Task Manager startet nicht mehr (Windows 7)

RoswellAlien · 17.07.2012, 19:49

Hallo Markus,

vielen Dank für Deine Antwort.

Hier das Logfile von SuperAntiSpyware

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 07/17/2012 at 08:12 PM

Application Version : 5.1.1002

Core Rules Database Version : 8912
Trace Rules Database Version: 6724

Scan type : Complete Scan
Total Scan Time : 02:02:29

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 658
Memory threats detected : 0
Registry items scanned : 65460
Registry threats detected : 0
File items scanned : 75369
File threats detected : 53

Adware.Tracking Cookie
ia.media-imdb.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KLX9B7BH ]
media.mtvnservices.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KLX9B7BH ]
staticedge.hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KLX9B7BH ]
www.proporn.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\KLX9B7BH ]
.gostats.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.de.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.partypoker.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.stats4free.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.stats4free.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.hardsextube.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.proporn.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.cnt.proporn.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.cnt.proporn.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.flagcounter.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
server.adform.net [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.ad.adnet.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]
.gostats.de [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\COOKIES.SQLITE ]

Hier das Logfile von Malwarebytes Anti-Malware

Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.17.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Administrator :: ******-** [Administrator]

Schutz: Aktiviert

17.07.2012 18:11:03
mbam-log-2012-07-17 (18-11-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 479911
Laufzeit: 2 Stunde(n), 1 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Hier nun abschließend noch das Logfile von ComboFix

Combofix Logfile:

Code:

ATTFilter

ComboFix 12-07-16.01 - Administrator 17.07.2012  20:27:19.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8175.4861 [GMT 2:00]
ausgeführt von:: c:\users\Administrator\Desktop\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\windows\security\Database\tmp.edb
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-06-17 bis 2012-07-17  ))))))))))))))))))))))))))))))
.
.
2012-07-17 18:32 . 2012-07-17 18:32	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-07-16 18:14 . 2012-07-17 15:44	--------	d-----w-	c:\program files (x86)\Aurora
2012-07-11 17:55 . 2012-06-12 03:08	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-07-10 19:09 . 2012-06-06 05:05	212992	----a-w-	c:\program files (x86)\Common Files\System\msadc\msadco.dll
2012-07-10 19:09 . 2012-06-06 05:05	143360	----a-w-	c:\program files (x86)\Common Files\System\ado\msjro.dll
2012-07-10 19:09 . 2012-06-06 05:05	372736	----a-w-	c:\program files (x86)\Common Files\System\ado\msadox.dll
2012-07-10 19:09 . 2012-06-06 06:02	1133568	----a-w-	c:\windows\system32\cdosys.dll
2012-07-08 12:48 . 2012-07-08 19:40	--------	d-----w-	c:\users\Administrator\AppData\Roaming\XnView
2012-07-08 12:48 . 2012-07-15 11:38	--------	d-----w-	c:\program files (x86)\XnView
2012-07-07 16:01 . 2012-07-12 21:32	--------	d-----w-	c:\users\Administrator\AppData\Local\CrashDumps
2012-07-07 12:27 . 2012-07-07 12:27	2135640	----a-w-	c:\program files\tdsskiller.exe
2012-07-07 11:48 . 2012-07-07 11:48	--------	d-----w-	c:\users\Administrator\AppData\Roaming\GlarySoft
2012-07-07 11:47 . 2012-07-15 11:41	--------	d-----w-	c:\program files\Glarysoft
2012-07-07 04:42 . 2012-07-07 04:42	--------	d-----w-	C:\_OTL
2012-07-07 04:21 . 2012-07-07 04:21	--------	d-----w-	c:\users\Administrator\AppData\Roaming\Malwarebytes
2012-07-07 04:21 . 2012-07-15 11:38	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-07 04:21 . 2012-07-07 04:21	--------	d-----w-	c:\programdata\Malwarebytes
2012-07-07 04:21 . 2012-07-03 11:46	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-07-06 14:22 . 2012-07-06 14:22	--------	d-----w-	c:\program files\backups
2012-07-06 14:14 . 2012-07-15 11:38	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2012-07-06 14:14 . 2012-07-09 21:38	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2012-07-04 20:10 . 2012-07-04 20:10	--------	d-----w-	c:\users\Administrator\AppData\Local\Macromedia
2012-07-04 20:10 . 2012-07-17 18:33	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2012-07-03 18:05 . 2012-07-04 19:20	--------	d-----w-	c:\program files\Nightly
2012-07-01 11:39 . 2012-07-01 11:39	--------	d-----w-	c:\program files (x86)\Audacity
2012-06-23 19:04 . 2012-06-23 19:04	--------	d-----w-	c:\users\Administrator\AppData\Local\HP MediaSmart Video
2012-06-23 11:58 . 2011-02-19 12:05	1139200	----a-w-	c:\windows\system32\FntCache.dll
2012-06-23 11:58 . 2011-02-19 12:04	902656	----a-w-	c:\windows\system32\d2d1.dll
2012-06-23 11:58 . 2011-02-19 06:30	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2012-06-23 11:55 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-23 11:55 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-23 11:55 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-23 11:55 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-23 11:54 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-23 11:54 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-23 11:54 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-23 11:54 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-23 11:54 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-19 20:23 . 2012-06-19 20:23	--------	d-----w-	c:\users\Administrator\AppData\Local\NPE
2012-06-19 20:18 . 2012-06-19 20:18	--------	d-----w-	c:\users\Administrator\AppData\Roaming\JAM Software
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-17 18:17 . 2012-04-20 17:31	472880	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-07-11 20:33 . 2012-04-18 22:30	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 20:33 . 2012-04-18 22:30	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-31 04:04 . 2012-07-16 18:12	9013136	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9AF62229-12C7-44E3-B272-055DD6DBF921}\mpengine.dll
2012-05-31 04:04 . 2012-07-15 10:03	9013136	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-27 17:29 . 2012-05-27 17:29	388608	----a-w-	c:\program files\HiJackThis204.exe
2012-05-15 04:01 . 2012-06-13 20:52	1188864	----a-w-	c:\windows\system32\wininet.dll
2012-05-15 03:03 . 2012-06-13 20:52	981504	----a-w-	c:\windows\SysWow64\wininet.dll
2012-05-05 07:16 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2012-05-05 07:16 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2012-05-04 11:06 . 2012-06-13 20:52	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 20:52	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 20:52	3913072	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 20:52	209920	----a-w-	c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 20:51	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 20:52	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 20:52	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 20:52	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 20:51	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 20:51	140288	----a-w-	c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 20:51	1462272	----a-w-	c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 20:51	1158656	----a-w-	c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 20:51	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 20:51	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2012-04-23 21:49 . 2012-07-03 17:40	927800	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3540528F-F46D-4B14-8D4B-1133841283C4}\gapaengine.dll
2012-04-23 21:49 . 2012-06-12 20:31	927800	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-04-23 21:45 . 2012-04-23 21:45	10384312	----a-w-	c:\program files\mseinstall.exe
2012-04-22 17:18 . 2012-04-22 17:18	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{471E81A7-07BF-4552-BC99-83572B07DA00}\offreg.dll
2012-04-20 16:25 . 2012-04-20 16:25	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-04-20 16:25 . 2012-04-20 16:25	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-04-20 16:24 . 2012-04-20 16:24	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-04-20 03:45 . 2012-06-13 20:52	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2012-04-20 03:16 . 2012-06-13 20:52	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-04-18 20:46 . 2010-06-24 18:33	19352	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-04-18 18:56 . 2012-04-18 18:56	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2012-04-15 23:37 . 2012-04-18 22:22	54957384	----a-w-	c:\program files\wz160gev.exe
2012-04-15 23:19 . 2012-04-18 22:22	7188924	----a-w-	c:\program files\XMediaRecode3090_setup.exe
2012-03-21 15:22 . 2012-04-18 22:22	32811469	----a-w-	c:\program files\WDM_R267.exe
2012-03-21 15:16 . 2012-04-18 22:22	32811469	----a-w-	c:\program files\WDM_R267(1).exe
2012-03-17 09:50 . 2012-04-18 22:17	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-21 4786048]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992]
"LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2012-01-05 1823744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Aurora.lnk - c:\program files (x86)\Aurora\firefox.exe [2012-7-16 918000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 CLKMSVC10_C6F09094;CyberLink Product - 2011/08/17 22:23;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2010-09-21 245232]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-16 114160]
R3 ncplelhp;WatchGuard Secure Client NDIS6 Driver;c:\windows\system32\DRIVERS\ncplelhp.sys [2010-02-23 151272]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R4 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
R4 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-01 89600]
S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2010-07-15 2641920]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-06-26 468848]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2012-06-20 384880]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [2010-07-15 116352]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-06-22 131688]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_C6F09094
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 20:33]
.
2012-07-13 c:\windows\Tasks\HPCeeScheduleForAdministrator.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-06-22 c:\windows\Tasks\HPCeeScheduleForDANIEL-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2012-05-16 01:10	287048	----a-w-	c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-08-15 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-27 489472]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://isearch.avg.com/?cid={3A25E22F-4047-4693-8952-B32E267D494F}&mid=47921a559e2a47d08836788174535cbb-6c362d759d2d510112581912589213af0615207f&lang=en&ds=yu012&pr=sa&d=2012-05-27 18:22&v=11.1.0.7&sap=hp
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.bing.com?pc=HPDTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\483gp3z8.default\
FF - prefs.js: browser.search.selectedEngine - Search the web
FF - prefs.js: browser.startup.homepage - hxxps://mein.allyve.com/
FF - prefs.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - prefs.js: network.proxy.http - 157.181.228.181
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.search.selectedEngine - Search the web
FF - user.js: browser.search.order.1 - Search the web
FF - user.js: browser.search.defaultenginename - Search the web
FF - user.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8fg66oxN&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 58a143c900000000000002004e435049
FF - user.js: extensions.incredibar_i.hardId - 58a143c900000000000002004e435049
FF - user.js: extensions.incredibar_i.instlDay - 15337
FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2722:33
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef - 
FF - user.js: extensions.incredibar_i.dfltLng - 
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id - 
FF - user.js: extensions.incredibar_i.upn2 - 6R8fg66oxN
FF - user.js: extensions.incredibar_i.upn2n - 92823584542271871
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10556
FF - user.js: extensions.incredibar_i.ppd - 1000
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108298
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 58a143c900000000000002004e435049
FF - user.js: extensions.BabylonToolbar_i.hardId - 58a143c900000000000002004e435049
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15395
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.171:00
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: general.useragent.extra.brc - 
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,91,c8,f2,8d,99,cb,cf,44,93,a9,9e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,91,c8,f2,8d,99,cb,cf,44,93,a9,9e,\
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.3g2"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.3gp"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.3gp2"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.3gpp"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.aac"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.adt"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.adts"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ARW\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.asf"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.asx"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.au"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.avi"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CR2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cue\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.cue"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.divx"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DNG\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.flac"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.flv"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ifo\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.ifo"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jar\UserChoice]
@Denied: (2) (Administrator)
"Progid"="jarfile"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.KDC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m1v"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m2t"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m2ts"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m2v"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m3u"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u8\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m3u8"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m4a"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4p\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m4p"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.m4v"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mid"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mkv"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mod"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mov"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp2"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp2v"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp3"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp4"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mp4v"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mpa"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mpe"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mpeg"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mpg"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mpv2"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MRW\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mts"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NEF\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ORF\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.PEF\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.RAF\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.rmi"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmvb\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.rmvb"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.snd"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.SR2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.ts"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.tts"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.vob"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.wav"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.wma"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.wmv"
.
[HKEY_USERS\S-1-5-21-642508905-2555156998-2566340659-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.X3F\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Google.PhotoViewer.3.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Java\jre6\bin\javaws.exe
c:\program files (x86)\Java\jre6\bin\javaw.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-17  20:39:44 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-07-17 18:39
.
Vor Suchlauf: 8 Verzeichnis(se), 1.140.469.841.920 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 1.140.157.030.400 Bytes frei
.
- - End Of File - - 5820903E417B712C34746DD49B070DF0

--- --- ---

Gruß

Daniel

Task Manager startet nicht mehr (Windows 7)

Plagegeister aller Art und deren Bekämpfung: Task Manager startet nicht mehr (Windows 7)

Task Manager startet nicht mehr (Windows 7)

Ähnliche Themen: Task Manager startet nicht mehr (Windows 7)