Windows ist blockiert - 50€

ComboFix 12-01-13.05 - AsTra 14.01.2012   0:49.1.4 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3326.2344 [GMT 1:00]
ausgeführt von:: c:\users\AsTra\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
c:\users\AsTra\wrar_unplugged_3.9.1.1.exe
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-12-13 bis 2012-01-13  ))))))))))))))))))))))))))))))
.
.
2012-01-13 23:55 . 2012-01-13 23:55	--------	d-----w-	c:\users\AsTra\AppData\Local\temp
2012-01-13 23:55 . 2012-01-13 23:55	--------	d-----w-	c:\users\Nadine\AppData\Local\temp
2012-01-13 23:55 . 2012-01-13 23:55	--------	d-----w-	c:\users\miz\AppData\Local\temp
2012-01-13 23:26 . 2012-01-13 23:26	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0CA65282-8E86-4129-A847-FB3C9DA978D1}\offreg.dll
2012-01-13 17:20 . 2012-01-13 17:50	--------	d-----w-	C:\_OTL
2012-01-13 13:46 . 2011-11-21 10:47	6823496	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0CA65282-8E86-4129-A847-FB3C9DA978D1}\mpengine.dll
2012-01-12 21:44 . 2012-01-13 23:38	--------	d-----w-	C:\trojDownloads
2012-01-12 17:59 . 2012-01-12 18:00	--------	d--h--w-	c:\windows\AxInstSV
2012-01-11 20:37 . 2011-11-17 05:38	1288472	----a-w-	c:\windows\system32\ntdll.dll
2012-01-11 20:37 . 2011-11-19 14:01	67072	----a-w-	c:\windows\system32\packager.dll
2012-01-11 20:37 . 2011-10-26 04:32	514560	----a-w-	c:\windows\system32\qdvd.dll
2012-01-11 20:37 . 2011-10-26 04:32	1328128	----a-w-	c:\windows\system32\quartz.dll
2011-12-17 12:16 . 2011-12-18 21:02	--------	d-----w-	c:\users\Nadine\.jenny
2011-12-15 17:57 . 2011-11-24 04:25	2342912	----a-w-	c:\windows\system32\win32k.sys
2011-12-15 17:56 . 2011-11-05 04:26	2048	----a-w-	c:\windows\system32\tzres.dll
2011-12-15 17:56 . 2011-10-15 05:38	534528	----a-w-	c:\windows\system32\EncDec.dll
2011-12-15 17:56 . 2011-10-26 04:28	38912	----a-w-	c:\windows\system32\csrsrv.dll
2011-12-15 17:56 . 2011-10-26 04:47	3967856	----a-w-	c:\windows\system32\ntkrnlpa.exe
2011-12-15 17:56 . 2011-10-26 04:47	3912560	----a-w-	c:\windows\system32\ntoskrnl.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-08 18:06 . 2011-10-16 13:18	134856	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-11-18 21:24 . 2011-06-03 06:22	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-13 15:20 . 2011-11-13 15:20	16896	----a-w-	c:\program files\wmdmhelper.dll
2011-11-13 15:20 . 2011-11-13 15:20	641024	----a-w-	c:\program files\rjbres.dll
2011-11-13 15:20 . 2011-11-13 15:20	45056	----a-w-	c:\program files\ierjplug.dll
2011-11-13 15:20 . 2011-11-13 15:20	360960	----a-w-	c:\program files\rjdlg.dll
2011-11-13 15:20 . 2011-11-13 15:20	34304	----a-w-	c:\program files\rjprog.dll
2011-11-13 15:20 . 2011-11-13 15:20	139264	----a-w-	c:\program files\dunzip32.dll
2011-11-13 15:20 . 2011-11-13 15:20	9216	----a-w-	c:\program files\fixrjb.exe
2011-11-13 15:20 . 2011-11-13 15:20	1115376	----a-w-	c:\program files\cddbmusicid.dll
2011-11-13 15:20 . 2011-11-13 15:20	943344	----a-w-	c:\program files\cddblink.dll
2011-11-13 15:20 . 2011-11-13 15:20	74240	----a-w-	c:\program files\tsasdk.dll
2011-11-13 15:20 . 2011-11-13 15:20	45056	----a-w-	c:\program files\mmcdda32.dll
2011-11-13 15:20 . 2011-11-13 15:20	23552	----a-w-	c:\program files\tnetdtct.dll
2011-11-13 15:20 . 2011-11-13 15:20	2041072	----a-w-	c:\program files\cddbcontrol.dll
2011-11-13 15:20 . 2011-11-13 15:20	67072	----a-w-	c:\program files\rpwa3260.dll
2011-11-13 15:20 . 2011-11-13 15:20	48640	----a-w-	c:\program files\tpasdk.dll
2011-11-13 15:20 . 2011-11-13 15:20	45728	----a-w-	c:\program files\rpshellsearch.dll
2011-11-13 15:20 . 2011-11-13 15:20	16296	----a-w-	c:\program files\realtfon.fon
2011-11-13 15:20 . 2011-11-13 15:20	368760	----a-w-	c:\program files\realconverter.exe
2011-11-13 15:20 . 2011-11-13 15:20	344696	----a-w-	c:\program files\convert.exe
2011-11-13 15:20 . 2011-11-13 15:20	390384	----a-w-	c:\program files\mc_enc_mp4v.dll
2011-11-13 15:20 . 2011-11-13 15:20	372848	----a-w-	c:\program files\realtrimmer.exe
2011-11-13 15:20 . 2011-11-13 15:20	120944	----a-w-	c:\program files\realshare.exe
2011-11-13 15:20 . 2011-11-13 15:20	72192	----a-w-	c:\program files\rjwmapln.dll
2011-11-13 15:20 . 2011-11-13 15:20	719360	----a-w-	c:\program files\dbghelp.dll
2011-11-13 15:20 . 2011-11-13 15:20	46592	----a-w-	c:\program files\rpau3260.dll
2011-11-13 15:20 . 2011-11-13 15:20	88064	----a-w-	c:\program files\hxaudiodevicehook.dll
2011-11-13 15:20 . 2011-11-13 15:20	86528	----a-w-	c:\program files\rpplugprot.dll
2011-11-13 15:20 . 2011-11-13 15:20	64656	----a-w-	c:\program files\rpshell.dll
2011-11-13 15:20 . 2011-11-13 15:20	26752	----a-w-	c:\program files\rndevicedbbuilder.exe
2011-11-13 15:20 . 2011-11-13 15:20	116376	----a-w-	c:\program files\rdsf3260.dll
2011-11-13 15:20 . 2011-11-13 15:20	9728	----a-w-	c:\program files\realjbox.exe
2011-11-13 15:20 . 2011-11-13 15:20	490096	----a-w-	c:\program files\realplay.exe
2011-11-13 15:20 . 2011-11-13 15:20	17048	----a-w-	c:\program files\rphelperapp.exe
2011-11-13 15:20 . 2011-11-13 15:20	415400	----a-w-	c:\program files\recordingmanager.exe
2011-11-13 15:20 . 2010-01-18 06:30	348160	----a-w-	c:\windows\system32\msvcr71.dll
2011-11-13 15:20 . 2010-01-18 06:30	499712	----a-w-	c:\windows\system32\msvcp71.dll
2010-12-12 12:46 . 2010-12-12 12:46	2354258	----a-w-	c:\program files\Setup-Foto-Mosaik.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-06 102400]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-06 8555040]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-08-17 534880]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"TkBellExe"="c:\program files\Update\realsched.exe" [2011-11-13 273528]
"PDFPrint"="c:\program files\pdf24\pdf24.exe" [2011-12-16 220744]
.
c:\users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\users\miz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ToDo - Verknüpfung.lnk - c:\altefestplatte\LaufwerkBigData\ToDo.xls [2010-7-31 92160]
.
c:\users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\users\AsTra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-31 136176]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-05-26 191752]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-31 136176]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-28 25112]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-29 1343400]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-07 172032]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-03-10 249648]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-02-03 1155072]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-04-07 5430272]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-07 157184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-05 230912]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-07-08 603240]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 30392]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-31 23:38]
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-31 23:38]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - (no file)
SafeBoot-BsScanner
AddRemove-ArcSoft PhotoImpression 3.0 - c:\windows\IsUn0407.exe
AddRemove-Copy Utility - c:\windows\IsUn0407.exe
AddRemove-EPSON Photo Print - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-01-14  00:56:50
ComboFix-quarantined-files.txt  2012-01-13 23:56
.
Vor Suchlauf: 15 Verzeichnis(se), 726.888.009.728 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 726.662.324.224 Bytes frei
.
- - End Of File - - A58E72DFCC3E6E84E32333C52CB1F575