Windows fährt nach erstem Hochfahren automatisch runter

ComboFix 10-07-12.06 -   13.07.2010  21:49:28.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.2940.2045 [GMT 2:00]
ausgeführt von:: c:\users\ \Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\windows\system32\%appdata%

.
(((((((((((((((((((((((   Dateien erstellt von 2010-06-13 bis 2010-07-13  ))))))))))))))))))))))))))))))
.

2010-07-13 19:56 . 2010-07-13 19:58	--------	d-----w-	c:\users\ \AppData\Local\temp
2010-07-13 19:56 . 2010-07-13 19:56	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-07-13 19:05 . 2010-07-13 19:05	--------	d-----w-	C:\_OTL
2010-07-13 18:56 . 2010-07-13 18:56	--------	d-----w-	c:\windows\XSxS
2010-07-13 18:56 . 2010-07-13 18:56	--------	d-----w-	c:\program files\Xenocode
2010-07-13 12:15 . 2010-07-13 12:15	264	----a-w-	c:\windows\system32\PSUNCpl.dat
2010-07-13 12:00 . 2010-07-13 12:00	--------	d-----w-	c:\users\ \AppData\Roaming\Malwarebytes
2010-07-13 12:00 . 2010-04-29 13:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-13 12:00 . 2010-07-13 12:00	--------	d-----w-	c:\programdata\Malwarebytes
2010-07-13 12:00 . 2010-07-13 12:00	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-07-13 12:00 . 2010-04-29 13:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-07-13 11:12 . 2009-10-10 02:57	12800	----a-w-	c:\windows\system32\drivers\sffp_sd.sys
2010-07-02 20:33 . 2010-07-02 20:51	--------	d-----w-	c:\users\ \AppData\Roaming\Broken Sword 2.5
2010-07-02 20:31 . 2010-07-02 20:31	53248	----a-r-	c:\users\ \AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-07-02 20:31 . 2010-07-02 20:31	16400	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2010-07-02 20:30 . 2010-07-02 20:31	--------	d-----w-	c:\programdata\Logishrd
2010-07-02 20:30 . 2010-07-02 20:31	--------	d-----w-	c:\program files\Logitech
2010-07-02 20:30 . 2010-07-02 20:31	--------	d-----w-	c:\program files\Common Files\LogiShrd
2010-07-02 20:30 . 2010-07-02 20:31	--------	d-----w-	c:\users\ \AppData\Roaming\Logitech
2010-07-02 20:30 . 2010-07-02 20:30	--------	d-----w-	c:\users\ \AppData\Roaming\Logishrd
2010-07-02 20:29 . 2010-05-31 09:46	267880	----a-w-	c:\windows\system32\drivers\Rt86win7.sys
2010-07-02 20:29 . 2009-12-03 15:27	80416	----a-w-	c:\windows\system32\RtNicProp32.dll
2010-07-02 20:26 . 2010-07-02 20:27	--------	d-----w-	c:\program files\Broken Sword 2.5
2010-06-25 18:38 . 2010-06-25 18:38	--------	d-----w-	c:\users\ \AppData\Roaming\Microsoft Games
2010-06-24 18:57 . 2010-06-24 18:57	501936	----a-w-	c:\programdata\Google\Google Toolbar\Update\gtb9DFF.tmp.exe
2010-06-24 18:38 . 2010-06-24 18:38	--------	d-----w-	c:\program files\DAEMON Tools Toolbar
2010-06-24 18:37 . 2010-06-24 18:38	--------	d-----w-	c:\program files\DAEMON Tools Lite
2010-06-24 18:37 . 2010-06-24 18:39	--------	d-----w-	c:\users\ \AppData\Roaming\DAEMON Tools Lite
2010-06-24 18:34 . 2010-06-24 18:37	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2010-06-23 14:01 . 2009-11-25 10:47	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2010-06-23 14:01 . 2009-11-25 10:47	49472	----a-w-	c:\windows\system32\netfxperf.dll
2010-06-23 14:01 . 2009-11-25 10:47	297808	----a-w-	c:\windows\system32\mscoree.dll
2010-06-23 14:01 . 2009-11-25 10:47	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2010-06-23 14:01 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\system32\dfshim.dll
2010-06-23 10:54 . 2010-06-23 10:55	--------	d-----w-	c:\users\ \AppData\Roaming\WinSplit
2010-06-23 10:45 . 2010-06-23 10:45	--------	d-----w-	c:\users\ \AppData\Roaming\Apple Computer
2010-06-23 10:28 . 2010-03-24 06:37	1286456	----a-w-	c:\windows\system32\ntdll.dll
2010-06-23 10:28 . 2010-05-09 09:14	641536	----a-w-	c:\windows\system32\CPFilters.dll
2010-06-23 10:28 . 2010-05-09 09:14	417792	----a-w-	c:\windows\system32\msdri.dll
2010-06-20 13:16 . 2010-06-20 13:16	--------	d-----w-	c:\programdata\Panda Security
2010-06-17 21:03 . 2010-06-17 21:03	--------	d-----w-	c:\program files\AC3Filter
2010-06-17 21:01 . 2010-06-17 21:01	--------	d-----w-	c:\users\ \AppData\Roaming\Media Player Classic
2010-06-17 20:58 . 2010-03-15 09:31	165376	----a-w-	c:\windows\system32\unrar.dll
2010-06-16 12:57 . 2010-06-16 12:58	--------	d-----w-	c:\program files\QuickTime
2010-06-16 12:57 . 2010-06-16 12:57	--------	d-----w-	c:\programdata\Apple Computer
2010-06-15 16:51 . 2010-06-15 16:51	1127240	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-13 19:56 . 2010-03-17 17:26	--------	d-----w-	c:\program files\pdfforge Toolbar
2010-07-13 19:52 . 2009-07-14 08:47	664634	----a-w-	c:\windows\system32\perfh007.dat
2010-07-13 19:52 . 2009-07-14 08:47	134770	----a-w-	c:\windows\system32\perfc007.dat
2010-07-13 19:38 . 2009-10-30 14:32	--------	d-----w-	c:\program files\CCleaner
2010-07-13 18:40 . 2010-06-08 19:40	--------	d-----w-	c:\program files\JDownloader
2010-07-13 18:32 . 2010-05-29 03:14	--------	d-----w-	c:\users\ \AppData\Roaming\vlc
2010-07-13 12:30 . 2009-11-06 10:55	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2010-07-13 12:15 . 2010-02-17 15:28	--------	d-----w-	c:\program files\Panda Security
2010-07-06 21:47 . 2009-10-30 12:24	93304	----a-w-	c:\users\ \AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-04 12:40 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Microsoft Games
2010-07-04 12:10 . 2009-09-07 06:18	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-07-04 12:07 . 2009-09-07 06:18	--------	d-----w-	c:\program files\Common Files\InstallShield
2010-07-02 20:32 . 2009-09-07 06:19	--------	d--h--w-	c:\program files\Temp
2010-07-02 20:29 . 2009-09-07 06:19	--------	d-----w-	c:\program files\Realtek
2010-07-02 04:08 . 2010-01-04 04:30	--------	d-----w-	c:\users\ \AppData\Roaming\dvdcss
2010-06-25 18:09 . 2010-06-11 06:04	--------	d-----w-	c:\program files\MediaMonkey
2010-06-25 12:27 . 2009-12-04 00:29	--------	d-----w-	c:\program files\Microsoft.NET
2010-06-12 16:05 . 2010-06-11 11:28	--------	d-----w-	c:\program files\Ask.com
2010-06-11 21:12 . 2010-06-11 21:12	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2010-06-11 21:12 . 2010-06-11 21:12	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-06-11 21:12 . 2010-06-11 21:12	1222464	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-06-11 21:08 . 2010-06-11 21:08	--------	d-----w-	c:\users\Default\AppData\Roaming\Media Center Programs
2010-06-11 19:15 . 2010-06-11 19:15	--------	d-----w-	c:\users\Default\AppData\Roaming\Samsung
2010-06-11 18:29 . 2010-06-11 18:29	--------	d--h--we	c:\programdata\AVP11
2010-06-11 18:25 . 2009-11-06 10:53	--------	d-----w-	c:\programdata\Lavasoft
2010-06-11 11:39 . 2010-06-11 11:28	--------	d-----w-	c:\users\\AppData\Roaming\BitTorrent
2010-06-11 11:28 . 2010-06-11 11:28	--------	d-----w-	c:\program files\BitTorrent
2010-06-10 13:06 . 2009-12-08 23:39	--------	d-----w-	c:\users\\AppData\Roaming\Skype
2010-06-10 12:30 . 2009-12-08 23:41	--------	d-----w-	c:\users\\AppData\Roaming\skypePM
2010-06-04 12:01 . 2009-09-07 06:57	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-05-27 16:39 . 2010-05-27 16:39	141384	----a-w-	c:\windows\system32\drivers\PSINAflt.sys
2010-05-27 07:24 . 2010-06-10 12:32	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-10 12:32	293888	----a-w-	c:\windows\system32\atmfd.dll
2010-05-25 04:26 . 2010-05-16 17:27	5642000	----a-w-	c:\users\\AppData\Roaming\TVU Networks\AutoUpgrade\TVUPlayer2.5.3.1.exe
2010-05-21 12:14 . 2009-12-01 15:31	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-21 05:18 . 2010-06-10 12:33	977920	----a-w-	c:\windows\system32\wininet.dll
2010-05-20 04:01 . 2009-09-07 06:30	--------	d-----w-	c:\program files\Google
2010-05-12 08:57 . 2010-05-12 08:57	111176	----a-w-	c:\windows\system32\drivers\PSINProt.sys
2010-05-04 06:36 . 2010-05-04 06:36	125960	----a-w-	c:\windows\system32\drivers\PSINKNC.sys
2010-05-01 14:49 . 2010-06-10 12:33	2326528	----a-w-	c:\windows\system32\win32k.sys
2010-04-30 11:46 . 2010-04-30 11:46	111112	----a-w-	c:\windows\system32\drivers\PSINProc.sys
2010-04-30 11:46 . 2010-04-30 11:46	99336	----a-w-	c:\windows\system32\drivers\PSINFile.sys
2010-04-28 22:29 . 2010-04-28 22:29	53328	----a-w-	c:\windows\system32\LMouFiltCoInst.dll
2010-04-23 07:13 . 2010-05-25 20:12	2048	----a-w-	c:\windows\system32\tzres.dll
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= "c:\windows\System32\ieframe.dll" [2010-05-06 10984448]

[HKEY_CLASSES_ROOT\clsid\{cfbfae00-17a6-11d0-99cb-00c04fd64497}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"= "c:\program files\DAEMON Tools Toolbar\DTToolbar.dll" [2010-03-25 968000]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"= "c:\program files\Google\Google Toolbar\GoogleToolbar_32.dll" [2010-06-24 278192]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{32099aac-c132-4136-9e9a-4e364a424e17}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj]

[HKEY_CLASSES_ROOT\clsid\{2318c2b1-4965-11d4-9b18-009027a5cd4f}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"= "c:\program files\Google\Google Toolbar\GoogleToolbar_32.dll" [2010-06-24 278192]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"= "c:\program files\DAEMON Tools Toolbar\DTToolbar.dll" [2010-03-25 968000]

[HKEY_CLASSES_ROOT\clsid\{2318c2b1-4965-11d4-9b18-009027a5cd4f}]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{32099aac-c132-4136-9e9a-4e364a424e17}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
2010-05-14 13:04	320832	----a-w-	c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
2010-05-14 13:04	320832	----a-w-	c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 476512]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 2446648]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 611672]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2010-01-08 186904]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-05-18 1311312]
" Malwarebytes Anti-Malware  (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
"PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2010-05-14 406848]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
"Samsung.PCSync"="c:\program files\Samsung\Samsung PC Studio 7\PcSync2.exe" [2009-06-04 1294336]
"S60 PC Suite Tray"="c:\program files\Samsung\Samsung PC Studio 7\PCSuite.exe" [2008-12-06 699392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29	64592	----a-w-	c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"TOSHIBA Online Product Information"=c:\program files\Toshiba\Toshiba Online Product Information\TOPI.exe
"Livestation"=c:\program files\Livestation\Livestation.exe -startup
"S60 PC Suite Tray"="c:\program files\Samsung\Samsung PC Studio 7\PCSuite.exe" -onlytray
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"Getdo"=rundll32.exe "c:\users\\AppData\Roaming\Adobe\Update\flacor.dat""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TosNC"=%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
"TosReelTimeMonitor"=%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SmartFaceVWatcher"=%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
"SmoothView"=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
"Toshiba Registration"=c:\program files\Toshiba\Registration\ToshibaReminder.exe
"Toshiba TEMPRO"=c:\program files\Toshiba TEMPRO\TemproTray.exe
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"Persistence"=c:\windows\system32\igfxpers.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"HSON"=%ProgramFiles%\TOSHIBA\TBS\HSON.exe
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"SearchSettings"=c:\program files\pdfforge Toolbar\SearchSettings.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-16 133104]
R3 AVMUNET;AVM FRITZ!Box;c:\windows\system32\DRIVERS\avmunet.sys [2006-10-06 14976]
R3 gtstusbser;Option210 USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\gtstusbser.sys [2008-11-18 103552]
R3 nmwcdsa;Samsung USB Phone Parent;c:\windows\system32\drivers\nmwcdsa.sys [2007-05-02 135680]
R3 nmwcdsac;Samsung USB Generic;c:\windows\system32\drivers\nmwcdsac.sys [2007-05-02 8320]
R3 nmwcdsacj;Samsung USB Port;c:\windows\system32\drivers\nmwcdsacj.sys [2007-05-02 12288]
R3 nmwcdsacm;Samsung USB Modem;c:\windows\system32\drivers\nmwcdsacm.sys [2007-05-02 12288]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2009-09-07 332272]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-03-11 691696]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2010-05-04 125960]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-10 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2010-04-30 136448]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2010-05-27 141384]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2010-04-30 99336]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2010-04-30 111112]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2010-05-12 111176]
S2 RSELSVC;TOSHIBA Modem region select service;c:\program files\TOSHIBA\RSelect\RSelSvc.exe [2009-07-07 62832]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-18 1047368]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 7680]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 379904]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 111960]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
HsfXAudioService	REG_MULTI_SZ   	HsfXAudioService
vvdsvc	REG_MULTI_SZ   	vvdsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners

2010-07-13 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-07 09:39]

2010-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-16 09:40]

2010-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-16 09:40]

2010-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3059090290-2168174768-4257991694-1000Core.job
- c:\users\Engin Basel\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-01 17:07]

2010-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3059090290-2168174768-4257991694-1000UA.job
- c:\users\\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-01 17:07]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
mStart Page = about:blank
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\\AppData\Roaming\Mozilla\Firefox\Profiles\1pvqrnrk.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll
FF - component: c:\program files\pdfforge Toolbar\SSFF\components\SearchSettingsFF.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll

---- FIREFOX Richtlinien ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\pdfforge Toolbar\SearchSettings.dll
WebBrowser-{4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-avgnt - c:\program files\Avira\AntiVir Desktop\avgnt.exe
MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe


.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(5248)
c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL
c:\program files\Panda Security\Panda Cloud Antivirus\PSNCGP.dll
c:\program files\Panda Security\Panda Cloud Antivirus\PSNCIPC.dll
c:\program files\Samsung\Samsung PC Studio 7\phonebrowser.dll
c:\program files\Samsung\Samsung PC Studio 7\PCSCM_Samsung.dll
c:\program files\Samsung\Samsung PC Studio 7\Lang\PhoneBrowser_ger.nlr
c:\program files\Samsung\Samsung PC Studio 7\Resource\PhoneBrowser_Samsung.ngr
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\taskhost.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Power Saver\TosCoSrv.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-07-13  22:01:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-07-13 20:01

Vor Suchlauf: 12 Verzeichnis(se), 61.580.734.464 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 61.491.408.896 Bytes frei

- - End Of File - - 8679F5176CEAE1F02B908380509C1C48