\Users\***\Desktop\WarnerBrothersStudioSet.rar
[2010.10.18 19:55:06 | 000,174,640 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010.10.18 19:55:06 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010.10.18 19:55:06 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.11.11 17:24:19 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.11 17:04:13 | 000,000,690 | ---- | C] () -- C:\Users\***\Desktop\AudioConverter.exe.lnk
[2010.11.11 12:33:57 | 000,151,566 | ---- | C] () -- C:\Windows\SysWow64\UninstIPP.isu
[2010.11.11 12:33:57 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\IPPCPUID.DLL
[2010.11.02 11:03:33 | 000,000,735 | ---- | C] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2010.10.30 15:06:46 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.10.20 10:27:20 | 003,664,755 | ---- | C] () -- C:\Users\***\Desktop\rct3importer-v18b2-svn130-dist.zip
[2010.10.19 17:38:40 | 000,981,593 | ---- | C] () -- C:\Users\***\Desktop\WarnerBrothersStudioSet.rar
[2010.10.18 19:55:07 | 001,202,730 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\Cat.DB
[2010.10.18 19:55:06 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010.10.18 19:55:06 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010.10.18 19:54:49 | 000,003,373 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\SymEFA.inf
[2010.10.18 19:54:49 | 000,002,792 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\SymDS.inf
[2010.10.18 19:54:49 | 000,001,445 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\SymNet.inf
[2010.10.18 19:54:49 | 000,001,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\srtsp64.inf
[2010.10.18 19:54:49 | 000,001,422 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\srtspx64.inf
[2010.10.18 19:54:49 | 000,000,771 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\Iron.inf
[2010.10.18 19:54:42 | 000,007,414 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\srtspx64.cat
[2010.10.18 19:54:42 | 000,007,412 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\SymEFA64.cat
[2010.10.18 19:54:42 | 000,007,410 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\symnet64.cat
[2010.10.18 19:54:42 | 000,007,410 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\srtsp64.cat
[2010.10.18 19:54:42 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\SymDS64.cat
[2010.10.18 19:54:42 | 000,007,402 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\iron.cat
[2010.10.18 19:54:42 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1201000.025\isolate.ini
[2010.10.02 10:50:09 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.09.30 20:27:32 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.09.06 11:23:58 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2010.09.03 07:55:08 | 000,007,622 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2010.08.26 19:59:18 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.08.20 22:04:00 | 000,000,003 | ---- | C] () -- C:\ProgramData\MusicStation.log
[2010.08.20 22:03:42 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.01.29 21:36:40 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.01.29 21:36:40 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2010.10.08 15:55:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Atari
[2010.10.20 14:50:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Axialis
[2010.10.03 18:01:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Broad Intelligence
[2010.08.19 20:20:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2010.10.30 15:20:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\dream-mkv-converter
[2010.08.20 11:40:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HandBrake
[2010.11.08 21:22:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2010.10.30 16:23:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mkvtoolnix
[2010.08.23 18:25:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\RouterControl
[2010.08.20 10:02:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SPORE
[2010.10.18 19:39:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Tropico 3
[2010.10.03 10:14:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2010.10.08 14:56:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ubisoft
[2010.10.30 15:37:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Xilisoft
[2010.11.06 10:41:21 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Verstehe nur nicht, was ich jetzt tun muss?
Kann mir jemand helfen. Wäre super!

Beste Grüße

Alt 12.11.2010, 14:50   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben? - Standard

Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?


Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle Logs posten.
__________________

__________________
Alt 14.11.2010, 18:36   #3
charles89
 
Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben? - Standard

Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?


Könnte noch den Quick-Scan anbieten.
Aber reicht der volle Scan nicht? Kamen nur die gleichen Viren bei raus...

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5114

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

14.11.2010 18:34:10
mbam-log-2010-11-14 (18-34-10).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 143676
Laufzeit: 4 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Gruß
__________________
Alt 14.11.2010, 19:15   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben? - Standard

Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?


Ich wollte wissen ob du in der Vergangenheit schon öfter Logs mit Malwarebytes erstellt hast, wenn du aber das Tool am 11.11. zum ersten Mal ausgeführt hast ist das schon ok - ich muss in letzter Zeit immer häufiger nachfragen, da manche TOs hier tw. nur die Logs ohne Funde posten und die mit den wichtigen Infos zu den Funden einfach wegließen...
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.11.2010, 19:37   #5
charles89
 
Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben? - Standard

Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?


Nee, habs da zum ersten Mal benutzt. Habe also keine älteren Logs.


Alt 14.11.2010, 20:48   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben? - Standard

Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?


Zitat:
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com:443
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
Warum darf dein Rechner Adobe nicht erreichen? Was für CS5 aus welcher Quelle hast du da installiert?
__________________
--> Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?

Antwort

Themen zu Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?
administrator, adobe, autorun, bho, bonjour, disabletaskmgr, error, explorer, fehler, firefox, format, home, home premium, iastor.sys, intrusion prevention, location, logfile, mozilla, mp3, oldtimer, otl logfile, plug-in, problem, programdata, realtek, searchplugins, security, seiten, server, software, sptd.sys, start menu, studio, super, symantec, system, syswow64, taskmanager, taskmanager deaktiviert, viren, webcheck, windows


« IE öffnet sich alleine/Werbung | combofix logfile kann mal jemand drüberschauen? »


Ähnliche Themen: Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?


  1. Hijack & pum viren !
    Plagegeister aller Art und deren Bekämpfung - 03.02.2013 (11)
  2. Trojan.Agent.H, PUM.Hijack.CMDPrompt/Regedit/Run
    Plagegeister aller Art und deren Bekämpfung - 19.12.2012 (11)
  3. Hijack.Regedit
    Plagegeister aller Art und deren Bekämpfung - 12.09.2012 (1)
  4. TaskManager funktioniert nicht, Security Hijack
    Plagegeister aller Art und deren Bekämpfung - 02.08.2012 (8)
  5. Wegen Trojaner funktioniert der Task Manager nicht mehr (PUM.Hijack.TaskManager)
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (21)
  6. Verschlüsselungstrojaner Trojan.FakeVLC, PUM.Hijack.Task, Hijack.Regedit, Trojan.Agent
    Log-Analyse und Auswertung - 24.06.2012 (1)
  7. Malwarebytes hat PUM.Hijack.TaskManager und Backdoor.Agent gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (23)
  8. Registry durch PUM.Hijack.Regedit gespert
    Plagegeister aller Art und deren Bekämpfung - 23.11.2011 (9)
  9. pum.hijack.taskmanager und trojan.fakems auf XP rechner gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.06.2011 (11)
  10. PUM.Hijack.taskmanager
    Plagegeister aller Art und deren Bekämpfung - 08.06.2011 (30)
  11. Hijack Logfile - Viren?
    Log-Analyse und Auswertung - 10.03.2010 (4)
  12. IE und Antivir funktioniert nicht - Security.Hijack und Hijack.ControlPanelStyle
    Log-Analyse und Auswertung - 25.07.2009 (37)
  13. TASKMANAGER DEAKTIVIERT-KEIN VIRUS-Hijack Log
    Log-Analyse und Auswertung - 10.07.2008 (1)
  14. Viren/Trojaner - Hijack log
    Log-Analyse und Auswertung - 05.12.2007 (9)
  15. HiJack Log - Taskmgr, Regedit schliessen sofort wieder, kein Internetzugang mehr
    Log-Analyse und Auswertung - 07.01.2007 (6)
  16. Taskmanager startet nicht mehr [hijack-log]
    Log-Analyse und Auswertung - 23.11.2006 (3)
  17. Problem- habe kein Zugriff auf den Taskmanager+Probleme mit dem Fixen bei Hijack!
    Plagegeister aller Art und deren Bekämpfung - 16.06.2006 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben? - Hallo, ich habe meinen Laptop mit Windows 7 erst seit circa 2 Monaten, doch ich habe das Problem, dass der Taskmanager deaktiviert ist. Ich habe auf diversen Seiten gelesen, den - Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben?...
Archiv
Du betrachtest: Viren Hijack.Regedit und Hijack.TaskManager: Wie beheben? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55