Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Task Manager startet nicht mehr (Windows 7)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 07.07.2012, 12:43   #1
RoswellAlien
 
Task Manager startet nicht mehr (Windows 7) - Standard

Task Manager startet nicht mehr (Windows 7)



Hallo,

habe seit ein paar Tagen das Problem das mein Task Manager mit der Tastenkombination strg + alt + enf nicht mehr startet. Stattdessen startet der Taschenrechner.

Außerdem sprint zum Bsp. Firefox beim Benutzen der backspace Taste immer auf die "Galerie Ansicht" bzw. es kommt folgende Meldung: "Sie versuchen, eine Datei des Typs "Anwendungserweiterung" (.dll) zu öffnen usw."

Habe meinen PC bereits mit dem Programm Malewarebytes Anti Malware mit der Version von heute überprüft. Hier die Logdatei:

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.07.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Administrator :: *-* [Administrator]

Schutz: Aktiviert

07.07.2012 11:52:17
mbam-log-2012-07-07 (11-52-17).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 506933
Laufzeit: 1 Stunde(n), 9 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Ich habe OTL von Oldtimer runtergeladen und nach Euren Empfehlungen gescannt. Hier die Logfile:

OTL logfile created on: 7/7/2012 1:34:49 PM - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Administrator\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7.98 Gb Total Physical Memory | 3.96 Gb Available Physical Memory | 49.61% Memory free
15.96 Gb Paging File | 11.46 Gb Available in Paging File | 71.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1383.48 Gb Total Space | 1096.66 Gb Free Space | 79.27% Space Free | Partition Type: NTFS
Drive D: | 13.68 Gb Total Space | 1.74 Gb Free Space | 12.75% Space Free | Partition Type: NTFS
Drive F: | 14.98 Gb Total Space | 1.14 Gb Free Space | 7.59% Space Free | Partition Type: FAT32
Drive G: | 477.63 Mb Total Space | 475.00 Mb Free Space | 99.45% Space Free | Partition Type: FAT
Drive L: | 596.17 Gb Total Space | 0.10 Gb Free Space | 0.02% Space Free | Partition Type: NTFS

Computer Name: DANIEL-HP | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files (x86)\Aurora\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Aurora\plugin-container.exe (Mozilla Corporation)
PRC - C:\Users\Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Aurora\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.DLL ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (hcwD3bda_dvbt) -- C:\Windows\SysNative\Hauppauge\hcwD3dvb\DVBT\DVBservice.exe (Mirics Semiconductor Ltd)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE ()
SRV - (hshld) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (HssWd) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (HssSrv) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (CLKMSVC10_C6F09094) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe (CyberLink)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (HPClientSvc) -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (HssDrv) -- C:\Windows\SysNative\drivers\HssDrv.sys (AnchorFree Inc.)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (hcwD3bda) Driver for WinTV DVB-T (Model 133xxx) -- C:\Windows\SysNative\drivers\hcwD3bda64.sys (Mirics)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (ncplelhp) -- C:\Windows\SysNative\drivers\ncplelhp.sys (NCP Engineering GmbH)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDF
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDF
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDF
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDF
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={3A25E22F-4047-4693-8952-B32E267D494F}&mid=47921a559e2a47d08836788174535cbb-6c362d759d2d510112581912589213af0615207f&lang=en&ds=yu012&pr=sa&d=2012-05-27 18:22:02&v=11.1.0.7&sap=hp
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={3A25E22F-4047-4693-8952-B32E267D494F}&mid=47921a559e2a47d08836788174535cbb-6c362d759d2d510112581912589213af0615207f&lang=en&ds=yu012&pr=sa&d=2012-05-27 18:22:02&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://mein.allyve.com/"
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: afurladvisor@anchorfree.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.http: "157.181.228.181"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0

FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Program Files\VLC Player\VLC\npvlc.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 16.0a1\extensions\\Components: C:\PROGRAM FILES\NIGHTLY\COMPONENTS [2012/07/03 20:05:32 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 16.0a1\extensions\\Plugins: C:\PROGRAM FILES\NIGHTLY\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 15.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components [2012/07/07 05:54:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 15.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins

[2012/04/20 19:03:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2012/07/07 05:39:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions
[2012/04/21 20:39:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/06/23 00:04:23 | 000,000,000 | ---D | M] (BYTubeD - Bulk (Batch) YouTube video Downloader) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\bytubed@cs213.cse.iitk.ac.in
[2012/04/21 20:39:14 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2012/07/04 21:20:16 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\firefox@ghostery.com
[2012/05/18 16:24:06 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\ich@maltegoetz.de
[2012/04/21 19:23:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\483gp3z8.default\extensions\nostmp
[2012/06/04 17:46:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/05/26 15:09:49 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\extensions\afurladvisor@anchorfree.com
[2012/06/04 01:10:04 | 000,030,312 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI
[2012/05/28 02:19:07 | 000,413,408 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI
[2012/02/11 16:02:18 | 000,709,293 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2012/03/29 20:15:18 | 000,685,019 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2012/04/21 21:18:30 | 000,113,603 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\NOSQUINT@URANDOM.CA.XPI
[2012/06/15 17:53:12 | 000,182,698 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2012/06/24 11:33:54 | 000,456,182 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\STEFANVANDAMME@STEFANVD.NET.XPI
[2012/07/04 22:10:22 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012/06/22 23:14:25 | 000,008,001 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\483GP3Z8.DEFAULT\EXTENSIONS\TINEYE@IDEEINC.COM.XPI
[2012/05/27 18:21:58 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/19 23:35:21 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src

O1 HOSTS File: ([2012/07/07 06:42:46 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BeatsOSDApp] C:\Programme\IDT\WDM\beats64.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4:64bit: - HKLM..\RunOnce: [NCPGINA] C:\Windows\delrws.bat ()
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Aurora.lnk = C:\Program Files (x86)\Aurora\firefox.exe (Mozilla Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE60407B-9C3A-441D-B82A-3E26A13EB9A8}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/07 06:42:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/07 06:21:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes
[2012/07/07 06:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/07 06:21:10 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/07/07 06:21:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/07 06:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/07 05:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aurora
[2012/07/06 16:22:25 | 000,000,000 | ---D | C] -- C:\Program Files\backups
[2012/07/06 16:14:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/07/06 16:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/07/06 16:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/07/06 15:59:46 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2012/07/04 22:10:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Macromedia
[2012/07/04 22:10:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/07/03 20:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Nightly
[2012/07/01 13:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2012/06/23 21:04:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\HP MediaSmart Video
[2012/06/23 13:58:59 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/06/23 13:55:02 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/23 13:55:02 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/23 13:55:02 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/23 13:54:34 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/23 13:54:34 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/23 13:54:34 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/23 13:54:18 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/23 13:54:18 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/19 22:23:46 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\NPE
[2012/06/19 22:18:24 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\JAM Software
[2012/06/16 14:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/16 14:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/06/16 14:04:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/16 14:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/06/16 14:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/06/16 13:59:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2012/06/13 23:33:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{3E684F40-FE83-48C2-981A-8201E1CCB21F}
[2012/06/13 22:53:20 | 000,918,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/13 22:53:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/13 22:52:56 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/06/13 22:52:50 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/13 22:52:50 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/13 22:52:48 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/13 22:52:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/13 22:52:47 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/13 22:52:47 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/13 22:52:42 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/13 22:52:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/13 22:52:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/13 22:52:25 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/13 22:52:21 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/13 22:52:21 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/13 22:51:51 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/13 22:51:34 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/13 22:51:33 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/06/08 14:56:02 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\FFOutput
[2012/06/08 14:55:59 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/06/08 14:55:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2012/06/08 14:55:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FormatFactory
[2012/06/07 13:52:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Meine Dokumente
[2012/05/27 19:29:13 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HiJackThis204.exe
[2012/04/19 00:22:17 | 032,811,469 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Program Files\WDM_R267.exe
[2012/04/19 00:22:15 | 032,811,469 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Program Files\WDM_R267(1).exe
[2012/04/19 00:22:15 | 004,618,792 | ---- | C] (Veetle Inc) -- C:\Program Files\veetle-0.9.19.exe

========== Files - Modified Within 30 Days ==========

[2012/07/07 13:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/07 13:17:17 | 000,062,342 | ---- | M] () -- C:\Users\Administrator\Desktop\Unbenannt.PNG
[2012/07/07 12:05:25 | 000,004,204 | ---- | M] () -- C:\Users\Administrator\Documents\cc_20120707_120519.reg
[2012/07/07 12:04:32 | 000,000,485 | ---- | M] () -- C:\Windows\delrws.bat
[2012/07/07 11:42:09 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/07 11:42:09 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/07 11:34:50 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForAdministrator.job
[2012/07/07 11:34:45 | 000,295,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/07 11:34:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/07 11:34:31 | 2133,733,375 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/07 06:42:46 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/07/07 06:11:35 | 000,007,034 | ---- | M] () -- C:\Users\Administrator\Documents\cc_20120707_061132.reg
[2012/07/06 17:14:39 | 000,000,174 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\default.rss
[2012/07/06 17:14:30 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012/07/06 15:59:47 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2012/07/04 22:10:03 | 000,001,079 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Aurora.lnk
[2012/06/29 00:35:39 | 000,104,790 | ---- | M] () -- C:\Users\Administrator\Desktop\048432359_5083021xbf_123_101lo.jpg
[2012/06/29 00:35:19 | 000,114,715 | ---- | M] () -- C:\Users\Administrator\Desktop\048303800_5083020efp_123_1037lo.jpg
[2012/06/24 11:33:22 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/24 11:33:22 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/23 01:08:09 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDANIEL-HP$.job
[2012/06/17 17:15:00 | 000,004,314 | ---- | M] () -- C:\Users\Administrator\Documents\cc_20120617_171456.reg
[2012/06/15 01:08:53 | 000,001,333 | ---- | M] () -- C:\Users\Administrator\.swfinfo
[2012/06/14 23:59:18 | 001,505,034 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/14 23:59:18 | 000,656,028 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/06/14 23:59:18 | 000,617,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/14 23:59:18 | 000,130,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/06/14 23:59:18 | 000,107,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/10 17:19:50 | 000,002,057 | ---- | M] () -- C:\Windows\epplauncher.mif

========== Files Created - No Company Name ==========

[2012/07/07 13:17:17 | 000,062,342 | ---- | C] () -- C:\Users\Administrator\Desktop\Unbenannt.PNG
[2012/07/07 12:05:23 | 000,004,204 | ---- | C] () -- C:\Users\Administrator\Documents\cc_20120707_120519.reg
[2012/07/07 12:04:16 | 000,000,485 | ---- | C] () -- C:\Windows\delrws.bat
[2012/07/07 11:34:33 | 000,295,896 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/07 06:11:34 | 000,007,034 | ---- | C] () -- C:\Users\Administrator\Documents\cc_20120707_061132.reg
[2012/07/06 15:24:53 | 000,001,079 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Aurora.lnk
[2012/07/04 22:10:03 | 000,001,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora.lnk
[2012/07/01 13:39:54 | 000,001,021 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2012/06/29 00:35:38 | 000,104,790 | ---- | C] () -- C:\Users\Administrator\Desktop\048432359_5083021xbf_123_101lo.jpg
[2012/06/29 00:35:18 | 000,114,715 | ---- | C] () -- C:\Users\Administrator\Desktop\048303800_5083020efp_123_1037lo.jpg
[2012/06/17 17:14:58 | 000,004,314 | ---- | C] () -- C:\Users\Administrator\Documents\cc_20120617_171456.reg
[2012/06/16 14:00:01 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012/05/19 01:22:24 | 000,017,408 | ---- | C] () -- C:\Users\Administrator\AppData\Local\WebpageIcons.db
[2012/05/12 23:41:58 | 000,001,333 | ---- | C] () -- C:\Users\Administrator\.swfinfo
[2012/05/11 20:12:06 | 000,000,174 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\default.rss
[2012/05/05 01:15:04 | 000,097,204 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/04/26 22:53:50 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012/04/26 22:45:26 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/04/26 22:45:26 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/04/23 23:47:38 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/19 00:22:21 | 007,188,924 | ---- | C] () -- C:\Program Files\XMediaRecode3090_setup.exe
[2012/04/19 00:22:19 | 054,957,384 | ---- | C] () -- C:\Program Files\wz160gev.exe
[2012/04/18 23:25:28 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/02/08 16:55:22 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/08/18 07:35:05 | 000,186,368 | ---- | C] () -- C:\Windows\SysWow64\hcwD3bda32.dll
[2011/08/18 07:27:29 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011/08/18 07:15:32 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011/08/18 07:15:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010/09/21 19:30:44 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2007/05/23 16:22:44 | 000,003,798 | ---- | C] () -- C:\Program Files\SP35985.CVA

< End of report >

Es wäre sehr nett wenn mir jemand von Euch weiter helfen könnte.
Vielen Dank!
Daniel

 

Themen zu Task Manager startet nicht mehr (Windows 7)
adobe, bho, bonjour, cid, downloader, firefox, flash player, format, heuristiks/extra, heuristiks/shuriken, hijack, hijackthis, home, hotspot, hotspot shield, installation, logfile, malware, mozilla, plug-in, problem, programm, progressive, realtek, registry, safer networking, search the web, searchscopes, security, services.exe, software, superantispyware, symantec, windows




Ähnliche Themen: Task Manager startet nicht mehr (Windows 7)


  1. BKA-Trojaner, Task Manager schließt automatisch - PC nicht mehr verwendbar
    Plagegeister aller Art und deren Bekämpfung - 28.12.2012 (17)
  2. Weisser Bildschirm - Task Manager und Abgesicherter Modus nicht mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 04.11.2012 (25)
  3. Task Manager und Adobe Reader funktionieren nicht mehr
    Log-Analyse und Auswertung - 29.10.2012 (11)
  4. Wegen Trojaner funktioniert der Task Manager nicht mehr (PUM.Hijack.TaskManager)
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (21)
  5. Deutschlandflagge und 50 Euro um Virenprogramm zu kaufen, Task-Manager startet nicht mehr
    Log-Analyse und Auswertung - 18.02.2012 (20)
  6. BKA-Trojaner, Task-Manager funktioniert nicht, Windows XP
    Plagegeister aller Art und deren Bekämpfung - 10.01.2012 (12)
  7. Windows 7 Task-Manager startet nicht / Regedit nicht möglich.
    Log-Analyse und Auswertung - 06.11.2010 (1)
  8. Windows 7 Task Manager startet nicht mehr - Regedit nicht möglich!
    Log-Analyse und Auswertung - 18.09.2010 (4)
  9. Task-Manager funktioniert nicht mehr!
    Log-Analyse und Auswertung - 30.12.2008 (27)
  10. Task Manager und Systemwiederher. gehen nicht mehr->
    Log-Analyse und Auswertung - 07.10.2008 (10)
  11. IE funktioniert nach gewisser Zeit nicht mehr, Task-Manager-Start nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 28.09.2008 (3)
  12. IE funktioniert nicht mehr, Task-Manager lässt sich nicht starten
    Mülltonne - 27.09.2008 (0)
  13. PC schnell überlastet; Task-Manager nicht mehr zu öffnen
    Mülltonne - 08.11.2007 (0)
  14. Task Manager öffnet sich nicht mehr --> Hilfe!
    Alles rund um Windows - 28.11.2006 (1)
  15. Zu hülfe, mein Task Manager ist nicht mehr vollständig!
    Alles rund um Windows - 28.11.2005 (3)
  16. Task Manager öffnet sich nicht mehr
    Alles rund um Windows - 18.10.2005 (4)
  17. Task Manager,Geräte Manager,regedit öffnen sich nicht!
    Log-Analyse und Auswertung - 11.04.2005 (1)

Zum Thema Task Manager startet nicht mehr (Windows 7) - Hallo, habe seit ein paar Tagen das Problem das mein Task Manager mit der Tastenkombination strg + alt + enf nicht mehr startet. Stattdessen startet der Taschenrechner. Außerdem sprint zum - Task Manager startet nicht mehr (Windows 7)...

Alle Zeitangaben in WEZ +1. Es ist jetzt 16:05 Uhr.


Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: Task Manager startet nicht mehr (Windows 7) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.