[3x Conhost?] Ständig laufen 3 Conhost.exe -Anwendungen

MoGa · 30.06.2013, 13:42

Guten Tag!
Ich weiss nicht genau, ob dies der richtige Abteil dafür ist, da ich neu bin, dennoch:
Ich habe ein Problem und habe sofort danach gesucht, ich habe hier im Forum einen Beitrag entdeckt, ich denke aber, dass jeder eine individuelle Lösung braucht.
Nämlich habe ich durchgehend 3x den 'conhost.exe'-Prozess am Laufen

Ich habe zumindest schon die Schritte (mein Problem ist genau das Selbe) ausgeführt:
(http://www.trojaner-board.de/132667-...-prozesse.html)
welche sind:

Zitat:

Schritt 1
Downloade dir bitte DDS ( von sUBs ) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop.

dds.com
dds.exe
Starte bitte dds mit einem Doppelklick.
Der Desktop wird verschwinden, das ist normal.
Setze bitte einen Haken bei
dds.txt ( Sollte angehakt sein )
attach.txt
Ändere keine Einstellungen ohne Anweisung
Wenn der Scan beendet ist, wird DDS 2 Logfiles auf deinem Desktop erstellen:
dds.txt
attach.txt
Bitte poste beide Logfiles in deiner nächsten Antwort.

Schritt 2
Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Starte das Tool mit Doppelklick.
Klicke nun auf den Disable Button, um die Treiber gewisser Emulatoren zu deaktivieren.
Defogger wird dich fragen "Defogger will forcefully terminate and disable all CD Emulator related drivers and processes... Continue?" bestätige diese Sicherheitsabfrage mit Ja.
Wenn der Scan beendet wurde (Finished), klicke auf OK.
Defogger fordert gegebenfalls zum Neustart auf. Bestätige dies mit OK.
Defogger erstellt auf dem Desktop eine Logdatei mit dem Namen defogger_disable.txt. Poste deren Inhalt mit deiner nächsten Antwort.
Klicke den Re-enable Button nicht ohne Anweisung!

Schritt 3
Bitte lade dir GMER herunter: (Dateiname zufällig)
Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system ?

Unbedingt auf "No" klicken.
Entferne rechts den Haken bei: IAT/EAT und Show All
Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
Starte den Scan mit "Scan".
Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Ich habe die Logflies/ Protokolle eifach mal hochgeladen, aber meinen Benutzernamen mit ****** versehen.

Falls ihr komische Software feststellt, bitte schreibt mir welche, da ich nicht als einziger an diesem PC bzw. Benutzer bin.

[ich habe die Gmer-Datei gepackt, da sie relativ gross (

) ist]

Attach
Anhang 57192

DDS
Anhang 57193

Defogger-disable
Anhang 57194

Gmer_log
Anhang 57195

Ich bedanke mich für alle, die helfen!

-----P.S. falls jemand weiss, warum sich meine D-Partition ständig füllt, obwohl ich nichts mache, einfach auch mal antworten

MFG --- MoGa
[www.youtube.com/user/0moga0]

schrauber · 30.06.2013, 14:31

Logs bitte in den Thread posten.

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Scan.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

MoGa · 02.07.2013, 16:56

Hier sind die Dateien

FRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013
Ran by ****** (administrator) on 02-07-2013 17:44:23
Running from C:\Users\******\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) D:\Sicherheit\Avast neu\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) D:\Sicherheit\Avast neu\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
() C:\ProgramData\DatacardService\DCService.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(LogMeIn Inc.) C:\Users\******\Downloads\MC\Hamachi\hamachi-2.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Tablet Driver) C:\Windows\System32\Drivers\WTSRV.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(VMware, Inc.) D:\Programme\VMware Player\vmware-authd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(SUPERAntiSpyware.com) D:\Sicherheit\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Akamai Technologies, Inc.) C:\Users\******\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\******\AppData\Local\Akamai\netsession_win.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe
(Samsung) D:\Programme\Kies\Kies\Kies.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(Samsung) D:\Programme\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Logitech Inc.) D:\Programme\Logitech\SetPoint II\SetPointII.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(AVAST Software) D:\Sicherheit\Avast neu\AvastUI.exe
(Samsung Electronics Co., Ltd.) D:\Programme\Kies\Kies\KiesTrayAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe
(Mozilla Corporation) D:\Programme\Firefox\firefox.exe
(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe
(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe
(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe
(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe
(EA Digital Illusions CE AB) C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\extensions\battlefieldplay4free@ea.com\plugins\BP4FUpdater.exe
(Easy) C:\Program Files (x86)\EA Games\Battlefield Play4Free\BFP4f.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe [238592 2009-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [236544 2009-03-24] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [1451008 2009-04-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1128448 2009-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TPCHWMsg] %ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe [613232 2009-04-15] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
Winlogon\Notify\WB: D:\PROGRA~1\WINDOW~2\fast64.dll [X]
HKCU\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [SUPERAntiSpyware] D:\Sicherheit\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [x]
HKCU\...\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup [213936 2006-05-16] (Macrovision Corporation)
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-06-05] (Google Inc.)
HKCU\...\Run: [Steam] "H:\B\Steam\steam.exe" -silent [x]
HKCU\...\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [213936 2006-05-16] (Macrovision Corporation)
HKCU\...\Run: [Akamai NetSession Interface] "C:\Users\******\AppData\Local\Akamai\netsession_win.exe" [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [KiesPreload] D:\Programme\Kies\Kies\Kies.exe /preload [x]
HKCU\...\Run: [KiesAirMessage] D:\Programme\Kies\Kies\KiesAirMessage.exe -startup [x]
HKCU\...\Run: [] D:\Programme\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [x]
HKCU\...\Run: [rfxsrvtray] "g:\Radio.fx\\Client\rfx-tray.exe" [x]
MountPoints2: {84669c60-e46d-11e0-a87f-001e655330ec} - G:\AutoRun.exe
MountPoints2: {84669c80-e46d-11e0-a87f-001e655330ec} - G:\AutoRun.exe
MountPoints2: {dd757f36-e277-11de-a511-806e6f6e6963} - E:\Autorun.exe
MountPoints2: {df566480-ed57-11de-a001-0026222e5329} - F:\LaunchU3.exe -a
HKLM-x32\...\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP [423936 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [SVPWUTIL] "C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" SVPwUTIL [438272 2008-11-21] (TOSHIBA)
HKLM-x32\...\Run: [TrayServer] D:\PROGRA~4\MAGIX\VIDEO_~1\TrayServer.exe [x]
HKLM-x32\...\Run: [TWebCamera] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-07-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start [86960 2006-05-16] (Macrovision Corporation)
HKLM-x32\...\Run: [WTClient] WTClient.exe [32768 2009-10-30] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [avast] "D:\Sicherheit\Avast neu\avastUI.exe" /nogui [x]
HKLM-x32\...\Run: [KiesTrayAgent] D:\Programme\Kies\Kies\KiesTrayAgent.exe [x]
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Users\******\Downloads\MC\Hamachi\hamachi-2-ui.exe" --auto-start [2255184 2013-05-15] (LogMeIn Inc.)
HKU\Poop\...\Run: [\\MOMPI-PC\EPSON Stylus] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Users\******\AppData\Local\Temp\E_S6654.tmp" /EF "HKCU" [x] <===== ATTENTION
HKU\Poop\...\Run: [\\Mompi-pc\EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Users\******\AppData\Local\Temp\E_SC217.tmp" /EF "HKCU" [x] <===== ATTENTION
HKU\Poop\...\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount [203928 2009-04-24] (Alcohol Soft Development Team)
HKU\Poop\...\Run: [DAEMON Tools Lite] "D:\Programme\Daemon-tools\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKU\Poop\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)
HKU\Poop\...\Run: [PhilipsSongbirdLauncher] C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe [346624 2010-12-25] ()
HKU\Poop\...\Run: [SUPERAntiSpyware] D:\Sicherheit\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [x]
HKU\Poop\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-06-05] (Google Inc.)
HKU\Poop\...\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)
HKU\Poop\...\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade [516096 2010-11-20] (Microsoft Corporation)
HKU\Poop\...\RunOnce: [DPAPIKeyMig] %SystemRoot%\system32\dpapimig.exe -quiet [74752 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Radio.fx.LNK
ShortcutTarget: Radio.fx.LNK -> G:\Radio.fx\Client\rfx-client.exe (No File)
Startup: C:\ProgramData\Start Menu\Programs\Startup\SetPointII.lnk
ShortcutTarget: SetPointII.lnk -> D:\Programme\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Poop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
URLSearchHook: (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} -  No File
URLSearchHook: (No Name) - {707db484-2428-402d-afb5-d85b387544c7} -  No File
URLSearchHook: (No Name) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} -  No File
URLSearchHook: (No Name) - {a6e4a4eb-d169-4e99-8988-250fcbafe767} -  No File
URLSearchHook: (No Name) - {bc04b34e-5dd8-465a-a5e0-86f7c11bc009} -  No File
URLSearchHook: (No Name) - {ecdee021-0d17-467f-a1ff-c7a115230949} -  No File
URLSearchHook: (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
URLSearchHook: (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} -  No File
HKLM-x32 SearchScopes: DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm008YYDE&ptb=IcV1.KpO0e5XB4C086LkSA&psa=&ind=2010020609&ptnrS=ZVxdm008YYDE&si=36602&st=sb&n=77ce7b01&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKCU - {50A1A5F0-0045-4635-B014-A5BC299883E4} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {FC9B4B73-AC9E-49DB-BFE0-E44158A31586} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552&CUI=UN14111851441805626&UM=1
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Sicherheit\Avast neu\aswWebRepIE64.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO-x32: PriceGong - Price Comparison - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.11\PriceGongIE.dll (PriceGong)
BHO-x32: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.)
BHO-x32: Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files (x86)\Mario_Forever\tbMar1.dll (Conduit Ltd.)
BHO-x32: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof0.dll (Conduit Ltd.)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Sicherheit\Avast neu\aswWebRepIE.dll No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbiso1.dll (Conduit Ltd.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Games Bar 1 Toolbar - {bc04b34e-5dd8-465a-a5e0-86f7c11bc009} - C:\Program Files (x86)\Games_Bar_1\tbGame.dll (Conduit Ltd.)
BHO-x32: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfre1.dll (Conduit Ltd.)
BHO-x32: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Sicherheit\Avast neu\aswWebRepIE64.dll No File
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files (x86)\Mario_Forever\tbMar1.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof0.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbiso1.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Games Bar 1 Toolbar - {bc04b34e-5dd8-465a-a5e0-86f7c11bc009} - C:\Program Files (x86)\Games_Bar_1\tbGame.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfre1.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Sicherheit\Avast neu\aswWebRepIE.dll No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {707DB484-2428-402D-AFB5-D85B387544C7} -  No File
Toolbar: HKCU - No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} -  No File
Toolbar: HKCU - No Name - {A6E4A4EB-D169-4E99-8988-250FCBAFE767} -  No File
Toolbar: HKCU - No Name - {BC04B34E-5DD8-465A-A5E0-86F7C11BC009} -  No File
Toolbar: HKCU - No Name - {ECDEE021-0D17-467F-A1FF-C7A115230949} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} -  No File
DPF: HKLM {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_x64_5.0.203.0.cab
DPF: HKLM-x32 {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-5/SmileyCreatorInitialSetup1.0.1.4.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: HKLM-x32 {C49134CC-B5EF-458C-A442-E8DFE7B4645F} hxxp://www.yoyogames.com/downloads/activex/YoYo.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1A4D9296-FBEC-4C11-872D-72B4BBF700DE}: [NameServer]193.189.244.225 193.189.244.206

FireFox:
========
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default
FF user.js: detected! => C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\user.js
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=2&CUI=UN71995909548713155&UM=1&sspv=TB_CH3&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.4.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 - C:\Program Files (x86)\Picasa2\npPicasa2.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\******\AppData\Local\Roblox\Versions\version-bac2ef28b67142d0\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Battlefield Play4Free - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\battlefieldplay4free@ea.com
FF Extension: Winload Community Toolbar - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
FF Extension: Mario Forever Community Toolbar - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{707db484-2428-402d-afb5-d85b387544c7}
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: PriceGong - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: Hotspot Shield  - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
FF Extension: FoxLingo - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
FF Extension: finder - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\finder@meingutscheincode.de.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{a27007d0-bec0-4df7-abf8-54ae0b833ce8}.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{BD4B37E6-7AE7-48d7-A2D7-6FF5775924AB}.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] D:\Sicherheit\Avast neu\WebRep\FF
FF Extension: avast! Online Security - D:\Sicherheit\Avast neu\WebRep\FF

Chrome: 
=======
CHR Extension: (PriceGong ) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.11
CHR Extension: (Iminent) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0

==================== Services (Whitelisted) =================

R2 avast! Antivirus; D:\Sicherheit\Avast neu\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 avast! Firewall; D:\Sicherheit\Avast neu\afwServ.exe [137960 2013-05-09] (AVAST Software)
R2 camsvc; C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [20544 2009-04-16] (TOSHIBA)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] ()
R2 Hamachi2Svc; C:\Users\******\Downloads\MC\Hamachi\hamachi-2.exe [2467664 2013-05-15] (LogMeIn Inc.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [831272 2013-06-21] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-06-21] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-06-21] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-29] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
R2 VMAuthdService; D:\Programme\VMware Player\vmware-authd.exe [87120 2013-02-26] (VMware, Inc.)
S2 Radio.fx; g:\Radio.fx\Server\rfx-server.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswFW; C:\Windows\system32\drivers\aswFW.sys [131232 2013-05-09] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2010-09-07] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\drivers\aswNdis2.sys [270824 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-28] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-12-19] ()
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-06-21] (AnchorFree Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-12-19] ()
S1 SASDIFSV; D:\Sicherheit\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-06-16] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASDIFSV; D:\Sicherheit\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-06-16] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-08-15] (Duplex Secure Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294232 2010-03-10] (Microsoft Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 WinRing0_1_2_0; D:\Programme\GMBoostA\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org)
S3 WinRing0_1_2_0; D:\Programme\GMBoostA\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org)
S3 ZDPSp50a64; C:\Windows\System32\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDPSp50a64; C:\Windows\SysWow64\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA))
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S1 SASKUTIL; \??\C:\Users\******\AppData\Local\Temp\SASKUTIL.SYS [x]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 17:44 - 2013-07-02 17:44 - 00000000 ____D C:\FRST
2013-07-02 17:41 - 2013-07-02 17:41 - 01933556 ____A (Farbar) C:\Users\******\Desktop\FRST64.exe
2013-07-02 17:38 - 2013-07-02 17:39 - 00000000 ____D C:\Users\******\AppData\Local\{3E729895-77B3-4A12-8835-710FC14D31D6}
2013-07-02 17:23 - 2013-07-02 17:23 - 00000308 ____A C:\Windows\PFRO.log
2013-07-01 18:57 - 2013-07-01 18:57 - 01304966 ____A C:\Users\******\Desktop\The Jumper.zip
2013-07-01 18:23 - 2013-07-01 18:23 - 00000000 ____D C:\Users\******\AppData\Roaming\Subversion
2013-06-30 17:56 - 2013-06-30 17:56 - 00000000 ____D C:\Users\******\AppData\Local\MoGasHorrorGame
2013-06-30 17:32 - 2013-06-30 17:43 - 00000220 ____A C:\Users\******\Desktop\Sovereign of the Skies---Bugs.txt
2013-06-30 15:58 - 2013-06-30 15:58 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-06-30 15:27 - 2013-06-30 15:27 - 00000000 ____D C:\Users\******\AppData\Local\GoreGame
2013-06-30 13:58 - 2013-06-30 13:58 - 00000000 ____D C:\Users\******\AppData\Local\{3643F645-315B-441E-9181-C7AB0D7759D6}
2013-06-30 13:07 - 2013-06-30 13:07 - 00000020 ____A C:\Users\******\defogger_reenable
2013-06-30 08:40 - 2013-05-09 10:59 - 00270824 ____A (AVAST Software) C:\Windows\System32\Drivers\aswNdis2.sys
2013-06-30 08:40 - 2013-05-09 10:59 - 00131232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFW.sys
2013-06-30 08:39 - 2013-06-30 08:39 - 00000829 ____A C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-06-30 08:33 - 2013-07-02 17:23 - 00041634 ____A C:\Windows\setupact.log
2013-06-30 08:33 - 2013-06-30 08:33 - 00000000 ____A C:\Windows\setuperr.log
2013-06-29 16:41 - 2013-06-29 16:52 - 00000000 ____D C:\Users\******\Desktop\tääst
2013-06-29 09:43 - 2013-06-29 09:43 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Vorlagen
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Startmenü
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Netzwerkumgebung
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Lokale Einstellungen
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Eigene Dateien
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Druckumgebung
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Documents\Eigene Musik
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Documents\Eigene Bilder
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\AppData\Local\Verlauf
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\AppData\Local\Anwendungsdaten
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Anwendungsdaten
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Users\******\AppData\Local\Conduit
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Program Files (x86)\Hotspot_Shield
2013-06-29 09:43 - 2011-06-18 16:07 - 00000000 ____D C:\Users\fbwuser\Documents\Visual Studio 2010
2013-06-29 09:43 - 2011-03-28 10:38 - 00000000 ____D C:\Users\fbwuser\AppData\Roaming\Macromedia
2013-06-29 09:43 - 2011-03-28 10:38 - 00000000 ____D C:\Users\fbwuser\AppData\Local\Microsoft Help
2013-06-29 09:42 - 2013-06-29 09:43 - 00000009 ____A C:\END
2013-06-29 09:41 - 2013-06-29 10:40 - 00000000 ____D C:\ProgramData\Hotspot Shield
2013-06-29 09:40 - 2013-06-29 09:42 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-06-29 09:40 - 2013-06-29 09:40 - 00000000 ____D C:\Users\******\AppData\Roaming\Hotspot Shield
2013-06-28 22:32 - 2013-06-28 22:32 - 00000834 ____A C:\Users\Poop\Desktop\Build and Shoot Launcher.lnk
2013-06-28 22:32 - 2013-06-28 22:32 - 00000000 ____D C:\Users\******\AppData\Roaming\Build and Shoot
2013-06-28 21:51 - 2013-06-28 21:51 - 00000000 ___HD C:\Windows\AxInstSV
2013-06-28 18:15 - 2013-06-28 18:15 - 00000000 ____D C:\Users\******\AppData\Local\BeatBeast
2013-06-28 18:04 - 2013-06-30 15:14 - 00000000 ____D C:\Users\******\Documents\GameMaker
2013-06-28 18:01 - 2013-06-30 19:15 - 00000000 ____D C:\Users\******\AppData\Local\gamemaker_studio
2013-06-28 18:01 - 2013-06-28 18:01 - 00000000 ____D C:\ProgramData\gamemaker_studio
2013-06-28 17:44 - 2013-06-28 17:44 - 00000000 ____D C:\Users\******\AppData\Local\{C29F1754-7A67-45AA-9C72-6CEE4A8FD11E}
2013-06-28 16:03 - 2013-06-28 16:03 - 07033046 ____A C:\Users\******\Desktop\Pokemon - Smaragd-Edition.zip
2013-06-28 16:00 - 2013-06-28 16:00 - 06868618 ____A C:\Users\******\Desktop\Pokemon Emerald.zip
2013-06-28 15:49 - 2013-06-28 15:49 - 02179492 ____A C:\Users\******\Desktop\Pokemon Jupiter Release 6.04.zip
2013-06-28 14:31 - 2013-06-28 14:31 - 00000000 ____D C:\Users\******\AppData\Local\Macromedia
2013-06-28 14:05 - 2013-06-28 14:05 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum
2013-06-27 11:55 - 2013-06-28 14:05 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-06-27 11:55 - 2013-06-28 14:05 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-06-26 15:27 - 2013-06-26 15:42 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-06-25 19:04 - 2013-06-29 00:01 - 00000000 ____D C:\Users\******\Desktop\__________
2013-06-23 19:34 - 2013-06-30 18:44 - 00000000 ____D C:\Users\******\AppData\Local\CrashDumps
2013-06-23 16:39 - 2013-06-23 16:39 - 00000000 ____D C:\Users\******\AppData\Local\TechSmith
2013-06-23 16:38 - 2013-06-23 16:38 - 00000000 ____D C:\Users\******\Documents\Camtasia Studio
2013-06-23 16:38 - 2013-06-23 16:38 - 00000000 ____D C:\Users\******\AppData\Roaming\TechSmith
2013-06-23 16:27 - 2013-06-23 16:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-23 16:26 - 2013-06-23 16:37 - 00000000 ____D C:\ProgramData\TechSmith
2013-06-23 16:04 - 2013-06-28 18:07 - 00000000 ____D C:\Users\******\Desktop\GameMaker
2013-06-23 15:55 - 2013-06-23 15:55 - 00000000 ____D C:\Users\******\AppData\Local\{A0E67DBB-ED2D-455A-8AC0-A05992EAAB33}
2013-06-23 11:04 - 2013-06-23 11:04 - 00300588 ____A C:\Users\******\Desktop\New-Foods.zip
2013-06-23 10:59 - 2013-06-23 10:59 - 00304746 ____A C:\Users\******\Desktop\mFC-1.2.1.jar
2013-06-23 10:46 - 2013-06-23 10:47 - 01485058 ____A C:\Users\******\Desktop\DokucraftCustomNPCs152a.zip
2013-06-22 11:01 - 2013-06-22 11:01 - 00097946 ____A C:\Users\******\Desktop\TooManyItems2013_04_25_1.5.2.zip
2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Oryqev
2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Ipefru
2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Egudh
2013-06-22 10:38 - 2013-06-22 10:38 - 00000000 ____D C:\Meine Webseiten
2013-06-22 00:36 - 2013-06-25 18:32 - 00000000 ____D C:\Users\******\Desktop\BBMM_mod_moga_funserver_now_getting_stuck_in_words
2013-06-21 23:58 - 2013-06-21 23:58 - 00124326 ____A C:\Users\******\Desktop\Building-Blocks-Mod-Maker-1.5.2.zip
2013-06-21 20:55 - 2013-06-21 20:56 - 00000000 ____D C:\Users\******\AppData\Local\{CBC200C2-D8A8-4ACE-AF9A-4C75C5170FCC}
2013-06-21 03:09 - 2013-06-21 03:09 - 00042184 ____A (Anchorfree Inc.) C:\Windows\System32\Drivers\taphss6.sys
2013-06-21 03:07 - 2013-06-21 03:07 - 00046792 ____A (AnchorFree Inc.) C:\Windows\System32\Drivers\hssdrv6.sys
2013-06-19 15:38 - 2013-06-21 23:51 - 00000000 ____D C:\Users\******\Desktop\_web
2013-06-17 19:42 - 2013-06-17 19:45 - 44926416 ____A (MediaFire) C:\Users\******\Downloads\MediaFireExpress-0.15.4.4888-windows.exe
2013-06-17 16:57 - 2013-06-17 16:58 - 00000000 ____D C:\Users\******\AppData\Local\{7EA94617-42A6-4CB0-ABC6-DDD4D843B570}
2013-06-15 21:32 - 2013-06-15 21:38 - 00000000 ____D C:\Users\******\AppData\Local\Roblox
2013-06-15 20:58 - 2013-06-15 20:58 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-06-14 20:34 - 2013-06-15 21:30 - 00000000 ____D C:\Users\******\Desktop\ForServer
2013-06-11 16:09 - 2013-06-11 16:10 - 00000000 ____D C:\Users\******\AppData\Roaming\Diciz
2013-06-11 16:09 - 2013-06-11 16:09 - 00000000 ____D C:\Users\******\AppData\Roaming\Inla
2013-06-09 16:17 - 2013-06-09 16:17 - 00000000 ____D C:\Users\******\Downloads\downloader
2013-06-09 15:38 - 2013-06-09 15:39 - 00000000 ____D C:\Users\******\AppData\Local\{C22A893A-6763-47E6-B71B-ABB5A0FDDCF3}
2013-06-08 20:30 - 2013-06-08 20:30 - 00000000 ____D C:\Users\******\.SquashOccurrences
2013-06-07 17:22 - 2013-06-07 17:22 - 00000000 ____D C:\Users\******\Documents\Paint.NET Benutzerdateien
2013-06-06 16:44 - 2013-06-06 16:44 - 00000000 ____D C:\Users\******\AppData\Local\{49A3F50F-7CBB-431B-B7D7-6E5C3166FCF7}
2013-06-04 20:06 - 2013-06-04 20:06 - 09915015 ____A C:\Users\******\Downloads\Windows_7_OEM_Toshiba_Themes_by_Domino333.rar
2013-06-02 19:08 - 2013-06-17 19:53 - 00000000 ____D C:\Users\******\AppData\Roaming\VistaStyleBuilder
2013-06-02 19:06 - 2012-09-09 14:22 - 02352095 ____A (PRO DESIGNER                                                ) C:\Users\******\Downloads\WSB Setup.exe
2013-06-02 13:56 - 2009-07-14 03:41 - 00332288 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll.backup
2013-06-02 13:55 - 2010-11-20 15:27 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll.backup
2013-06-02 13:55 - 2009-07-14 03:41 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\themeservice.dll.backup
2013-06-02 09:50 - 2013-06-02 09:50 - 00000000 ____D C:\Users\******\Documents\MAGIX Speed
2013-06-02 08:57 - 2013-06-02 08:57 - 00000132 ____A C:\Users\******\AppData\Roaming\Adobe PNG Format CS6 Prefs

==================== One Month Modified Files and Folders =======

2013-07-02 17:44 - 2013-07-02 17:44 - 00000000 ____D C:\FRST
2013-07-02 17:41 - 2013-07-02 17:41 - 01933556 ____A (Farbar) C:\Users\******\Desktop\FRST64.exe
2013-07-02 17:39 - 2013-07-02 17:38 - 00000000 ____D C:\Users\******\AppData\Local\{3E729895-77B3-4A12-8835-710FC14D31D6}
2013-07-02 17:33 - 2011-03-28 09:22 - 00010896 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 17:33 - 2011-03-28 09:22 - 00010896 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 17:30 - 2009-07-14 19:58 - 00701506 ____A C:\Windows\System32\perfh007.dat
2013-07-02 17:30 - 2009-07-14 19:58 - 00150336 ____A C:\Windows\System32\perfc007.dat
2013-07-02 17:30 - 2009-07-14 07:13 - 01621618 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-02 17:27 - 2012-09-28 17:41 - 00000000 ____D C:\Users\******\AppData\Roaming\Dropbox
2013-07-02 17:26 - 2011-11-08 16:33 - 00000000 ____D C:\Users\******\AppData\Local\LogMeIn Hamachi
2013-07-02 17:24 - 2013-05-04 15:57 - 00000000 ____D C:\ProgramData\VMware
2013-07-02 17:23 - 2013-07-02 17:23 - 00000308 ____A C:\Windows\PFRO.log
2013-07-02 17:23 - 2013-06-30 08:33 - 00041634 ____A C:\Windows\setupact.log
2013-07-02 17:23 - 2010-02-06 16:58 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-02 17:23 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-02 17:22 - 2013-01-15 17:27 - 01820291 ____A C:\Windows\WindowsUpdate.log
2013-07-02 17:21 - 2010-02-06 16:58 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-02 17:07 - 2011-08-12 14:21 - 00000000 ____D C:\Users\******\AppData\Local\Paint.NET
2013-07-02 16:54 - 2012-05-04 19:06 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-02 16:49 - 2013-01-28 18:26 - 00000000 ____D C:\Users\******\Desktop\Desktop_new
2013-07-01 18:57 - 2013-07-01 18:57 - 01304966 ____A C:\Users\******\Desktop\The Jumper.zip
2013-07-01 18:23 - 2013-07-01 18:23 - 00000000 ____D C:\Users\******\AppData\Roaming\Subversion
2013-06-30 19:15 - 2013-06-28 18:01 - 00000000 ____D C:\Users\******\AppData\Local\gamemaker_studio
2013-06-30 18:44 - 2013-06-23 19:34 - 00000000 ____D C:\Users\******\AppData\Local\CrashDumps
2013-06-30 18:32 - 2010-09-12 11:54 - 00000000 ____D C:\Users\******\Documents\MAGIX_MusicMaker16Premium
2013-06-30 17:56 - 2013-06-30 17:56 - 00000000 ____D C:\Users\******\AppData\Local\MoGasHorrorGame
2013-06-30 17:43 - 2013-06-30 17:32 - 00000220 ____A C:\Users\******\Desktop\Sovereign of the Skies---Bugs.txt
2013-06-30 15:58 - 2013-06-30 15:58 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2013-06-30 15:27 - 2013-06-30 15:27 - 00000000 ____D C:\Users\******\AppData\Local\GoreGame
2013-06-30 15:14 - 2013-06-28 18:04 - 00000000 ____D C:\Users\******\Documents\GameMaker
2013-06-30 13:58 - 2013-06-30 13:58 - 00000000 ____D C:\Users\******\AppData\Local\{3643F645-315B-441E-9181-C7AB0D7759D6}
2013-06-30 13:07 - 2013-06-30 13:07 - 00000020 ____A C:\Users\******\defogger_reenable
2013-06-30 13:07 - 2011-03-28 09:23 - 00000000 ____D C:\users\******
2013-06-30 10:02 - 2013-03-09 21:41 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-06-30 08:40 - 2011-04-09 18:52 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-06-30 08:39 - 2013-06-30 08:39 - 00000829 ____A C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-06-30 08:33 - 2013-06-30 08:33 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 08:33 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-29 17:20 - 2011-07-15 19:11 - 00000000 ____D C:\Users\******\.gimp-2.6
2013-06-29 16:55 - 2013-03-01 23:31 - 00000000 ____D C:\Users\******\AppData\Roaming\.minecraft
2013-06-29 16:52 - 2013-06-29 16:41 - 00000000 ____D C:\Users\******\Desktop\tääst
2013-06-29 10:40 - 2013-06-29 09:41 - 00000000 ____D C:\ProgramData\Hotspot Shield
2013-06-29 10:30 - 2013-02-02 11:55 - 00282104 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-29 10:30 - 2013-01-31 18:39 - 00282104 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-06-29 10:29 - 2013-01-31 18:39 - 00234768 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-06-29 10:15 - 2013-01-31 18:39 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-29 09:43 - 2013-06-29 09:43 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Vorlagen
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Startmenü
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Netzwerkumgebung
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Lokale Einstellungen
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Eigene Dateien
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Druckumgebung
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Documents\Eigene Musik
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Documents\Eigene Bilder
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\AppData\Local\Verlauf
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\AppData\Local\Anwendungsdaten
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Anwendungsdaten
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Users\******\AppData\Local\Conduit
2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Program Files (x86)\Hotspot_Shield
2013-06-29 09:43 - 2013-06-29 09:42 - 00000009 ____A C:\END
2013-06-29 09:42 - 2013-06-29 09:40 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-06-29 09:40 - 2013-06-29 09:40 - 00000000 ____D C:\Users\******\AppData\Roaming\Hotspot Shield
2013-06-29 00:01 - 2013-06-25 19:04 - 00000000 ____D C:\Users\******\Desktop\__________
2013-06-28 23:52 - 2013-03-09 22:24 - 00000000 ____D C:\Users\******\Documents\Abelssoft
2013-06-28 22:32 - 2013-06-28 22:32 - 00000834 ____A C:\Users\Poop\Desktop\Build and Shoot Launcher.lnk
2013-06-28 22:32 - 2013-06-28 22:32 - 00000000 ____D C:\Users\******\AppData\Roaming\Build and Shoot
2013-06-28 21:55 - 2013-02-02 11:20 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-06-28 21:51 - 2013-06-28 21:51 - 00000000 ___HD C:\Windows\AxInstSV
2013-06-28 19:18 - 2012-07-30 15:14 - 00000000 ____D C:\Users\******\AppData\Local\Akamai
2013-06-28 18:15 - 2013-06-28 18:15 - 00000000 ____D C:\Users\******\AppData\Local\BeatBeast
2013-06-28 18:07 - 2013-06-23 16:04 - 00000000 ____D C:\Users\******\Desktop\GameMaker
2013-06-28 18:01 - 2013-06-28 18:01 - 00000000 ____D C:\ProgramData\gamemaker_studio
2013-06-28 17:44 - 2013-06-28 17:44 - 00000000 ____D C:\Users\******\AppData\Local\{C29F1754-7A67-45AA-9C72-6CEE4A8FD11E}
2013-06-28 16:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\spool
2013-06-28 16:03 - 2013-06-28 16:03 - 07033046 ____A C:\Users\******\Desktop\Pokemon - Smaragd-Edition.zip
2013-06-28 16:00 - 2013-06-28 16:00 - 06868618 ____A C:\Users\******\Desktop\Pokemon Emerald.zip
2013-06-28 15:49 - 2013-06-28 15:49 - 02179492 ____A C:\Users\******\Desktop\Pokemon Jupiter Release 6.04.zip
2013-06-28 14:55 - 2012-05-04 19:06 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 14:55 - 2011-06-12 17:07 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-28 14:31 - 2013-06-28 14:31 - 00000000 ____D C:\Users\******\AppData\Local\Macromedia
2013-06-28 14:29 - 2010-01-05 17:17 - 00000000 ____D C:\Users\******\AppData\Local\Adobe
2013-06-28 14:05 - 2013-06-28 14:05 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum
2013-06-28 14:05 - 2013-06-27 11:55 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum
2013-06-28 14:05 - 2013-06-27 11:55 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-06-28 14:05 - 2013-03-04 19:56 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-06-28 14:05 - 2011-04-09 18:52 - 01030952 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-06-28 14:05 - 2009-12-20 15:18 - 00378944 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-06-26 15:42 - 2013-06-26 15:27 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-06-25 18:32 - 2013-06-22 00:36 - 00000000 ____D C:\Users\******\Desktop\BBMM_mod_moga_funserver_now_getting_stuck_in_words
2013-06-23 18:07 - 2013-05-04 13:56 - 00000000 ____D C:\Users\******\Desktop\midis
2013-06-23 16:39 - 2013-06-23 16:39 - 00000000 ____D C:\Users\******\AppData\Local\TechSmith
2013-06-23 16:38 - 2013-06-23 16:38 - 00000000 ____D C:\Users\******\Documents\Camtasia Studio
2013-06-23 16:38 - 2013-06-23 16:38 - 00000000 ____D C:\Users\******\AppData\Roaming\TechSmith
2013-06-23 16:37 - 2013-06-23 16:26 - 00000000 ____D C:\ProgramData\TechSmith
2013-06-23 16:27 - 2013-06-23 16:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-23 15:55 - 2013-06-23 15:55 - 00000000 ____D C:\Users\******\AppData\Local\{A0E67DBB-ED2D-455A-8AC0-A05992EAAB33}
2013-06-23 15:44 - 2010-01-01 20:09 - 00000000 ____D C:\Users\******\AppData\Roaming\U3
2013-06-23 15:42 - 2012-06-23 05:53 - 00000000 ____D C:\Users\******\AppData\Local\Windows Live
2013-06-23 11:04 - 2013-06-23 11:04 - 00300588 ____A C:\Users\******\Desktop\New-Foods.zip
2013-06-23 10:59 - 2013-06-23 10:59 - 00304746 ____A C:\Users\******\Desktop\mFC-1.2.1.jar
2013-06-23 10:47 - 2013-06-23 10:46 - 01485058 ____A C:\Users\******\Desktop\DokucraftCustomNPCs152a.zip
2013-06-22 11:01 - 2013-06-22 11:01 - 00097946 ____A C:\Users\******\Desktop\TooManyItems2013_04_25_1.5.2.zip
2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Oryqev
2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Ipefru
2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Egudh
2013-06-22 10:38 - 2013-06-22 10:38 - 00000000 ____D C:\Meine Webseiten
2013-06-22 07:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-21 23:58 - 2013-06-21 23:58 - 00124326 ____A C:\Users\******\Desktop\Building-Blocks-Mod-Maker-1.5.2.zip
2013-06-21 23:51 - 2013-06-19 15:38 - 00000000 ____D C:\Users\******\Desktop\_web
2013-06-21 20:56 - 2013-06-21 20:55 - 00000000 ____D C:\Users\******\AppData\Local\{CBC200C2-D8A8-4ACE-AF9A-4C75C5170FCC}
2013-06-21 03:09 - 2013-06-21 03:09 - 00042184 ____A (Anchorfree Inc.) C:\Windows\System32\Drivers\taphss6.sys
2013-06-21 03:07 - 2013-06-21 03:07 - 00046792 ____A (AnchorFree Inc.) C:\Windows\System32\Drivers\hssdrv6.sys
2013-06-17 19:53 - 2013-06-02 19:08 - 00000000 ____D C:\Users\******\AppData\Roaming\VistaStyleBuilder
2013-06-17 19:45 - 2013-06-17 19:42 - 44926416 ____A (MediaFire) C:\Users\******\Downloads\MediaFireExpress-0.15.4.4888-windows.exe
2013-06-17 16:58 - 2013-06-17 16:57 - 00000000 ____D C:\Users\******\AppData\Local\{7EA94617-42A6-4CB0-ABC6-DDD4D843B570}
2013-06-15 21:38 - 2013-06-15 21:32 - 00000000 ____D C:\Users\******\AppData\Local\Roblox
2013-06-15 21:30 - 2013-06-14 20:34 - 00000000 ____D C:\Users\******\Desktop\ForServer
2013-06-15 20:58 - 2013-06-15 20:58 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-06-15 18:46 - 2011-12-27 16:44 - 00000000 ____D C:\Users\******\AppData\Roaming\Skype
2013-06-15 17:32 - 2013-03-25 18:54 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-15 17:32 - 2011-12-27 16:44 - 00000000 ____D C:\ProgramData\Skype
2013-06-11 16:10 - 2013-06-11 16:09 - 00000000 ____D C:\Users\******\AppData\Roaming\Diciz
2013-06-11 16:09 - 2013-06-11 16:09 - 00000000 ____D C:\Users\******\AppData\Roaming\Inla
2013-06-10 19:54 - 2011-09-21 18:48 - 00000000 ____D C:\Users\******\AppData\Roaming\Sun
2013-06-10 19:51 - 2013-06-01 23:10 - 00000000 ____D C:\Users\******\Desktop\themes
2013-06-09 16:17 - 2013-06-09 16:17 - 00000000 ____D C:\Users\******\Downloads\downloader
2013-06-09 15:39 - 2013-06-09 15:38 - 00000000 ____D C:\Users\******\AppData\Local\{C22A893A-6763-47E6-B71B-ABB5A0FDDCF3}
2013-06-08 20:30 - 2013-06-08 20:30 - 00000000 ____D C:\Users\******\.SquashOccurrences
2013-06-07 17:22 - 2013-06-07 17:22 - 00000000 ____D C:\Users\******\Documents\Paint.NET Benutzerdateien
2013-06-07 15:24 - 2009-12-12 15:06 - 00000000 ____D C:\Users\******\AppData\Roaming\Adobe
2013-06-06 16:44 - 2013-06-06 16:44 - 00000000 ____D C:\Users\******\AppData\Local\{49A3F50F-7CBB-431B-B7D7-6E5C3166FCF7}
2013-06-04 20:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2013-06-04 20:06 - 2013-06-04 20:06 - 09915015 ____A C:\Users\******\Downloads\Windows_7_OEM_Toshiba_Themes_by_Domino333.rar
2013-06-03 19:33 - 2009-07-14 06:45 - 00475392 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-03 19:04 - 2012-06-25 18:26 - 00000000 ____D C:\tmp
2013-06-03 18:03 - 2011-03-28 12:27 - 00140336 ____A C:\Users\******\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-02 13:56 - 2011-04-22 08:25 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll
2013-06-02 13:56 - 2009-07-14 01:55 - 00332288 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-02 13:55 - 2009-07-14 01:54 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\themeservice.dll
2013-06-02 09:50 - 2013-06-02 09:50 - 00000000 ____D C:\Users\******\Documents\MAGIX Speed
2013-06-02 08:57 - 2013-06-02 08:57 - 00000132 ____A C:\Users\******\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-06-02 08:57 - 2013-06-01 08:35 - 00000000 ____D C:\Users\******\Desktop\magix_test

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-28 20:22

==================== End Of Log ============================

--- --- ---

ADDITION

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2013
Ran by ****** at 2013-07-02 17:46:28
Running from C:\Users\******\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
Ace of Spades (x32 Version: 0.75.015)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0)
Activation Assistant for the 2007 Microsoft Office suites (x32)
Adobe AIR (x32 Version: 1.5.3.9120)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.6.606)
Advanced Archive Password Recovery (HKCU Version: 4.53)
Akamai NetSession Interface (HKCU)
ALPS Touch Pad Driver (Version: 7.102.302.104)
AmazingMIDI (x32)
Angry Birds Rio (x32 Version: 1.2.2)
ANNO 1404 - Königsedition (x32 Version: 1.02.0000)
Apple Application Support (x32 Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (x32 Version: 2.1.3.127)
ArcaniA - Gothic 4 (x32)
ArcaniA - Gothic 4 Hotfix (x32)
ArcaniA - Gothic 4 Patch (x32)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Audacity 2.0.2 (x32 Version: 2.0.2)
Autodesk Backburner 2013.0.0 (x32 Version: 2013.0.0)
Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0)
Autodesk FBX 2013.3 Plug-in for Maya 2013 64-bit
Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit
Autodesk MatchMover 2013 64-bit (Version: 14.00.0000)
Autodesk Maya 2013 64-bit (Version: 15.0.0.0)
avast! Internet Security (x32 Version: 8.0.1489.0)
Battlefield Heroes
Battlefield Play4Free (x32)
Bing Bar (x32 Version: 7.0.850.0)
Black & White - Insel der Kreaturen (x32)
Black and White (x32)
Bloons Tower Defense 4 (x32)
Bonjour (Version: 3.0.0.10)
BrickForce 1.9.87 (x32 Version: 1.9.87)
Build and Shoot Launcher 1.1 (x32 Version: 1.1)
BumpTop (x32 Version: 2.1.6211)
Burger Shop 2 RebelMan (x32)
Call of Duty: Black Ops II (x32)
Camtasia Studio 8 (x32 Version: 8.0.4.1060)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2238.38827)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0729.2238.38827)
Catalyst Control Center InstallProxy (x32 Version: 2009.0421.2132.36832)
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2238.38827)
Catalyst Control Center Localization All (x32 Version: 2009.0729.2238.38827)
CCC Help Chinese Standard (x32 Version: 2009.0729.2237.38827)
CCC Help Chinese Traditional (x32 Version: 2009.0729.2237.38827)
CCC Help Czech (x32 Version: 2009.0729.2237.38827)
CCC Help Danish (x32 Version: 2009.0729.2237.38827)
CCC Help Dutch (x32 Version: 2009.0729.2237.38827)
CCC Help English (x32 Version: 2009.0729.2237.38827)
CCC Help Finnish (x32 Version: 2009.0729.2237.38827)
CCC Help French (x32 Version: 2009.0729.2237.38827)
CCC Help German (x32 Version: 2009.0729.2237.38827)
CCC Help Greek (x32 Version: 2009.0729.2237.38827)
CCC Help Hungarian (x32 Version: 2009.0729.2237.38827)
CCC Help Italian (x32 Version: 2009.0729.2237.38827)
CCC Help Japanese (x32 Version: 2009.0729.2237.38827)
CCC Help Korean (x32 Version: 2009.0729.2237.38827)
CCC Help Norwegian (x32 Version: 2009.0729.2237.38827)
CCC Help Polish (x32 Version: 2009.0729.2237.38827)
CCC Help Portuguese (x32 Version: 2009.0729.2237.38827)
CCC Help Russian (x32 Version: 2009.0729.2237.38827)
CCC Help Spanish (x32 Version: 2009.0729.2237.38827)
CCC Help Swedish (x32 Version: 2009.0729.2237.38827)
CCC Help Thai (x32 Version: 2009.0729.2237.38827)
CCC Help Turkish (x32 Version: 2009.0729.2237.38827)
ccc-core-static (x32 Version: 2009.0729.2238.38827)
ccc-utility64 (Version: 2009.0729.2238.38827)
CCleaner (Version: 4.00)
Comic Life (x32 Version: 1.3.6)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
Composite 2013 64-bit (Version: 8.0.0)
CraftBukkit (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
Darkspore (x32)
Demolition, Inc. Demo (x32)
DJ Java Decompiler v.3.12.12.96 (x32 Version: 1.8)
Dropbox (HKCU Version: 2.0.22)
Dungeon Defenders Demo (x32)
DynaGeo (x32)
EA Download Manager UI (x32 Version: 6.0.0)
EA Download Manager UI (x32 Version: 6.0.0.113)
erLT (x32 Version: 1.20.0137)
Express Burn (x32)
Express Rip (x32)
Farm Craft 2: Global Vegetable Crisis (x32 Version: 2.2.0.95)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0)
FlatOut 2 (x32)
FlatOut: Ultimate Carnage (x32)
Fraps (remove only) (x32)
Free Audio Converter version 2.3.4.920 (x32)
Free Studio version 5.3.5 (x32 Version: 5.3.5)
Freecorder 2.3 (with Skype Call Recording) (x32)
free-downloads.net Toolbar (x32 Version: )
Games_Bar_1 Toolbar (x32 Version: )
G-Force (x32 Version: 3.9.3)
GIMP 2.6.11 (x32 Version: 2.6.11)
GlobFX Web Player (x32 Version: 1.0.8.0)
Google SketchUp 8 (x32 Version: 3.0.3196)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)
Google Update Helper (x32 Version: 1.3.21.145)
Hot Wheels (x32 Version: 1.00.0000)
Hotspot Shield 3.09 (x32 Version: 3.09)
Hotspot Shield Toolbar (x32 Version: 6.13.3.505)
HxD Hex Editor Version 1.7.7.0 (x32 Version: 1.7.7.0)
HyperCam 3 (x32 Version: 3.4.1205.14)
iFunbox (v1.99.958.697), iFunbox DevTeam (x32 Version: v1.99.958.697)
Intel® Matrix Storage Manager
IrfanView (remove only) (x32 Version: 4.32)
isoHunt Toolbar (x32 Version: )
Java Auto Updater (x32 Version: 2.0.2.4)
Java(TM) 6 Update 23 (x32 Version: 6.0.230)
Java(TM) 6 Update 33 (64-bit) (Version: 6.0.330)
Java(TM) 7 Update 4 (64-bit) (Version: 7.0.40)
Java(TM) SE Development Kit 6 Update 33 (64-bit) (Version: 1.6.0.330)
Java(TM) SE Development Kit 7 Update 3 (64-bit) (Version: 1.7.0.30)
JavaFX 2.0.3 (64-bit) (Version: 2.0.3)
JavaFX 2.0.3 SDK (64-bit) (Version: 2.0.3)
JDownloader 0.9 (x32 Version: 0.9)
Juiced2_HIN (x32 Version: 1.00.0000)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
K-Lite Codec Pack 6.0.4 (Basic) (x32 Version: 6.0.4)
KMP Modifier v2.1 (x32)
Kurvenprofi 5.1.1 (x32)
LEGO Creator (x32)
LEGO Rock Raiders (x32)
Logitech SetPoint 5.20 (Version: 5.20)
LogMeIn Hamachi (x32 Version: 2.1.0.362)
Magicka (x32)
MAGIX 3D Maker 7 (x32 Version: 7.0.0.476)
MAGIX Foto & Grafik Designer 7 (x32 Version: 7.1.2.17305)
MAGIX FunPix Maker 1.0.0.0 (D) (x32 Version: 1.0.0.0)
MAGIX Music Maker 16 Premium (x32 Version: 16.0.3.0)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MAGIX Video deluxe 17 Plus (x32 Version: 10.0.2.8)
Mario_Forever Toolbar (x32 Version: )
Media converter (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 1.1.0324)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1447.4)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1447.4)
Microsoft Virtual PC 2007 (Version: 6.0.156.0)
Microsoft Visual Basic 2010 Express - DEU (x32 Version: 10.0.30319)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727)
Microsoft Visual J# 2.0 Redistributable Package (x32)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319)
Microsoft Works (x32 Version: 9.7.0621)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Microsoft_VC100_CRT_x86 (x32 Version: 1.0.0)
Microsoft® Winter Fun Pack 2004 for Windows® XP (x32 Version: 1.0.0)
Might and Magic Heroes VI Demo (x32)
Mixxx 1.10.1 (x32 Version: 1.10.1)
Mobile Partner (x32 Version: 16.002.03.03.511)
Morrowind (x32)
Mozilla Firefox 18.0.1 (x86 de) (x32 Version: 18.0.1)
Mozilla Firefox 21.0 (x86 de) (HKCU Version: 21.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB941833) (x32 Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
MyFreeCodec (HKCU)
myphotobook 3.65 (x32 Version: 3.65)
Need for Speed Undeground 2 (x32 Version: 1.0)
Need for Speed Undeground 2 (x32)
Need for Speed(TM) Hot Pursuit (x32 Version: 1.0.0.0)
Need for Speed™ SHIFT (x32 Version: 1.0.0.0)
Need for Speed™ The Run (x32 Version: 1.0.0.0)
Neon (x32)
Next Generation Visualisations (x32 Version: 1.0.0)
NfS CarTuner (x32)
NFS Control Panel Update (HKCU)
NVIDIA PhysX (x32 Version: 9.10.0223)
O&O UnErase (Version: 4.1.1419)
OpenAL (x32)
OpenOffice.org 3.2 (x32 Version: 3.2.9483)
Origin (x32 Version: 8.3.7.3619)
Paint.NET v3.5.10 (Version: 3.60.0)
Philips Songbird (x32 Version: 2.0.1517 (1517))
Picasa 2 (x32 Version: 2.0)
Pizza Chef (x32 Version: 2.2.0.87)
Pizza Chef 2 (x32 Version: 2.2.0.95)
Plan it Green Deluxe (HKCU Version: 1.0.0)
PlayReady PC runtime (Version: 1)
Poket Script 1.2 (x32 Version: 1.2)
Portal: First Slice (x32)
PriceGong 2.6.11 (x32 Version: 2.6.11)
Prism Video Converter (x32)
Project64 1.6 (x32 Version: 1.6)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.13)
PunkBuster Services (x32 Version: 0.990)
Radio.fx (x32)
Razer Game Booster (x32 Version: 3.5.6.0)
Realtek 8136 8168 8169 Ethernet Driver (x32 Version: 1.00.0005)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5904)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30101)
RGSS-RTP Standard (x32 Version: 1.0.0)
RHTE - Rom Hacking Tool Executer 1.00 (x32)
Risen (x32 Version: 1.00.0000)
Risen 2 - Dark Waters (x32)
ROBLOX Player for ****** (HKCU)
Saints Row: The Third (x32)
Samsung Kies (x32 Version: 2.5.0.12094_28)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
ScriptEditor2 (remove only) (x32)
Security Task Manager 1.8g (x32 Version: 1.8g)
ShopSpezial (x32)
Skype™ 6.5 (x32 Version: 6.5.158)
Softonic_Deutsch Toolbar (x32 Version: )
SoftSkies (x32 Version: 1.4.5)
SPORE™ (x32 Version: 1.00.0000)
Star Wars: The Force Unleashed (x32 Version: 1.0)
Steam (x32 Version: 1.0.0.0)
Stronghold 2 Deluxe (x32 Version: 1.40.100)
Stronghold 3 (x32)
Stronghold Legends (x32 Version: 1.20.0000)
SweetIM for Messenger 3.4 (x32 Version: 3.4.0005)
System.Data.SQLite v1.0.81.0 (x32 Version: 1.0.81.0)
SZS Modifier (x32 Version: 2.5.2)
Tablet Driver V5.02 (x32)
Tattoo Manager 0.1 (x32)
Team Fortress 2 (x32)
TES Construction Set (x32)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
The Elder Scrolls V: Skyrim (x32)
The Sims(TM) 3 (x32)
TI Connect 1.6 (x32 Version: 1.6)
Toshiba Assist (x32 Version: 3.00.08)
TOSHIBA Benutzerhandbücher (x32 Version: 7.40)
TOSHIBA ConfigFree (x32 Version: 8.0.23)
TOSHIBA Disc Creator (Version: 2.1.0.1 for x64)
TOSHIBA DVD PLAYER (x32 Version: 3.01.0.11-AU)
TOSHIBA eco Utility (Version: 1.0.3.64)
TOSHIBA eco Utility (x32 Version: 1.0.3.64)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Extended Tiles for Windows Mobility Center (x32 Version: )
TOSHIBA Face Recognition (Version: 3.0.5.64)
TOSHIBA Face Recognition (x32 Version: 3.0.5.64)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.3C)
TOSHIBA Hardware Setup (x32 Version: 1.63.0.6C)
TOSHIBA HDD/SSD Alert (Version: 3.0.64.1)
TOSHIBA HDD/SSD Alert (x32 Version: 3.0.64.1)
Toshiba Online Product Information (x32 Version: 2.06.0000)
TOSHIBA PC Health Monitor (Version: 1.3.2.64)
TOSHIBA Recovery Disc Creator (Version: 2.0.0.2 for x64)
TOSHIBA Recovery Disk Creator Reminder (x32 Version: 1.00.0017)
TOSHIBA SD Memory Utilities (Version: 1.9.1.12)
TOSHIBA Service Station (x32 Version: 2.0.26)
TOSHIBA Supervisor Password (x32 Version: 1.63.0.3C)
TOSHIBA Supervisorkennwort (x32 Version: 1.63.0.3C)
TOSHIBA Value Added Package (Version: 1.2.28.64)
TOSHIBA Value Added Package (x32 Version: 1.2.28.64)
TOSHIBA Web Camera Application (x32 Version: 1.0.1.8)
TRORDCLauncher (x32 Version: 1.0.0.6)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Update Installer for WildTangent Games App (x32)
User's Guides (Version: 1.20.0000)
Utility Common Driver (x32 Version: 1.0.50.27C)
Utility support driver (x32 Version: 1.0.25.5)
VideoPad Video Editor (x32)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (x32 Version: 4.0.8080.0)
VMware Player (Version: 5.0.2)
VMware Player (x32 Version: 5.0.2)
VP6 Decoder (x32)
Wettlauf ins All (x32)
WhiteCap (x32 Version: 5.0.5)
WIFI Max (x32)
Wiggles (x32)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.14)
WildTangent-Spiele (x32 Version: 1.0.1.5)
WindowBlinds (x32 Version: 7.40)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (Version: 06/11/2009 1.0.0.0)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (Version: 09/02/2009 1.0.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live ID-Anmelde-Assistent (Version: 6.500.3165.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Style Builder 1.5 (x32 Version: 1.5)
WinHTTrack Website Copier 3.47-19 (x64) (Version: 3.47.19)
Winload Toolbar (x32 Version: )
WinRAR
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)
YouTube Song Downloader (x32 Version: 8.2)
ZPanel VC 64 (x32)
ZPanelX 10.0.2 (x32)
ZyDAS IEEE 802.11 b+g Wireless LAN - USB (x32)

==================== Restore Points  =========================

29-06-2013 07:40:51 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst
29-06-2013 07:42:07 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter
30-06-2013 10:46:41 Removed Apple Software Update

==================== Scheduled Tasks (whitelisted) =============

Task: {077841D7-DAC2-4A3A-9DEF-93741E4DC2CB} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\Freetec\SystemStore\SoftwareUpdater.Ui.exe No File
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {111A754A-6A09-42B7-88F6-3EB311EE189E} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Programme\GMBoostA\AutoUpdate.exe No File
Task: {13461A44-7EB1-48E1-BABC-CDA251E9CB9B} - System32\Tasks\Install => C:\Windows\SysWOW64\Macromed\Shockwave 10\nssstub.exe [2010-05-02] (Symantec Corporation)
Task: {1670FA5B-2273-4355-A142-378C4A57F728} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {1A59F86D-717A-4957-AC84-AA617DB57E44} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-09-03] (TOSHIBA CORPORATION)
Task: {2820250B-ABDA-4B1E-984D-66E62386CB1D} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2009-07-14] (Microsoft Corp.)
Task: {2E13D2FF-2628-4849-BED3-B212618B8A1E} - System32\Tasks\avast! Emergency Update => C:\Sicherheit\Avast neu\AvastEmUpdate.exe No File
Task: {3F2BD938-CD2F-451B-A2D6-08D7CF0F5F5C} - System32\Tasks\CCleanerSkipUAC => C:\Sicherheit\Ccleaner(neu)\CCleaner\CCleaner.exe No File
Task: {56AB1A49-7616-47D1-9F66-0D497B705F29} - System32\Tasks\Software Updater => C:\Program Files (x86)\Freetec\SystemStore\SoftwareUpdater.Bootstrapper.exe No File
Task: {5B453F03-C74F-4398-9E97-2A2D6C839081} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {5D1B1D38-5713-4AD1-97E5-633E9451CCE5} - System32\Tasks\4826 => C:\Windows\System32\wscript.exe [2009-07-14] (Microsoft Corporation)
Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs No File
Task: {77D65C5D-AB35-422D-AC0E-A891AD540C93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06] (Google Inc.)
Task: {79DCAAB4-AD2F-4AAE-93A2-2F43BDCA90BA} - System32\Tasks\{6DC66FDF-E7D1-4928-BB25-D3A1E47026F0} => C:\Programmieren\The Game Creators\Dark Basic Pro Free\Dark Basic Pro\Launch.exe No File
Task: {81134FAB-BAD2-406B-A261-3148998DC2A0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {930EF296-481D-45E6-BCFB-9066CBABAFEE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A1C94C61-0C78-41AF-8BE9-BC3EA7530C41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06] (Google Inc.)
Task: {A7BF9746-4951-406E-BD09-52B7A2425BEB} - System32\Tasks\0 => C:\program files (x86)\internet explorer\iexplore.exe [2013-02-02] (Microsoft Corporation)
Task: {AC0F6C9F-710D-48FD-A150-7206E8D460B4} - System32\Tasks\{A08A9954-0A22-4C6E-9630-5CCBDF21782E} => C:\Program Files\MAGIX\MusicMaker16Premium\MusicMaker.exe No File
Task: {B9AE6DEA-E626-4B17-AFE6-EC21362276AA} - System32\Tasks\{EED82BC9-D4FF-4873-8D38-0B045512F49E} => C:\Program Files\MAGIX\MusicMaker16Premium\MusicMaker.exe No File
Task: {BC232E36-6F2B-478F-B317-F6CD74B9B445} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {BFBD7D8B-89CC-4042-9A76-65D990526FF2} - System32\Tasks\{51D469C6-C830-4BBE-9E99-1F034310AFF5} => C:\Program Files\MAGIX\MusicMaker16Premium\MusicMaker.exe No File
Task: {CC0A5E0E-CF25-4800-8542-0DDAE88BC02E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-28] (Adobe Systems Incorporated)
Task: {D1EC2531-90F8-410D-A480-9CFE07FDDF52} - System32\Tasks\{60D517B7-DA51-4815-A263-655441ABCF99} => C:\Programme\Spore\Sporebin\SporeApp.exe No File
Task: {D4B05EBC-47F6-40E0-95F0-341A936F86EB} - System32\Tasks\{3EE4F6BF-B678-4F88-86DA-DA547CC07C71} => C:\Program Files\MAGIX\MusicMaker16Premium\MusicMaker.exe No File
Task: {E552502E-599F-4415-9D9D-175897ED54EA} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2010-11-20] (Microsoft Corporation)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs No File
Task: {F6686699-C25F-45AE-888B-71070B6586DC} - System32\Tasks\{0B57A645-0801-4F7D-8747-C5FF09D6941D} => C:\Program Files\MAGIX\MusicMaker16Premium\MusicMaker.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Install.job => C:\Windows\SysWOW64\Macromed\Shockwave 10\nssstub.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/02/2013 05:41:12 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert

Error: (07/02/2013 05:41:01 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert

Error: (07/02/2013 05:37:56 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert

Error: (07/02/2013 05:37:43 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert

Error: (07/02/2013 05:37:38 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert

Error: (07/02/2013 05:37:26 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert

Error: (07/02/2013 05:35:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert

Error: (07/02/2013 05:35:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert

Error: (07/02/2013 05:35:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert

Error: (07/02/2013 05:35:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert


System errors:
=============
Error: (07/02/2013 05:28:30 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070006

Error: (07/02/2013 05:27:49 PM) (Source: DCOM) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\agent.exe -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}

Error: (07/02/2013 05:25:34 PM) (Source: DCOM) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe -Embedding740{E9513610-F218-4DDA-B954-2C7E6BA7CABB}

Error: (07/02/2013 05:24:58 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SASDIFSV
SASKUTIL

Error: (07/02/2013 05:24:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Radio.fx Server" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/02/2013 05:23:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WWAN - automatische Konfiguration" wurde mit folgendem Fehler beendet: 
%%5

Error: (07/02/2013 05:23:34 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (07/02/2013 05:23:34 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (07/02/2013 05:23:20 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\D:\Sicherheit\SUPERAntiSpyware\SASDIFSV.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/02/2013 04:52:37 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070006


Microsoft Office Sessions:
=========================
Error: (10/06/2011 09:01:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/02/2010 07:57:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2011-01-01 12:28:35.473
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-01-01 12:28:35.349
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-01-01 12:28:35.146
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-01-01 12:28:35.005
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-01-01 12:28:32.814
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\x64\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-01-01 12:28:32.720
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\x64\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-01-01 12:28:32.564
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\x64\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-01-01 12:28:32.346
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\x64\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-01-01 12:28:31.347
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-01-01 12:28:31.269
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 74%
Total physical RAM: 3036.87 MB
Available physical RAM: 777.07 MB
Total Pagefile: 6071.06 MB
Available Pagefile: 2880.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Windows7) (Fixed) (Total:149.04 GB) (Free:15.46 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]
Drive d: (;P ******) (Fixed) (Total:147.58 GB) (Free:0.23 GB) NTFS (Disk=0 Partition=3)
Drive e: (NFSMW) (CDROM) (Total:2.1 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 7878FC96)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Wenn ich was falsch gemacht habe, hier sind die Dateien nochmal zum Download:
Anhang 57323
Anhang 57322

MFG --- MoGa
[www.youtube.com/user/0moga0]

schrauber · 02.07.2013, 18:15

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

MoGa · 07.07.2013, 12:52

Guten Mittag,

erstmal, dass du mir so geholfen hast!
Mein Rechner wurde von einigen Ordnern und Dateien befreit, besitpielsweise 'MyWebSearchFunProduct' (oder so ähnlich), welche ich nicht deinstallieren konnte.
Ausserdem habe ich hier dir log-Datei:

Code:

ATTFilter

ComboFix 13-07-07.01 - ****** 07.07.2013  12:51:06.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3037.1612 [GMT 2:00]
ausgeführt von:: c:\users\******\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\FunWebProducts
c:\program files (x86)\MyWebSearch
c:\program files (x86)\MyWebSearch\bar\Settings\s_pid.dat
c:\users\******\AppData\Roaming\BouncyCastle.Crypto.dll
c:\users\******\AppData\Roaming\Game_Maker.exe
c:\users\******\AppData\Roaming\Inla
c:\users\******\AppData\Roaming\Inla\luqoh.nih
c:\users\******\AppData\Roaming\Ionic.Zip.Reduced.dll
c:\users\******\AppData\Roaming\Ipefru
c:\users\******\AppData\Roaming\Ipefru\vipe.ocl
c:\users\******\AppData\Roaming\libeay32.dll
c:\users\******\AppData\Roaming\Love
c:\users\******\AppData\Roaming\Love\mari0\options.txt
c:\users\******\AppData\Roaming\OfferBox
c:\users\******\AppData\Roaming\OfferBox\config.xml
c:\users\******\AppData\Roaming\Oryqev
c:\users\******\AppData\Roaming\Oryqev\myiwo.exe
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.4.inf
c:\windows\IsUn0407.exe
c:\windows\SysWow64\frapsvid.dll
D:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DCService.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-07 bis 2013-07-07  ))))))))))))))))))))))))))))))
.
.
2013-07-07 11:03 . 2013-07-07 11:03	--------	d-----w-	c:\users\Poop\AppData\Local\temp
2013-07-07 11:03 . 2013-07-07 11:03	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-05 19:53 . 2013-07-05 19:53	--------	d-----w-	c:\users\******\AppData\Local\GORETEST
2013-07-03 20:19 . 2013-07-03 20:20	--------	d-----w-	c:\users\******\AppData\Local\street racing
2013-07-03 10:19 . 2013-07-03 10:19	--------	d-----w-	c:\users\******\AppData\Local\ZshooterZ
2013-07-02 15:44 . 2013-07-02 15:44	--------	d-----w-	C:\FRST
2013-07-01 16:23 . 2013-07-01 16:23	--------	d-----w-	c:\users\******\AppData\Roaming\Subversion
2013-06-30 15:56 . 2013-06-30 15:56	--------	d-----w-	c:\users\******\AppData\Local\MoGasHorrorGame
2013-06-30 13:58 . 2013-06-30 13:58	--------	d-----w-	c:\windows\SysWow64\Hotspot Shield
2013-06-30 13:27 . 2013-06-30 13:27	--------	d-----w-	c:\users\******\AppData\Local\GoreGame
2013-06-30 06:40 . 2013-05-09 08:59	270824	----a-w-	c:\windows\system32\drivers\aswNdis2.sys
2013-06-30 06:40 . 2013-05-09 08:59	131232	----a-w-	c:\windows\system32\drivers\aswFW.sys
2013-06-29 07:43 . 2013-06-29 07:43	--------	d-----w-	c:\program files (x86)\Hotspot_Shield
2013-06-29 07:43 . 2013-06-29 07:43	--------	d-----w-	c:\users\******\AppData\Local\Conduit
2013-06-29 07:42 . 2013-06-29 07:43	--------	d-----w-	c:\users\fbwuser
2013-06-29 07:41 . 2013-06-29 08:40	--------	d-----w-	c:\programdata\Hotspot Shield
2013-06-29 07:40 . 2013-06-29 07:42	--------	d-----w-	c:\program files (x86)\Hotspot Shield
2013-06-29 07:40 . 2013-06-29 07:40	--------	d-----w-	c:\users\******\AppData\Roaming\Hotspot Shield
2013-06-28 20:32 . 2013-06-28 20:32	--------	d-----w-	c:\users\******\AppData\Roaming\Build and Shoot
2013-06-28 19:51 . 2013-06-28 19:51	--------	d--h--w-	c:\windows\AxInstSV
2013-06-28 16:15 . 2013-06-28 16:15	--------	d-----w-	c:\users\******\AppData\Local\BeatBeast
2013-06-28 16:01 . 2013-06-30 17:15	--------	d-----w-	c:\users\******\AppData\Local\gamemaker_studio
2013-06-28 16:01 . 2013-06-28 16:01	--------	d-----w-	c:\programdata\gamemaker_studio
2013-06-28 12:31 . 2013-06-28 12:31	--------	d-----w-	c:\users\******\AppData\Local\Macromedia
2013-06-26 13:27 . 2013-06-26 13:42	--------	d-----w-	c:\programdata\SecTaskMan
2013-06-23 17:34 . 2013-07-02 21:23	--------	d-----w-	c:\users\******\AppData\Local\CrashDumps
2013-06-23 14:39 . 2013-06-23 14:39	--------	d-----w-	c:\users\******\AppData\Local\TechSmith
2013-06-23 14:38 . 2013-06-23 14:38	--------	d-----w-	c:\users\******\AppData\Roaming\TechSmith
2013-06-23 14:27 . 2013-06-23 14:27	--------	d-----w-	c:\program files (x86)\QuickTime
2013-06-23 14:27 . 2013-06-23 14:27	--------	d-----w-	c:\program files (x86)\Common Files\TechSmith Shared
2013-06-23 14:26 . 2013-06-23 14:37	--------	d-----w-	c:\programdata\TechSmith
2013-06-22 09:01 . 2013-06-22 09:01	--------	d-----w-	c:\users\******\AppData\Roaming\Egudh
2013-06-22 08:38 . 2013-06-22 08:38	--------	d-----w-	C:\Meine Webseiten
2013-06-21 01:09 . 2013-06-21 01:09	42184	----a-w-	c:\windows\system32\drivers\taphss6.sys
2013-06-21 01:07 . 2013-06-21 01:07	46792	----a-w-	c:\windows\system32\drivers\hssdrv6.sys
2013-06-15 19:32 . 2013-06-15 19:38	--------	d-----w-	c:\users\******\AppData\Local\Roblox
2013-06-15 18:58 . 2013-06-15 18:58	--------	d-----w-	c:\program files (x86)\SoftwareUpdater
2013-06-11 14:09 . 2013-06-11 14:10	--------	d-----w-	c:\users\******\AppData\Roaming\Diciz
2013-06-08 18:30 . 2013-06-08 18:30	--------	d-----w-	c:\users\******\.SquashOccurrences
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-02 16:17 . 2013-02-02 09:55	282104	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-07-02 16:17 . 2013-01-31 16:39	282104	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-07-02 16:17 . 2013-01-31 16:39	234768	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-06-29 08:15 . 2013-01-31 16:39	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-06-28 12:55 . 2012-05-04 17:06	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-28 12:55 . 2011-06-12 15:07	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-28 12:05 . 2013-03-04 17:56	189936	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-06-28 12:05 . 2011-04-09 16:52	1030952	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-06-28 12:05 . 2009-12-20 13:18	378944	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-06-19 13:05 . 2010-03-09 19:03	165232	---ha-w-	c:\users\******\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2013-06-02 11:56 . 2009-07-13 23:55	332288	----a-w-	c:\windows\system32\uxtheme.dll
2013-06-02 11:56 . 2011-04-22 06:25	2851840	----a-w-	c:\windows\system32\themeui.dll
2013-06-02 11:55 . 2009-07-13 23:54	44544	----a-w-	c:\windows\system32\themeservice.dll
2013-05-18 09:45 . 2012-11-04 17:19	466456	----a-w-	c:\windows\system32\wrap_oal.dll
2013-05-18 09:45 . 2012-11-04 17:19	122904	----a-w-	c:\windows\system32\OpenAL32.dll
2013-05-18 09:45 . 2012-11-04 17:19	444952	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2013-05-18 09:45 . 2012-11-04 17:19	109080	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2013-05-09 08:59 . 2013-03-04 17:56	65336	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-03-14 16:27	72016	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2009-12-20 13:18	64288	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2012-07-21 06:13	22600	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2013-05-09 08:59 . 2009-12-20 13:18	80816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2009-12-20 13:18	33400	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2011-01-01 11:25	41664	----a-w-	c:\windows\avastSS.scr
2013-05-09 08:58 . 2011-01-16 12:15	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-05-08 15:37 . 2010-11-09 20:29	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\program files (x86)\Winload\tbWinl.dll" [2010-03-17 2355224]
"{707db484-2428-402d-afb5-d85b387544c7}"= "c:\program files (x86)\Mario_Forever\tbMar1.dll" [2010-04-04 2349080]
"{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}"= "c:\program files (x86)\Softonic_Deutsch\tbSof0.dll" [2010-05-30 2515552]
"{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "c:\program files (x86)\isoHunt\tbiso1.dll" [2010-05-09 2515552]
"{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}"= "c:\program files (x86)\Games_Bar_1\tbGame.dll" [2009-12-31 2349080]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files (x86)\free-downloads.net\tbfre1.dll" [2010-03-07 2349080]
"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files (x86)\Hotspot_Shield\prxtbHots.dll" [2013-06-18 231712]
.
[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
.
[HKEY_CLASSES_ROOT\clsid\{707db484-2428-402d-afb5-d85b387544c7}]
.
[HKEY_CLASSES_ROOT\clsid\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}]
.
[HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
.
[HKEY_CLASSES_ROOT\clsid\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
2013-03-04 08:13	454496	----a-w-	c:\program files (x86)\PriceGong\2.6.11\PriceGongIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
2010-03-17 14:45	2355224	----a-w-	c:\program files (x86)\Winload\tbWinl.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{707db484-2428-402d-afb5-d85b387544c7}]
2010-04-04 14:45	2349080	----a-w-	c:\program files (x86)\Mario_Forever\tbMar1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}]
2010-05-30 11:16	2515552	----a-w-	c:\program files (x86)\Softonic_Deutsch\tbSof0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
2010-05-09 13:37	2515552	----a-w-	c:\program files (x86)\isoHunt\tbiso1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}]
2009-12-31 10:53	2349080	----a-w-	c:\program files (x86)\Games_Bar_1\tbGame.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
2013-06-18 11:54	231712	----a-w-	c:\program files (x86)\Hotspot_Shield\prxtbHots.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2010-03-07 14:15	2349080	----a-w-	c:\program files (x86)\free-downloads.net\tbfre1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2013-06-21 00:19	233288	----a-w-	c:\program files (x86)\Hotspot Shield\HssIE\HssIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\program files (x86)\Winload\tbWinl.dll" [2010-03-17 2355224]
"{707db484-2428-402d-afb5-d85b387544c7}"= "c:\program files (x86)\Mario_Forever\tbMar1.dll" [2010-04-04 2349080]
"{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}"= "c:\program files (x86)\Softonic_Deutsch\tbSof0.dll" [2010-05-30 2515552]
"{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "c:\program files (x86)\isoHunt\tbiso1.dll" [2010-05-09 2515552]
"{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}"= "c:\program files (x86)\Games_Bar_1\tbGame.dll" [2009-12-31 2349080]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files (x86)\free-downloads.net\tbfre1.dll" [2010-03-07 2349080]
"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files (x86)\Hotspot_Shield\prxtbHots.dll" [2013-06-18 231712]
.
[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
.
[HKEY_CLASSES_ROOT\clsid\{707db484-2428-402d-afb5-d85b387544c7}]
.
[HKEY_CLASSES_ROOT\clsid\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}]
.
[HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
.
[HKEY_CLASSES_ROOT\clsid\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}]
.
[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]
.
[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 163328]
"SUPERAntiSpyware"="d:\sicherheit\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" [2011-08-01 2424192]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-05-16 213936]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-05 39408]
"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 213936]
"Akamai NetSession Interface"="c:\users\******\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"KiesPreload"="d:\programme\Kies\Kies\Kies.exe" [2012-12-03 967608]
"KiesAirMessage"="d:\programme\Kies\Kies\KiesAirMessage.exe" [2012-11-01 577536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"="%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun" [X]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2008-11-21 438272]
"TrayServer"="d:\progra~4\MAGIX\VIDEO_~1\TrayServer.exe" [2008-08-07 90112]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 86960]
"WTClient"="WTClient.exe" [2009-10-30 32768]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"avast"="d:\sicherheit\Avast neu\avastUI.exe" [2013-05-09 4858968]
"KiesTrayAgent"="d:\programme\Kies\Kies\KiesTrayAgent.exe" [2012-12-03 309688]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LogMeIn Hamachi Ui"="c:\users\******\Downloads\MC\Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
.
c:\users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SetPointII.lnk - d:\programme\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-2-24 391072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R1 SASDIFSV;SASDIFSV;d:\sicherheit\SUPERAntiSpyware\SASDIFSV.SYS;d:\sicherheit\SUPERAntiSpyware\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\******\AppData\Local\Temp\SASKUTIL.SYS;c:\users\******\AppData\Local\Temp\SASKUTIL.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Radio.fx;Radio.fx Server;g:\radio.fx\Server\rfx-server.exe;g:\radio.fx\Server\rfx-server.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;d:\programme\GMBoostA\Driver\WinRing0x64.sys;d:\programme\GMBoostA\Driver\WinRing0x64.sys [x]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(1).sys [x]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(2).sys [x]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(3).sys [x]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(4).sys [x]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(5).sys [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 ZDPSp50a64;ZDPSp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\ZDPSp50a64.sys;c:\windows\SYSNATIVE\Drivers\ZDPSp50a64.sys [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 aswKbd;aswKbd; [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys;c:\windows\SYSNATIVE\drivers\aswNdis2.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys;c:\windows\SYSNATIVE\drivers\aswFW.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;d:\sicherheit\Avast neu\afwServ.exe;d:\sicherheit\Avast neu\afwServ.exe [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 camsvc;TOSHIBA Web Camera Service;c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\users\******\Downloads\MC\Hamachi\hamachi-2.exe;c:\users\******\Downloads\MC\Hamachi\hamachi-2.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
S2 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
S2 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S2 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 12:55]
.
2013-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06 14:57]
.
2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06 14:57]
.
2010-05-03 c:\windows\Tasks\Install.job
- c:\windows\SysWOW64\Macromed\Shockwave 10\nssstub.exe [2010-05-02 10:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	133840	----a-w-	d:\sicherheit\Avast neu\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-03-29 238592]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" [2009-04-23 1128448]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: Free YouTube Download - c:\users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: Interfaces\{1A4D9296-FBEC-4C11-872D-72B4BBF700DE}: NameServer = 193.189.244.225 193.189.244.206
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-5/SmileyCreatorInitialSetup1.0.1.4.cab
DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/downloads/activex/YoYo.cab
FF - ProfilePath - c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=2&CUI=UN71995909548713155&UM=1&sspv=TB_CH3&q=
FF - ExtSQL: 2013-06-29 09:43; {c95a4e8e-816d-4655-8c79-d736da1adb6d}; c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
FF - ExtSQL: 2013-07-02 18:42; battlefieldheroespatcher@ea.com; c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\extensions\battlefieldheroespatcher@ea.com
FF - ExtSQL: !HIDDEN! 2011-03-28 09:47; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 200572fa000000000000001e655330ed
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15769
FF - user.js: extensions.delta.vrsn - 1.8.10.0
FF - user.js: extensions.delta.vrsni - 1.8.10.0
FF - user.js: extensions.delta.vrsnTs - 1.8.10.019:23
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Steam - h:\b\Steam\steam.exe
Wow6432Node-HKCU-Run-rfxsrvtray - g:\radio.fx\\Client\rfx-tray.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Radio.fx.LNK - g:\radio.fx\Client\rfx-client.exe
WebBrowser-{40C3CC16-7269-4B32-9531-17F2950FB06F} - (no file)
WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)
WebBrowser-{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - (no file)
WebBrowser-{A6E4A4EB-D169-4E99-8988-250FCBAFE767} - (no file)
WebBrowser-{BC04B34E-5DD8-465A-A5E0-86F7C11BC009} - (no file)
WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file)
WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file)
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TPCHWMsg - c:\program files (x86)\TOSHIBA\TPHM\TPCHWMsg.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Burger Shop 2 RebelMan - g:\b\Burger Shop 2-\Uninstall.exe
AddRemove-Call of Duty: Black Ops II_is1 - g:\b\Others\Call of Duty Black Ops II\game\unins000.exe
AddRemove-LEGO Creator - c:\windows\IsUn0407.exe
AddRemove-LEGO Rock Raiders - c:\windows\IsUn0407.exe
AddRemove-Steam App 12360 - g:\d\steam undead working!!\steam.exe
AddRemove-Steam App 201680 - g:\b\backup steam\STEAM UNDEAD\steam.exe
AddRemove-Steam App 2990 - g:\d\steam undead working!!\steam.exe
AddRemove-Steam App 40390 - g:\b\Steam\steam.exe
AddRemove-Steam App 410 - g:\b\backup steam\STEAM UNDEAD\steam.exe
AddRemove-Steam App 42910 - h:\d\steam undead working!!\steam.exe
AddRemove-Steam App 440 - g:\b\Steam\steam.exe
AddRemove-Steam App 47400 - h:\d\steam undead working!!\steam.exe
AddRemove-Steam App 47890 - g:\d\steam undead working!!\steam.exe
AddRemove-Steam App 48280 - g:\b\backup steam\STEAM UNDEAD\steam.exe
AddRemove-Steam App 55230 - g:\b\Steam\steam.exe
AddRemove-Steam App 72850 - h:\b\Steam\steam.exe
AddRemove-Steam App 98610 - g:\b\backup steam\STEAM UNDEAD\steam.exe
AddRemove-Steam App 99890 - g:\d\steam undead working!!\steam.exe
AddRemove-WTTLIA - c:\windows\IsUn0407.exe
AddRemove-{22BB0352-8E48-430C-85CC-F996BF51D2E7}_is1 - d:\programme\Schulisch_BITTER\Kurvenprofi\unins000.exe
AddRemove-GTA Control Panel - c:\users\******\Downloads\WR2\new mods\looedl\Uninstal_ControlPanel.exe
AddRemove-Plan it Green Deluxe - d:\programme\PlaanItGreen\Plan it Green Deluxe\GameInstlr.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1621164656-1320583164-626291356-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b9,b9,62,b3,11,34,2e,36,16,09,b9,01,5c,2e,08,2a,96,4c,94,3d,77,e7,09,
   4e,2f,62,61,46,1c,53,1f,15,5d,92,92,5e,b3,f1,0f,90,62,3f,af,93,2a,70,19,52,\
"??"=hex:a1,41,7b,2c,e5,89,a5,e9,45,ea,3c,31,82,31,ad,53
.
[HKEY_USERS\S-1-5-21-1621164656-1320583164-626291356-1000\Software\SecuROM\License information*]
"datasecu"=hex:71,0d,8e,45,8a,03,0a,67,33,83,dd,77,64,b0,a8,41,72,5f,86,f7,29,
   3e,16,c3,bb,9f,f5,00,de,66,dd,fb,af,40,03,c7,52,1a,d1,29,7c,01,1f,44,31,c0,\
"rkeysecu"=hex:f5,cb,cd,eb,11,4d,03,55,f4,88,e6,2a,33,cb,5b,50
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2633873~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2640148~31bf3856ad364e35~amd64~~6.1.2.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2645640~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2647516~31bf3856ad364e35~amd64~~9.4.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2660075~31bf3856ad364e35~amd64~~6.1.1.0]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2660465~31bf3856ad364e35~amd64~~6.1.1.2]
@DACL=(02 0000)
"ApplicabilityState"=dword:00000070
"CurrentState"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
d:\sicherheit\Avast neu\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\SysWOW64\vmnat.exe
c:\windows\System32\Drivers\WTSRV.EXE
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
d:\programme\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\Hotspot Shield\bin\hsscp.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-07  13:14:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-07-07 11:14
.
Vor Suchlauf: 28 Verzeichnis(se), 14.154.043.392 Bytes frei
Nach Suchlauf: 37 Verzeichnis(se), 13.515.296.768 Bytes frei
.
- - End Of File - - 618BA7B129EF8771B54F8E334B5ADF28
A36C5E4F47E84449FF07ED3517B43A31

WAS ZUM TEUFEL HABE ICH DA FÜR PROGRAMME DRAUF? - Ich glaub da muss ich noch schimpfen -.-

Naja egal...

Wie immer ist mein Benutzer mit ****** unkenntlich gemacht.
Und falls es Probleme geben sollte, hier auch nochmal als Download:
Anhang 57571
Log.txt

MFG --- MoGa
[www.youtube.com/user/0moga0]

schrauber · 07.07.2013, 12:59

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST Log bitte.

MoGa · 16.06.2014, 12:50

Danke nocheinmal,
jedoch habe ich mir jetzt einen neuen, schnelleren Rechner zugelegt und werde den alten komplett neu aufsetzen, weshalb dieser Thread geschlossen werden kann.

schrauber · 17.06.2014, 09:23

ok.

17.06.2014, 09:23	#8
schrauber /// the machine /// TB-Ausbilder	[3x Conhost?] Ständig laufen 3 Conhost.exe -Anwendungen ok. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

[3x Conhost?] Ständig laufen 3 Conhost.exe -Anwendungen

Log-Analyse und Auswertung: [3x Conhost?] Ständig laufen 3 Conhost.exe -Anwendungen