Trojaner-Board - [3x Conhost?] Ständig laufen 3 Conhost.exe -Anwendungen

Hier sind die Dateien

FRST

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013

Ran by ****** (administrator) on 02-07-2013 17:44:23

Running from C:\Users\******\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 9

Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\system32\atiesrxx.exe

(AVAST Software) D:\Sicherheit\Avast neu\AvastSvc.exe

(AMD) C:\Windows\system32\atieclxx.exe

(AVAST Software) D:\Sicherheit\Avast neu\afwServ.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe

() C:\ProgramData\DatacardService\DCService.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(LogMeIn Inc.) C:\Users\******\Downloads\MC\Hamachi\hamachi-2.exe

(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe

() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Rocket Division Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(Tablet Driver) C:\Windows\System32\Drivers\WTSRV.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

(VMware, Inc.) D:\Programme\VMware Player\vmware-authd.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

(SUPERAntiSpyware.com) D:\Sicherheit\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe

(Akamai Technologies, Inc.) C:\Users\******\AppData\Local\Akamai\netsession_win.exe

(Akamai Technologies, Inc.) C:\Users\******\AppData\Local\Akamai\netsession_win.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe

(Samsung) D:\Programme\Kies\Kies\Kies.exe

(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe

(Samsung) D:\Programme\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

(Logitech Inc.) D:\Programme\Logitech\SetPoint II\SetPointII.exe

(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe

(AVAST Software) D:\Sicherheit\Avast neu\AvastUI.exe

(Samsung Electronics Co., Ltd.) D:\Programme\Kies\Kies\KiesTrayAgent.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe

(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe

(Mozilla Corporation) D:\Programme\Firefox\firefox.exe

(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe

(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe

(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe

(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe

(EA Digital Illusions CE AB) C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\extensions\battlefieldplay4free@ea.com\plugins\BP4FUpdater.exe

(Easy) C:\Program Files (x86)\EA Games\Battlefield Play4Free\BFP4f.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe [238592 2009-03-29] (Alps Electric Co., Ltd.)

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)

HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [236544 2009-03-24] (TOSHIBA Corporation)

HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [1451008 2009-04-24] (TOSHIBA Corporation)

HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1128448 2009-04-23] (TOSHIBA Corporation)

HKLM\...\Run: [TPCHWMsg] %ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe [613232 2009-04-15] (TOSHIBA Corporation)

HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)

HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]

Winlogon\Notify\WB: D:\PROGRA~1\WINDOW~2\fast64.dll [X]

HKCU\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)

HKCU\...\Run: [SUPERAntiSpyware] D:\Sicherheit\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [x]

HKCU\...\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup [213936 2006-05-16] (Macrovision Corporation)

HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-06-05] (Google Inc.)

HKCU\...\Run: [Steam] "H:\B\Steam\steam.exe" -silent [x]

HKCU\...\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [213936 2006-05-16] (Macrovision Corporation)

HKCU\...\Run: [Akamai NetSession Interface] "C:\Users\******\AppData\Local\Akamai\netsession_win.exe" [4489472 2013-06-05] (Akamai Technologies, Inc.)

HKCU\...\Run: [KiesPreload] D:\Programme\Kies\Kies\Kies.exe /preload [x]

HKCU\...\Run: [KiesAirMessage] D:\Programme\Kies\Kies\KiesAirMessage.exe -startup [x]

HKCU\...\Run: [] D:\Programme\Kies\Kies\External\FirmwareUpdate\KiesPDLR.exe [x]

HKCU\...\Run: [rfxsrvtray] "g:\Radio.fx\\Client\rfx-tray.exe" [x]

MountPoints2: {84669c60-e46d-11e0-a87f-001e655330ec} - G:\AutoRun.exe

MountPoints2: {84669c80-e46d-11e0-a87f-001e655330ec} - G:\AutoRun.exe

MountPoints2: {dd757f36-e277-11de-a511-806e6f6e6963} - E:\Autorun.exe

MountPoints2: {df566480-ed57-11de-a001-0026222e5329} - F:\LaunchU3.exe -a

HKLM-x32\...\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP [423936 2009-06-02] (TOSHIBA Electronics, Inc.)

HKLM-x32\...\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" [34088 2009-01-13] (TOSHIBA CORPORATION)

HKLM-x32\...\Run: [SVPWUTIL] "C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" SVPwUTIL [438272 2008-11-21] (TOSHIBA)

HKLM-x32\...\Run: [TrayServer] D:\PROGRA~4\MAGIX\VIDEO_~1\TrayServer.exe [x]

HKLM-x32\...\Run: [TWebCamera] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [x]

HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-07-29] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start [86960 2006-05-16] (Macrovision Corporation)

HKLM-x32\...\Run: [WTClient] WTClient.exe [32768 2009-10-30] (Tablet Driver)

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)

HKLM-x32\...\Run: [avast] "D:\Sicherheit\Avast neu\avastUI.exe" /nogui [x]

HKLM-x32\...\Run: [KiesTrayAgent] D:\Programme\Kies\Kies\KiesTrayAgent.exe [x]

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Users\******\Downloads\MC\Hamachi\hamachi-2-ui.exe" --auto-start [2255184 2013-05-15] (LogMeIn Inc.)

HKU\Poop\...\Run: [\\MOMPI-PC\EPSON Stylus] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Users\******\AppData\Local\Temp\E_S6654.tmp" /EF "HKCU" [x] <===== ATTENTION

HKU\Poop\...\Run: [\\Mompi-pc\EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBIE.EXE /FU "C:\Users\******\AppData\Local\Temp\E_SC217.tmp" /EF "HKCU" [x] <===== ATTENTION

HKU\Poop\...\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount [203928 2009-04-24] (Alcohol Soft Development Team)

HKU\Poop\...\Run: [DAEMON Tools Lite] "D:\Programme\Daemon-tools\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKU\Poop\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)

HKU\Poop\...\Run: [PhilipsSongbirdLauncher] C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe [346624 2010-12-25] ()

HKU\Poop\...\Run: [SUPERAntiSpyware] D:\Sicherheit\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [x]

HKU\Poop\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-06-05] (Google Inc.)

HKU\Poop\...\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6158240 2009-03-16] (TOSHIBA)

HKU\Poop\...\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade [516096 2010-11-20] (Microsoft Corporation)

HKU\Poop\...\RunOnce: [DPAPIKeyMig] %SystemRoot%\system32\dpapimig.exe -quiet [74752 2009-07-14] (Microsoft Corporation)

Startup: C:\ProgramData\Start Menu\Programs\Startup\Radio.fx.LNK

ShortcutTarget: Radio.fx.LNK -> G:\Radio.fx\Client\rfx-client.exe (No File)

Startup: C:\ProgramData\Start Menu\Programs\Startup\SetPointII.lnk

ShortcutTarget: SetPointII.lnk -> D:\Programme\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Poop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

URLSearchHook: (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} -  No File

URLSearchHook: (No Name) - {707db484-2428-402d-afb5-d85b387544c7} -  No File

URLSearchHook: (No Name) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} -  No File

URLSearchHook: (No Name) - {a6e4a4eb-d169-4e99-8988-250fcbafe767} -  No File

URLSearchHook: (No Name) - {bc04b34e-5dd8-465a-a5e0-86f7c11bc009} -  No File

URLSearchHook: (No Name) - {ecdee021-0d17-467f-a1ff-c7a115230949} -  No File

URLSearchHook: (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File

URLSearchHook: (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} -  No File

HKLM-x32 SearchScopes: DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKLM-x32 - {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm008YYDE&ptb=IcV1.KpO0e5XB4C086LkSA&psa=&ind=2010020609&ptnrS=ZVxdm008YYDE&si=36602&st=sb&n=77ce7b01&searchfor={searchTerms}

SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 

SearchScopes: HKCU - {50A1A5F0-0045-4635-B014-A5BC299883E4} URL = 

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

SearchScopes: HKCU - {FC9B4B73-AC9E-49DB-BFE0-E44158A31586} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552&CUI=UN14111851441805626&UM=1

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Sicherheit\Avast neu\aswWebRepIE64.dll No File

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)

BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

BHO-x32: PriceGong - Price Comparison - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.11\PriceGongIE.dll (PriceGong)

BHO-x32: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.)

BHO-x32: Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files (x86)\Mario_Forever\tbMar1.dll (Conduit Ltd.)

BHO-x32: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof0.dll (Conduit Ltd.)

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Sicherheit\Avast neu\aswWebRepIE.dll No File

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbiso1.dll (Conduit Ltd.)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Games Bar 1 Toolbar - {bc04b34e-5dd8-465a-a5e0-86f7c11bc009} - C:\Program Files (x86)\Games_Bar_1\tbGame.dll (Conduit Ltd.)

BHO-x32: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfre1.dll (Conduit Ltd.)

BHO-x32: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)

BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Sicherheit\Avast neu\aswWebRepIE64.dll No File

Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\tbWinl.dll (Conduit Ltd.)

Toolbar: HKLM-x32 - Mario Forever Toolbar - {707db484-2428-402d-afb5-d85b387544c7} - C:\Program Files (x86)\Mario_Forever\tbMar1.dll (Conduit Ltd.)

Toolbar: HKLM-x32 - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof0.dll (Conduit Ltd.)

Toolbar: HKLM-x32 - isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbiso1.dll (Conduit Ltd.)

Toolbar: HKLM-x32 - Games Bar 1 Toolbar - {bc04b34e-5dd8-465a-a5e0-86f7c11bc009} - C:\Program Files (x86)\Games_Bar_1\tbGame.dll (Conduit Ltd.)

Toolbar: HKLM-x32 - free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files (x86)\free-downloads.net\tbfre1.dll (Conduit Ltd.)

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Sicherheit\Avast neu\aswWebRepIE.dll No File

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKLM-x32 - Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.)

Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File

Toolbar: HKCU - No Name - {707DB484-2428-402D-AFB5-D85B387544C7} -  No File

Toolbar: HKCU - No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} -  No File

Toolbar: HKCU - No Name - {A6E4A4EB-D169-4E99-8988-250FCBAFE767} -  No File

Toolbar: HKCU - No Name - {BC04B34E-5DD8-465A-A5E0-86F7C11BC009} -  No File

Toolbar: HKCU - No Name - {ECDEE021-0D17-467F-A1FF-C7A115230949} -  No File

Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File

Toolbar: HKCU - No Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} -  No File

DPF: HKLM {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_x64_5.0.203.0.cab

DPF: HKLM-x32 {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-5/SmileyCreatorInitialSetup1.0.1.4.cab

DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} hxxp://www.superadblocker.com/activex/sabspx.cab

DPF: HKLM-x32 {C49134CC-B5EF-458C-A442-E8DFE7B4645F} hxxp://www.yoyogames.com/downloads/activex/YoYo.cab

DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{1A4D9296-FBEC-4C11-872D-72B4BBF700DE}: [NameServer]193.189.244.225 193.189.244.206
 

FireFox:

========

FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default

FF user.js: detected! => C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\user.js

FF Homepage: hxxp://www.google.de/

FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=2&CUI=UN71995909548713155&UM=1&sspv=TB_CH3&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.4.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 - C:\Program Files (x86)\Picasa2\npPicasa2.dll (Google, Inc.)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\******\AppData\Local\Roblox\Versions\version-bac2ef28b67142d0\\NPRobloxProxy.dll ( ROBLOX Corporation)

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

FF Extension: Battlefield Play4Free - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\battlefieldplay4free@ea.com

FF Extension: Winload Community Toolbar - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}

FF Extension: Mario Forever Community Toolbar - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{707db484-2428-402d-afb5-d85b387544c7}

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

FF Extension: PriceGong - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

FF Extension: Hotspot Shield  - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}

FF Extension: FoxLingo - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}

FF Extension: finder - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\finder@meingutscheincode.de.xpi

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{a27007d0-bec0-4df7-abf8-54ae0b833ce8}.xpi

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{BD4B37E6-7AE7-48d7-A2D7-6FF5775924AB}.xpi

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] D:\Sicherheit\Avast neu\WebRep\FF

FF Extension: avast! Online Security - D:\Sicherheit\Avast neu\WebRep\FF
 

Chrome: 

=======

CHR Extension: (PriceGong ) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.11

CHR Extension: (Iminent) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0
 

==================== Services (Whitelisted) =================
 

R2 avast! Antivirus; D:\Sicherheit\Avast neu\AvastSvc.exe [46808 2013-05-09] (AVAST Software)

R2 avast! Firewall; D:\Sicherheit\Avast neu\afwServ.exe [137960 2013-05-09] (AVAST Software)

R2 camsvc; C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [20544 2009-04-16] (TOSHIBA)

R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] ()

R2 Hamachi2Svc; C:\Users\******\Downloads\MC\Hamachi\hamachi-2.exe [2467664 2013-05-15] (LogMeIn Inc.)

R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [831272 2013-06-21] (AnchorFree Inc.)

S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-06-21] ()

R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-06-21] ()

R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-29] ()

R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)

R2 VMAuthdService; D:\Programme\VMware Player\vmware-authd.exe [87120 2013-02-26] (VMware, Inc.)

S2 Radio.fx; g:\Radio.fx\Server\rfx-server.exe [x]
 

==================== Drivers (Whitelisted) ====================
 

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)

R1 aswFW; C:\Windows\system32\drivers\aswFW.sys [131232 2013-05-09] (AVAST Software)

R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)

R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2010-09-07] (ALWIL Software)

R0 aswNdis2; C:\Windows\System32\drivers\aswNdis2.sys [270824 2013-05-09] (AVAST Software)

R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()

R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-28] (AVAST Software)

R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-28] (AVAST Software)

R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-28] ()

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-12-19] ()

S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.)

R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-06-21] (AnchorFree Inc.)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-12-19] ()

S1 SASDIFSV; D:\Sicherheit\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-06-16] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S1 SASDIFSV; D:\Sicherheit\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-06-16] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-08-15] (Duplex Secure Ltd.)

R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)

R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294232 2010-03-10] (Microsoft Corporation)

R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)

S3 WinRing0_1_2_0; D:\Programme\GMBoostA\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org)

S3 WinRing0_1_2_0; D:\Programme\GMBoostA\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org)

S3 ZDPSp50a64; C:\Windows\System32\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA))

S3 ZDPSp50a64; C:\Windows\SysWow64\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA))

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]

S1 SASKUTIL; \??\C:\Users\******\AppData\Local\Temp\SASKUTIL.SYS [x]

S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]

S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2013-07-02 17:44 - 2013-07-02 17:44 - 00000000 ____D C:\FRST

2013-07-02 17:41 - 2013-07-02 17:41 - 01933556 ____A (Farbar) C:\Users\******\Desktop\FRST64.exe

2013-07-02 17:38 - 2013-07-02 17:39 - 00000000 ____D C:\Users\******\AppData\Local\{3E729895-77B3-4A12-8835-710FC14D31D6}

2013-07-02 17:23 - 2013-07-02 17:23 - 00000308 ____A C:\Windows\PFRO.log

2013-07-01 18:57 - 2013-07-01 18:57 - 01304966 ____A C:\Users\******\Desktop\The Jumper.zip

2013-07-01 18:23 - 2013-07-01 18:23 - 00000000 ____D C:\Users\******\AppData\Roaming\Subversion

2013-06-30 17:56 - 2013-06-30 17:56 - 00000000 ____D C:\Users\******\AppData\Local\MoGasHorrorGame

2013-06-30 17:32 - 2013-06-30 17:43 - 00000220 ____A C:\Users\******\Desktop\Sovereign of the Skies---Bugs.txt

2013-06-30 15:58 - 2013-06-30 15:58 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield

2013-06-30 15:27 - 2013-06-30 15:27 - 00000000 ____D C:\Users\******\AppData\Local\GoreGame

2013-06-30 13:58 - 2013-06-30 13:58 - 00000000 ____D C:\Users\******\AppData\Local\{3643F645-315B-441E-9181-C7AB0D7759D6}

2013-06-30 13:07 - 2013-06-30 13:07 - 00000020 ____A C:\Users\******\defogger_reenable

2013-06-30 08:40 - 2013-05-09 10:59 - 00270824 ____A (AVAST Software) C:\Windows\System32\Drivers\aswNdis2.sys

2013-06-30 08:40 - 2013-05-09 10:59 - 00131232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFW.sys

2013-06-30 08:39 - 2013-06-30 08:39 - 00000829 ____A C:\Users\Public\Desktop\avast! Internet Security.lnk

2013-06-30 08:33 - 2013-07-02 17:23 - 00041634 ____A C:\Windows\setupact.log

2013-06-30 08:33 - 2013-06-30 08:33 - 00000000 ____A C:\Windows\setuperr.log

2013-06-29 16:41 - 2013-06-29 16:52 - 00000000 ____D C:\Users\******\Desktop\tääst

2013-06-29 09:43 - 2013-06-29 09:43 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Vorlagen

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Startmenü

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Netzwerkumgebung

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Lokale Einstellungen

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Eigene Dateien

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Druckumgebung

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Documents\Eigene Musik

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Documents\Eigene Bilder

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\AppData\Local\Verlauf

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\AppData\Local\Anwendungsdaten

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Anwendungsdaten

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Users\******\AppData\Local\Conduit

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Program Files (x86)\Hotspot_Shield

2013-06-29 09:43 - 2011-06-18 16:07 - 00000000 ____D C:\Users\fbwuser\Documents\Visual Studio 2010

2013-06-29 09:43 - 2011-03-28 10:38 - 00000000 ____D C:\Users\fbwuser\AppData\Roaming\Macromedia

2013-06-29 09:43 - 2011-03-28 10:38 - 00000000 ____D C:\Users\fbwuser\AppData\Local\Microsoft Help

2013-06-29 09:42 - 2013-06-29 09:43 - 00000009 ____A C:\END

2013-06-29 09:41 - 2013-06-29 10:40 - 00000000 ____D C:\ProgramData\Hotspot Shield

2013-06-29 09:40 - 2013-06-29 09:42 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield

2013-06-29 09:40 - 2013-06-29 09:40 - 00000000 ____D C:\Users\******\AppData\Roaming\Hotspot Shield

2013-06-28 22:32 - 2013-06-28 22:32 - 00000834 ____A C:\Users\Poop\Desktop\Build and Shoot Launcher.lnk

2013-06-28 22:32 - 2013-06-28 22:32 - 00000000 ____D C:\Users\******\AppData\Roaming\Build and Shoot

2013-06-28 21:51 - 2013-06-28 21:51 - 00000000 ___HD C:\Windows\AxInstSV

2013-06-28 18:15 - 2013-06-28 18:15 - 00000000 ____D C:\Users\******\AppData\Local\BeatBeast

2013-06-28 18:04 - 2013-06-30 15:14 - 00000000 ____D C:\Users\******\Documents\GameMaker

2013-06-28 18:01 - 2013-06-30 19:15 - 00000000 ____D C:\Users\******\AppData\Local\gamemaker_studio

2013-06-28 18:01 - 2013-06-28 18:01 - 00000000 ____D C:\ProgramData\gamemaker_studio

2013-06-28 17:44 - 2013-06-28 17:44 - 00000000 ____D C:\Users\******\AppData\Local\{C29F1754-7A67-45AA-9C72-6CEE4A8FD11E}

2013-06-28 16:03 - 2013-06-28 16:03 - 07033046 ____A C:\Users\******\Desktop\Pokemon - Smaragd-Edition.zip

2013-06-28 16:00 - 2013-06-28 16:00 - 06868618 ____A C:\Users\******\Desktop\Pokemon Emerald.zip

2013-06-28 15:49 - 2013-06-28 15:49 - 02179492 ____A C:\Users\******\Desktop\Pokemon Jupiter Release 6.04.zip

2013-06-28 14:31 - 2013-06-28 14:31 - 00000000 ____D C:\Users\******\AppData\Local\Macromedia

2013-06-28 14:05 - 2013-06-28 14:05 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum

2013-06-27 11:55 - 2013-06-28 14:05 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum

2013-06-27 11:55 - 2013-06-28 14:05 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum

2013-06-26 15:27 - 2013-06-26 15:42 - 00000000 ____D C:\ProgramData\SecTaskMan

2013-06-25 19:04 - 2013-06-29 00:01 - 00000000 ____D C:\Users\******\Desktop\__________

2013-06-23 19:34 - 2013-06-30 18:44 - 00000000 ____D C:\Users\******\AppData\Local\CrashDumps

2013-06-23 16:39 - 2013-06-23 16:39 - 00000000 ____D C:\Users\******\AppData\Local\TechSmith

2013-06-23 16:38 - 2013-06-23 16:38 - 00000000 ____D C:\Users\******\Documents\Camtasia Studio

2013-06-23 16:38 - 2013-06-23 16:38 - 00000000 ____D C:\Users\******\AppData\Roaming\TechSmith

2013-06-23 16:27 - 2013-06-23 16:27 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-06-23 16:26 - 2013-06-23 16:37 - 00000000 ____D C:\ProgramData\TechSmith

2013-06-23 16:04 - 2013-06-28 18:07 - 00000000 ____D C:\Users\******\Desktop\GameMaker

2013-06-23 15:55 - 2013-06-23 15:55 - 00000000 ____D C:\Users\******\AppData\Local\{A0E67DBB-ED2D-455A-8AC0-A05992EAAB33}

2013-06-23 11:04 - 2013-06-23 11:04 - 00300588 ____A C:\Users\******\Desktop\New-Foods.zip

2013-06-23 10:59 - 2013-06-23 10:59 - 00304746 ____A C:\Users\******\Desktop\mFC-1.2.1.jar

2013-06-23 10:46 - 2013-06-23 10:47 - 01485058 ____A C:\Users\******\Desktop\DokucraftCustomNPCs152a.zip

2013-06-22 11:01 - 2013-06-22 11:01 - 00097946 ____A C:\Users\******\Desktop\TooManyItems2013_04_25_1.5.2.zip

2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Oryqev

2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Ipefru

2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Egudh

2013-06-22 10:38 - 2013-06-22 10:38 - 00000000 ____D C:\Meine Webseiten

2013-06-22 00:36 - 2013-06-25 18:32 - 00000000 ____D C:\Users\******\Desktop\BBMM_mod_moga_funserver_now_getting_stuck_in_words

2013-06-21 23:58 - 2013-06-21 23:58 - 00124326 ____A C:\Users\******\Desktop\Building-Blocks-Mod-Maker-1.5.2.zip

2013-06-21 20:55 - 2013-06-21 20:56 - 00000000 ____D C:\Users\******\AppData\Local\{CBC200C2-D8A8-4ACE-AF9A-4C75C5170FCC}

2013-06-21 03:09 - 2013-06-21 03:09 - 00042184 ____A (Anchorfree Inc.) C:\Windows\System32\Drivers\taphss6.sys

2013-06-21 03:07 - 2013-06-21 03:07 - 00046792 ____A (AnchorFree Inc.) C:\Windows\System32\Drivers\hssdrv6.sys

2013-06-19 15:38 - 2013-06-21 23:51 - 00000000 ____D C:\Users\******\Desktop\_web

2013-06-17 19:42 - 2013-06-17 19:45 - 44926416 ____A (MediaFire) C:\Users\******\Downloads\MediaFireExpress-0.15.4.4888-windows.exe

2013-06-17 16:57 - 2013-06-17 16:58 - 00000000 ____D C:\Users\******\AppData\Local\{7EA94617-42A6-4CB0-ABC6-DDD4D843B570}

2013-06-15 21:32 - 2013-06-15 21:38 - 00000000 ____D C:\Users\******\AppData\Local\Roblox

2013-06-15 20:58 - 2013-06-15 20:58 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater

2013-06-14 20:34 - 2013-06-15 21:30 - 00000000 ____D C:\Users\******\Desktop\ForServer

2013-06-11 16:09 - 2013-06-11 16:10 - 00000000 ____D C:\Users\******\AppData\Roaming\Diciz

2013-06-11 16:09 - 2013-06-11 16:09 - 00000000 ____D C:\Users\******\AppData\Roaming\Inla

2013-06-09 16:17 - 2013-06-09 16:17 - 00000000 ____D C:\Users\******\Downloads\downloader

2013-06-09 15:38 - 2013-06-09 15:39 - 00000000 ____D C:\Users\******\AppData\Local\{C22A893A-6763-47E6-B71B-ABB5A0FDDCF3}

2013-06-08 20:30 - 2013-06-08 20:30 - 00000000 ____D C:\Users\******\.SquashOccurrences

2013-06-07 17:22 - 2013-06-07 17:22 - 00000000 ____D C:\Users\******\Documents\Paint.NET Benutzerdateien

2013-06-06 16:44 - 2013-06-06 16:44 - 00000000 ____D C:\Users\******\AppData\Local\{49A3F50F-7CBB-431B-B7D7-6E5C3166FCF7}

2013-06-04 20:06 - 2013-06-04 20:06 - 09915015 ____A C:\Users\******\Downloads\Windows_7_OEM_Toshiba_Themes_by_Domino333.rar

2013-06-02 19:08 - 2013-06-17 19:53 - 00000000 ____D C:\Users\******\AppData\Roaming\VistaStyleBuilder

2013-06-02 19:06 - 2012-09-09 14:22 - 02352095 ____A (PRO DESIGNER                                                ) C:\Users\******\Downloads\WSB Setup.exe

2013-06-02 13:56 - 2009-07-14 03:41 - 00332288 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll.backup

2013-06-02 13:55 - 2010-11-20 15:27 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll.backup

2013-06-02 13:55 - 2009-07-14 03:41 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\themeservice.dll.backup

2013-06-02 09:50 - 2013-06-02 09:50 - 00000000 ____D C:\Users\******\Documents\MAGIX Speed

2013-06-02 08:57 - 2013-06-02 08:57 - 00000132 ____A C:\Users\******\AppData\Roaming\Adobe PNG Format CS6 Prefs
 

==================== One Month Modified Files and Folders =======
 

2013-07-02 17:44 - 2013-07-02 17:44 - 00000000 ____D C:\FRST

2013-07-02 17:41 - 2013-07-02 17:41 - 01933556 ____A (Farbar) C:\Users\******\Desktop\FRST64.exe

2013-07-02 17:39 - 2013-07-02 17:38 - 00000000 ____D C:\Users\******\AppData\Local\{3E729895-77B3-4A12-8835-710FC14D31D6}

2013-07-02 17:33 - 2011-03-28 09:22 - 00010896 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-07-02 17:33 - 2011-03-28 09:22 - 00010896 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-07-02 17:30 - 2009-07-14 19:58 - 00701506 ____A C:\Windows\System32\perfh007.dat

2013-07-02 17:30 - 2009-07-14 19:58 - 00150336 ____A C:\Windows\System32\perfc007.dat

2013-07-02 17:30 - 2009-07-14 07:13 - 01621618 ____A C:\Windows\System32\PerfStringBackup.INI

2013-07-02 17:27 - 2012-09-28 17:41 - 00000000 ____D C:\Users\******\AppData\Roaming\Dropbox

2013-07-02 17:26 - 2011-11-08 16:33 - 00000000 ____D C:\Users\******\AppData\Local\LogMeIn Hamachi

2013-07-02 17:24 - 2013-05-04 15:57 - 00000000 ____D C:\ProgramData\VMware

2013-07-02 17:23 - 2013-07-02 17:23 - 00000308 ____A C:\Windows\PFRO.log

2013-07-02 17:23 - 2013-06-30 08:33 - 00041634 ____A C:\Windows\setupact.log

2013-07-02 17:23 - 2010-02-06 16:58 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-07-02 17:23 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-07-02 17:22 - 2013-01-15 17:27 - 01820291 ____A C:\Windows\WindowsUpdate.log

2013-07-02 17:21 - 2010-02-06 16:58 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-07-02 17:07 - 2011-08-12 14:21 - 00000000 ____D C:\Users\******\AppData\Local\Paint.NET

2013-07-02 16:54 - 2012-05-04 19:06 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-07-02 16:49 - 2013-01-28 18:26 - 00000000 ____D C:\Users\******\Desktop\Desktop_new

2013-07-01 18:57 - 2013-07-01 18:57 - 01304966 ____A C:\Users\******\Desktop\The Jumper.zip

2013-07-01 18:23 - 2013-07-01 18:23 - 00000000 ____D C:\Users\******\AppData\Roaming\Subversion

2013-06-30 19:15 - 2013-06-28 18:01 - 00000000 ____D C:\Users\******\AppData\Local\gamemaker_studio

2013-06-30 18:44 - 2013-06-23 19:34 - 00000000 ____D C:\Users\******\AppData\Local\CrashDumps

2013-06-30 18:32 - 2010-09-12 11:54 - 00000000 ____D C:\Users\******\Documents\MAGIX_MusicMaker16Premium

2013-06-30 17:56 - 2013-06-30 17:56 - 00000000 ____D C:\Users\******\AppData\Local\MoGasHorrorGame

2013-06-30 17:43 - 2013-06-30 17:32 - 00000220 ____A C:\Users\******\Desktop\Sovereign of the Skies---Bugs.txt

2013-06-30 15:58 - 2013-06-30 15:58 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield

2013-06-30 15:27 - 2013-06-30 15:27 - 00000000 ____D C:\Users\******\AppData\Local\GoreGame

2013-06-30 15:14 - 2013-06-28 18:04 - 00000000 ____D C:\Users\******\Documents\GameMaker

2013-06-30 13:58 - 2013-06-30 13:58 - 00000000 ____D C:\Users\******\AppData\Local\{3643F645-315B-441E-9181-C7AB0D7759D6}

2013-06-30 13:07 - 2013-06-30 13:07 - 00000020 ____A C:\Users\******\defogger_reenable

2013-06-30 13:07 - 2011-03-28 09:23 - 00000000 ____D C:\users\******

2013-06-30 10:02 - 2013-03-09 21:41 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack

2013-06-30 08:40 - 2011-04-09 18:52 - 00000000 ____A C:\Windows\SysWOW64\config.nt

2013-06-30 08:39 - 2013-06-30 08:39 - 00000829 ____A C:\Users\Public\Desktop\avast! Internet Security.lnk

2013-06-30 08:33 - 2013-06-30 08:33 - 00000000 ____A C:\Windows\setuperr.log

2013-06-30 08:33 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-06-29 17:20 - 2011-07-15 19:11 - 00000000 ____D C:\Users\******\.gimp-2.6

2013-06-29 16:55 - 2013-03-01 23:31 - 00000000 ____D C:\Users\******\AppData\Roaming\.minecraft

2013-06-29 16:52 - 2013-06-29 16:41 - 00000000 ____D C:\Users\******\Desktop\tääst

2013-06-29 10:40 - 2013-06-29 09:41 - 00000000 ____D C:\ProgramData\Hotspot Shield

2013-06-29 10:30 - 2013-02-02 11:55 - 00282104 ____A C:\Windows\SysWOW64\PnkBstrB.xtr

2013-06-29 10:30 - 2013-01-31 18:39 - 00282104 ____A C:\Windows\SysWOW64\PnkBstrB.exe

2013-06-29 10:29 - 2013-01-31 18:39 - 00234768 ____A C:\Windows\SysWOW64\PnkBstrB.ex0

2013-06-29 10:15 - 2013-01-31 18:39 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe

2013-06-29 09:43 - 2013-06-29 09:43 - 00000020 ___SH C:\Users\fbwuser\ntuser.ini

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Vorlagen

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Startmenü

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Netzwerkumgebung

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Lokale Einstellungen

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Eigene Dateien

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Druckumgebung

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Documents\Eigene Musik

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Documents\Eigene Bilder

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\AppData\Local\Verlauf

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\AppData\Local\Anwendungsdaten

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 __SHD C:\Users\fbwuser\Anwendungsdaten

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Users\******\AppData\Local\Conduit

2013-06-29 09:43 - 2013-06-29 09:43 - 00000000 ____D C:\Program Files (x86)\Hotspot_Shield

2013-06-29 09:43 - 2013-06-29 09:42 - 00000009 ____A C:\END

2013-06-29 09:42 - 2013-06-29 09:40 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield

2013-06-29 09:40 - 2013-06-29 09:40 - 00000000 ____D C:\Users\******\AppData\Roaming\Hotspot Shield

2013-06-29 00:01 - 2013-06-25 19:04 - 00000000 ____D C:\Users\******\Desktop\__________

2013-06-28 23:52 - 2013-03-09 22:24 - 00000000 ____D C:\Users\******\Documents\Abelssoft

2013-06-28 22:32 - 2013-06-28 22:32 - 00000834 ____A C:\Users\Poop\Desktop\Build and Shoot Launcher.lnk

2013-06-28 22:32 - 2013-06-28 22:32 - 00000000 ____D C:\Users\******\AppData\Roaming\Build and Shoot

2013-06-28 21:55 - 2013-02-02 11:20 - 00000000 ____D C:\Program Files (x86)\EA Games

2013-06-28 21:51 - 2013-06-28 21:51 - 00000000 ___HD C:\Windows\AxInstSV

2013-06-28 19:18 - 2012-07-30 15:14 - 00000000 ____D C:\Users\******\AppData\Local\Akamai

2013-06-28 18:15 - 2013-06-28 18:15 - 00000000 ____D C:\Users\******\AppData\Local\BeatBeast

2013-06-28 18:07 - 2013-06-23 16:04 - 00000000 ____D C:\Users\******\Desktop\GameMaker

2013-06-28 18:01 - 2013-06-28 18:01 - 00000000 ____D C:\ProgramData\gamemaker_studio

2013-06-28 17:44 - 2013-06-28 17:44 - 00000000 ____D C:\Users\******\AppData\Local\{C29F1754-7A67-45AA-9C72-6CEE4A8FD11E}

2013-06-28 16:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\spool

2013-06-28 16:03 - 2013-06-28 16:03 - 07033046 ____A C:\Users\******\Desktop\Pokemon - Smaragd-Edition.zip

2013-06-28 16:00 - 2013-06-28 16:00 - 06868618 ____A C:\Users\******\Desktop\Pokemon Emerald.zip

2013-06-28 15:49 - 2013-06-28 15:49 - 02179492 ____A C:\Users\******\Desktop\Pokemon Jupiter Release 6.04.zip

2013-06-28 14:55 - 2012-05-04 19:06 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-06-28 14:55 - 2011-06-12 17:07 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-06-28 14:31 - 2013-06-28 14:31 - 00000000 ____D C:\Users\******\AppData\Local\Macromedia

2013-06-28 14:29 - 2010-01-05 17:17 - 00000000 ____D C:\Users\******\AppData\Local\Adobe

2013-06-28 14:05 - 2013-06-28 14:05 - 00000175 ____A C:\Windows\System32\Drivers\aswVmm.sys.sum

2013-06-28 14:05 - 2013-06-27 11:55 - 00000175 ____A C:\Windows\System32\Drivers\aswSP.sys.sum

2013-06-28 14:05 - 2013-06-27 11:55 - 00000175 ____A C:\Windows\System32\Drivers\aswSnx.sys.sum

2013-06-28 14:05 - 2013-03-04 19:56 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys

2013-06-28 14:05 - 2011-04-09 18:52 - 01030952 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys

2013-06-28 14:05 - 2009-12-20 15:18 - 00378944 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys

2013-06-26 15:42 - 2013-06-26 15:27 - 00000000 ____D C:\ProgramData\SecTaskMan

2013-06-25 18:32 - 2013-06-22 00:36 - 00000000 ____D C:\Users\******\Desktop\BBMM_mod_moga_funserver_now_getting_stuck_in_words

2013-06-23 18:07 - 2013-05-04 13:56 - 00000000 ____D C:\Users\******\Desktop\midis

2013-06-23 16:39 - 2013-06-23 16:39 - 00000000 ____D C:\Users\******\AppData\Local\TechSmith

2013-06-23 16:38 - 2013-06-23 16:38 - 00000000 ____D C:\Users\******\Documents\Camtasia Studio

2013-06-23 16:38 - 2013-06-23 16:38 - 00000000 ____D C:\Users\******\AppData\Roaming\TechSmith

2013-06-23 16:37 - 2013-06-23 16:26 - 00000000 ____D C:\ProgramData\TechSmith

2013-06-23 16:27 - 2013-06-23 16:27 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-06-23 15:55 - 2013-06-23 15:55 - 00000000 ____D C:\Users\******\AppData\Local\{A0E67DBB-ED2D-455A-8AC0-A05992EAAB33}

2013-06-23 15:44 - 2010-01-01 20:09 - 00000000 ____D C:\Users\******\AppData\Roaming\U3

2013-06-23 15:42 - 2012-06-23 05:53 - 00000000 ____D C:\Users\******\AppData\Local\Windows Live

2013-06-23 11:04 - 2013-06-23 11:04 - 00300588 ____A C:\Users\******\Desktop\New-Foods.zip

2013-06-23 10:59 - 2013-06-23 10:59 - 00304746 ____A C:\Users\******\Desktop\mFC-1.2.1.jar

2013-06-23 10:47 - 2013-06-23 10:46 - 01485058 ____A C:\Users\******\Desktop\DokucraftCustomNPCs152a.zip

2013-06-22 11:01 - 2013-06-22 11:01 - 00097946 ____A C:\Users\******\Desktop\TooManyItems2013_04_25_1.5.2.zip

2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Oryqev

2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Ipefru

2013-06-22 11:01 - 2013-06-22 11:01 - 00000000 ____D C:\Users\******\AppData\Roaming\Egudh

2013-06-22 10:38 - 2013-06-22 10:38 - 00000000 ____D C:\Meine Webseiten

2013-06-22 07:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF

2013-06-21 23:58 - 2013-06-21 23:58 - 00124326 ____A C:\Users\******\Desktop\Building-Blocks-Mod-Maker-1.5.2.zip

2013-06-21 23:51 - 2013-06-19 15:38 - 00000000 ____D C:\Users\******\Desktop\_web

2013-06-21 20:56 - 2013-06-21 20:55 - 00000000 ____D C:\Users\******\AppData\Local\{CBC200C2-D8A8-4ACE-AF9A-4C75C5170FCC}

2013-06-21 03:09 - 2013-06-21 03:09 - 00042184 ____A (Anchorfree Inc.) C:\Windows\System32\Drivers\taphss6.sys

2013-06-21 03:07 - 2013-06-21 03:07 - 00046792 ____A (AnchorFree Inc.) C:\Windows\System32\Drivers\hssdrv6.sys

2013-06-17 19:53 - 2013-06-02 19:08 - 00000000 ____D C:\Users\******\AppData\Roaming\VistaStyleBuilder

2013-06-17 19:45 - 2013-06-17 19:42 - 44926416 ____A (MediaFire) C:\Users\******\Downloads\MediaFireExpress-0.15.4.4888-windows.exe

2013-06-17 16:58 - 2013-06-17 16:57 - 00000000 ____D C:\Users\******\AppData\Local\{7EA94617-42A6-4CB0-ABC6-DDD4D843B570}

2013-06-15 21:38 - 2013-06-15 21:32 - 00000000 ____D C:\Users\******\AppData\Local\Roblox

2013-06-15 21:30 - 2013-06-14 20:34 - 00000000 ____D C:\Users\******\Desktop\ForServer

2013-06-15 20:58 - 2013-06-15 20:58 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater

2013-06-15 18:46 - 2011-12-27 16:44 - 00000000 ____D C:\Users\******\AppData\Roaming\Skype

2013-06-15 17:32 - 2013-03-25 18:54 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-06-15 17:32 - 2011-12-27 16:44 - 00000000 ____D C:\ProgramData\Skype

2013-06-11 16:10 - 2013-06-11 16:09 - 00000000 ____D C:\Users\******\AppData\Roaming\Diciz

2013-06-11 16:09 - 2013-06-11 16:09 - 00000000 ____D C:\Users\******\AppData\Roaming\Inla

2013-06-10 19:54 - 2011-09-21 18:48 - 00000000 ____D C:\Users\******\AppData\Roaming\Sun

2013-06-10 19:51 - 2013-06-01 23:10 - 00000000 ____D C:\Users\******\Desktop\themes

2013-06-09 16:17 - 2013-06-09 16:17 - 00000000 ____D C:\Users\******\Downloads\downloader

2013-06-09 15:39 - 2013-06-09 15:38 - 00000000 ____D C:\Users\******\AppData\Local\{C22A893A-6763-47E6-B71B-ABB5A0FDDCF3}

2013-06-08 20:30 - 2013-06-08 20:30 - 00000000 ____D C:\Users\******\.SquashOccurrences

2013-06-07 17:22 - 2013-06-07 17:22 - 00000000 ____D C:\Users\******\Documents\Paint.NET Benutzerdateien

2013-06-07 15:24 - 2009-12-12 15:06 - 00000000 ____D C:\Users\******\AppData\Roaming\Adobe

2013-06-06 16:44 - 2013-06-06 16:44 - 00000000 ____D C:\Users\******\AppData\Local\{49A3F50F-7CBB-431B-B7D7-6E5C3166FCF7}

2013-06-04 20:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors

2013-06-04 20:06 - 2013-06-04 20:06 - 09915015 ____A C:\Users\******\Downloads\Windows_7_OEM_Toshiba_Themes_by_Domino333.rar

2013-06-03 19:33 - 2009-07-14 06:45 - 00475392 ____A C:\Windows\System32\FNTCACHE.DAT

2013-06-03 19:04 - 2012-06-25 18:26 - 00000000 ____D C:\tmp

2013-06-03 18:03 - 2011-03-28 12:27 - 00140336 ____A C:\Users\******\AppData\Local\GDIPFONTCACHEV1.DAT

2013-06-02 13:56 - 2011-04-22 08:25 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll

2013-06-02 13:56 - 2009-07-14 01:55 - 00332288 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll

2013-06-02 13:55 - 2009-07-14 01:54 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\themeservice.dll

2013-06-02 09:50 - 2013-06-02 09:50 - 00000000 ____D C:\Users\******\Documents\MAGIX Speed

2013-06-02 08:57 - 2013-06-02 08:57 - 00000132 ____A C:\Users\******\AppData\Roaming\Adobe PNG Format CS6 Prefs

2013-06-02 08:57 - 2013-06-01 08:35 - 00000000 ____D C:\Users\******\Desktop\magix_test
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2013-06-28 20:22
 

==================== End Of Log ============================

--- --- ---

ADDITION

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2013

Ran by ****** at 2013-07-02 17:46:28

Running from C:\Users\******\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

 Update for Microsoft Office 2007 (KB2508958) (x32)

Ace of Spades (x32 Version: 0.75.015)

Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0)

Activation Assistant for the 2007 Microsoft Office suites (x32)

Adobe AIR (x32 Version: 1.5.3.9120)

Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)

Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)

Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)

Adobe Shockwave Player 11.5 (x32 Version: 11.5.6.606)

Advanced Archive Password Recovery (HKCU Version: 4.53)

Akamai NetSession Interface (HKCU)

ALPS Touch Pad Driver (Version: 7.102.302.104)

AmazingMIDI (x32)

Angry Birds Rio (x32 Version: 1.2.2)

ANNO 1404 - Königsedition (x32 Version: 1.02.0000)

Apple Application Support (x32 Version: 2.2.2)

Apple Mobile Device Support (Version: 6.0.0.59)

Apple Software Update (x32 Version: 2.1.3.127)

ArcaniA - Gothic 4 (x32)

ArcaniA - Gothic 4 Hotfix (x32)

ArcaniA - Gothic 4 Patch (x32)

ATI Catalyst Install Manager (Version: 3.0.732.0)

Audacity 2.0.2 (x32 Version: 2.0.2)

Autodesk Backburner 2013.0.0 (x32 Version: 2013.0.0)

Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0)

Autodesk FBX 2013.3 Plug-in for Maya 2013 64-bit

Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit

Autodesk MatchMover 2013 64-bit (Version: 14.00.0000)

Autodesk Maya 2013 64-bit (Version: 15.0.0.0)

avast! Internet Security (x32 Version: 8.0.1489.0)

Battlefield Heroes

Battlefield Play4Free (x32)

Bing Bar (x32 Version: 7.0.850.0)

Black & White - Insel der Kreaturen (x32)

Black and White (x32)

Bloons Tower Defense 4 (x32)

Bonjour (Version: 3.0.0.10)

BrickForce 1.9.87 (x32 Version: 1.9.87)

Build and Shoot Launcher 1.1 (x32 Version: 1.1)

BumpTop (x32 Version: 2.1.6211)

Burger Shop 2 RebelMan (x32)

Call of Duty: Black Ops II (x32)

Camtasia Studio 8 (x32 Version: 8.0.4.1060)

Catalyst Control Center - Branding (x32 Version: 1.00.0000)

Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2238.38827)

Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2238.38827)

Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2238.38827)

Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2238.38827)

Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0729.2238.38827)

Catalyst Control Center InstallProxy (x32 Version: 2009.0421.2132.36832)

Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2238.38827)

Catalyst Control Center Localization All (x32 Version: 2009.0729.2238.38827)

CCC Help Chinese Standard (x32 Version: 2009.0729.2237.38827)

CCC Help Chinese Traditional (x32 Version: 2009.0729.2237.38827)

CCC Help Czech (x32 Version: 2009.0729.2237.38827)

CCC Help Danish (x32 Version: 2009.0729.2237.38827)

CCC Help Dutch (x32 Version: 2009.0729.2237.38827)

CCC Help English (x32 Version: 2009.0729.2237.38827)

CCC Help Finnish (x32 Version: 2009.0729.2237.38827)

CCC Help French (x32 Version: 2009.0729.2237.38827)

CCC Help German (x32 Version: 2009.0729.2237.38827)

CCC Help Greek (x32 Version: 2009.0729.2237.38827)

CCC Help Hungarian (x32 Version: 2009.0729.2237.38827)

CCC Help Italian (x32 Version: 2009.0729.2237.38827)

CCC Help Japanese (x32 Version: 2009.0729.2237.38827)

CCC Help Korean (x32 Version: 2009.0729.2237.38827)

CCC Help Norwegian (x32 Version: 2009.0729.2237.38827)

CCC Help Polish (x32 Version: 2009.0729.2237.38827)

CCC Help Portuguese (x32 Version: 2009.0729.2237.38827)

CCC Help Russian (x32 Version: 2009.0729.2237.38827)

CCC Help Spanish (x32 Version: 2009.0729.2237.38827)

CCC Help Swedish (x32 Version: 2009.0729.2237.38827)

CCC Help Thai (x32 Version: 2009.0729.2237.38827)

CCC Help Turkish (x32 Version: 2009.0729.2237.38827)

ccc-core-static (x32 Version: 2009.0729.2238.38827)

ccc-utility64 (Version: 2009.0729.2238.38827)

CCleaner (Version: 4.00)

Comic Life (x32 Version: 1.3.6)

Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)

Composite 2013 64-bit (Version: 8.0.0)

CraftBukkit (x32)

D3DX10 (x32 Version: 15.4.2368.0902)

Darkspore (x32)

Demolition, Inc. Demo (x32)

DJ Java Decompiler v.3.12.12.96 (x32 Version: 1.8)

Dropbox (HKCU Version: 2.0.22)

Dungeon Defenders Demo (x32)

DynaGeo (x32)

EA Download Manager UI (x32 Version: 6.0.0)

EA Download Manager UI (x32 Version: 6.0.0.113)

erLT (x32 Version: 1.20.0137)

Express Burn (x32)

Express Rip (x32)

Farm Craft 2: Global Vegetable Crisis (x32 Version: 2.2.0.95)

Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0)

FlatOut 2 (x32)

FlatOut: Ultimate Carnage (x32)

Fraps (remove only) (x32)

Free Audio Converter version 2.3.4.920 (x32)

Free Studio version 5.3.5 (x32 Version: 5.3.5)

Freecorder 2.3 (with Skype Call Recording) (x32)

free-downloads.net Toolbar (x32 Version: )

Games_Bar_1 Toolbar (x32 Version: )

G-Force (x32 Version: 3.9.3)

GIMP 2.6.11 (x32 Version: 2.6.11)

GlobFX Web Player (x32 Version: 1.0.8.0)

Google SketchUp 8 (x32 Version: 3.0.3196)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0)

Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)

Google Update Helper (x32 Version: 1.3.21.145)

Hot Wheels (x32 Version: 1.00.0000)

Hotspot Shield 3.09 (x32 Version: 3.09)

Hotspot Shield Toolbar (x32 Version: 6.13.3.505)

HxD Hex Editor Version 1.7.7.0 (x32 Version: 1.7.7.0)

HyperCam 3 (x32 Version: 3.4.1205.14)

iFunbox (v1.99.958.697), iFunbox DevTeam (x32 Version: v1.99.958.697)

Intel® Matrix Storage Manager

IrfanView (remove only) (x32 Version: 4.32)

isoHunt Toolbar (x32 Version: )

Java Auto Updater (x32 Version: 2.0.2.4)

Java(TM) 6 Update 23 (x32 Version: 6.0.230)

Java(TM) 6 Update 33 (64-bit) (Version: 6.0.330)

Java(TM) 7 Update 4 (64-bit) (Version: 7.0.40)

Java(TM) SE Development Kit 6 Update 33 (64-bit) (Version: 1.6.0.330)

Java(TM) SE Development Kit 7 Update 3 (64-bit) (Version: 1.7.0.30)

JavaFX 2.0.3 (64-bit) (Version: 2.0.3)

JavaFX 2.0.3 SDK (64-bit) (Version: 2.0.3)

JDownloader 0.9 (x32 Version: 0.9)

Juiced2_HIN (x32 Version: 1.00.0000)

Junk Mail filter update (x32 Version: 15.4.3502.0922)

K-Lite Codec Pack 6.0.4 (Basic) (x32 Version: 6.0.4)

KMP Modifier v2.1 (x32)

Kurvenprofi 5.1.1 (x32)

LEGO Creator (x32)

LEGO Rock Raiders (x32)

Logitech SetPoint 5.20 (Version: 5.20)

LogMeIn Hamachi (x32 Version: 2.1.0.362)

Magicka (x32)

MAGIX 3D Maker 7 (x32 Version: 7.0.0.476)

MAGIX Foto & Grafik Designer 7 (x32 Version: 7.1.2.17305)

MAGIX FunPix Maker 1.0.0.0 (D) (x32 Version: 1.0.0.0)

MAGIX Music Maker 16 Premium (x32 Version: 16.0.3.0)

MAGIX Screenshare (x32 Version: 4.3.6.1987)

MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)

MAGIX Video deluxe 17 Plus (x32 Version: 10.0.2.8)

Mario_Forever Toolbar (x32 Version: )

Media converter (x32)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)

Microsoft .NET Framework 4 Extended (Version: 4.0.30320)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30320)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 1.1.0324)

Microsoft Help Viewer 1.0 (Version: 1.0.30319)

Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)

Microsoft Office 2007 Service Pack 3 (SP3) (x32)

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)

Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)

Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Silverlight (Version: 5.1.20125.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1447.4)

Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)

Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)

Microsoft SQL Server System CLR Types (x32 Version: 10.50.1447.4)

Microsoft Virtual PC 2007 (Version: 6.0.156.0)

Microsoft Visual Basic 2010 Express - DEU (x32 Version: 10.0.30319)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (Version: 10.0.30319)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727)

Microsoft Visual J# 2.0 Redistributable Package (x32)

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.30319)

Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.30319)

Microsoft Works (x32 Version: 9.7.0621)

Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)

Microsoft_VC100_CRT_x86 (x32 Version: 1.0.0)

Microsoft® Winter Fun Pack 2004 for Windows® XP (x32 Version: 1.0.0)

Might and Magic Heroes VI Demo (x32)

Mixxx 1.10.1 (x32 Version: 1.10.1)

Mobile Partner (x32 Version: 16.002.03.03.511)

Morrowind (x32)

Mozilla Firefox 18.0.1 (x86 de) (x32 Version: 18.0.1)

Mozilla Firefox 21.0 (x86 de) (HKCU Version: 21.0)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB941833) (x32 Version: 4.20.9849.0)

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)

MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0)

MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)

MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)

MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)

MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)

MyFreeCodec (HKCU)

myphotobook 3.65 (x32 Version: 3.65)

Need for Speed Undeground 2 (x32 Version: 1.0)

Need for Speed Undeground 2 (x32)

Need for Speed(TM) Hot Pursuit (x32 Version: 1.0.0.0)

Need for Speed™ SHIFT (x32 Version: 1.0.0.0)

Need for Speed™ The Run (x32 Version: 1.0.0.0)

Neon (x32)

Next Generation Visualisations (x32 Version: 1.0.0)

NfS CarTuner (x32)

NFS Control Panel Update (HKCU)

NVIDIA PhysX (x32 Version: 9.10.0223)

O&O UnErase (Version: 4.1.1419)

OpenAL (x32)

OpenOffice.org 3.2 (x32 Version: 3.2.9483)

Origin (x32 Version: 8.3.7.3619)

Paint.NET v3.5.10 (Version: 3.60.0)

Philips Songbird (x32 Version: 2.0.1517 (1517))

Picasa 2 (x32 Version: 2.0)

Pizza Chef (x32 Version: 2.2.0.87)

Pizza Chef 2 (x32 Version: 2.2.0.95)

Plan it Green Deluxe (HKCU Version: 1.0.0)

PlayReady PC runtime (Version: 1)

Poket Script 1.2 (x32 Version: 1.2)

Portal: First Slice (x32)

PriceGong 2.6.11 (x32 Version: 2.6.11)

Prism Video Converter (x32)

Project64 1.6 (x32 Version: 1.6)

ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.13)

PunkBuster Services (x32 Version: 0.990)

Radio.fx (x32)

Razer Game Booster (x32 Version: 3.5.6.0)

Realtek 8136 8168 8169 Ethernet Driver (x32 Version: 1.00.0005)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.5904)

Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30101)

RGSS-RTP Standard (x32 Version: 1.0.0)

RHTE - Rom Hacking Tool Executer 1.00 (x32)

Risen (x32 Version: 1.00.0000)

Risen 2 - Dark Waters (x32)

ROBLOX Player for ****** (HKCU)

Saints Row: The Third (x32)

Samsung Kies (x32 Version: 2.5.0.12094_28)

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)

ScriptEditor2 (remove only) (x32)

Security Task Manager 1.8g (x32 Version: 1.8g)

ShopSpezial (x32)

Skype™ 6.5 (x32 Version: 6.5.158)

Softonic_Deutsch Toolbar (x32 Version: )

SoftSkies (x32 Version: 1.4.5)

SPORE™ (x32 Version: 1.00.0000)

Star Wars: The Force Unleashed (x32 Version: 1.0)

Steam (x32 Version: 1.0.0.0)

Stronghold 2 Deluxe (x32 Version: 1.40.100)

Stronghold 3 (x32)

Stronghold Legends (x32 Version: 1.20.0000)

SweetIM for Messenger 3.4 (x32 Version: 3.4.0005)

System.Data.SQLite v1.0.81.0 (x32 Version: 1.0.81.0)

SZS Modifier (x32 Version: 2.5.2)

Tablet Driver V5.02 (x32)

Tattoo Manager 0.1 (x32)

Team Fortress 2 (x32)

TES Construction Set (x32)

Text-To-Speech-Runtime (x32 Version: 1.0.0.0)

The Elder Scrolls V: Skyrim (x32)

The Sims(TM) 3 (x32)

TI Connect 1.6 (x32 Version: 1.6)

Toshiba Assist (x32 Version: 3.00.08)

TOSHIBA Benutzerhandbücher (x32 Version: 7.40)

TOSHIBA ConfigFree (x32 Version: 8.0.23)

TOSHIBA Disc Creator (Version: 2.1.0.1 for x64)

TOSHIBA DVD PLAYER (x32 Version: 3.01.0.11-AU)

TOSHIBA eco Utility (Version: 1.0.3.64)

TOSHIBA eco Utility (x32 Version: 1.0.3.64)

TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)

TOSHIBA Extended Tiles for Windows Mobility Center (x32 Version: )

TOSHIBA Face Recognition (Version: 3.0.5.64)

TOSHIBA Face Recognition (x32 Version: 3.0.5.64)

TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.3C)

TOSHIBA Hardware Setup (x32 Version: 1.63.0.6C)

TOSHIBA HDD/SSD Alert (Version: 3.0.64.1)

TOSHIBA HDD/SSD Alert (x32 Version: 3.0.64.1)

Toshiba Online Product Information (x32 Version: 2.06.0000)

TOSHIBA PC Health Monitor (Version: 1.3.2.64)

TOSHIBA Recovery Disc Creator (Version: 2.0.0.2 for x64)

TOSHIBA Recovery Disk Creator Reminder (x32 Version: 1.00.0017)

TOSHIBA SD Memory Utilities (Version: 1.9.1.12)

TOSHIBA Service Station (x32 Version: 2.0.26)

TOSHIBA Supervisor Password (x32 Version: 1.63.0.3C)

TOSHIBA Supervisorkennwort (x32 Version: 1.63.0.3C)

TOSHIBA Value Added Package (Version: 1.2.28.64)

TOSHIBA Value Added Package (x32 Version: 1.2.28.64)

TOSHIBA Web Camera Application (x32 Version: 1.0.1.8)

TRORDCLauncher (x32 Version: 1.0.0.6)

Update for 2007 Microsoft Office System (KB967642) (x32)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)

Update für Microsoft Office Excel 2007 Help (KB963678) (x32)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)

Update für Microsoft Office Word 2007 Help (KB963665) (x32)

Update Installer for WildTangent Games App (x32)

User's Guides (Version: 1.20.0000)

Utility Common Driver (x32 Version: 1.0.50.27C)

Utility support driver (x32 Version: 1.0.25.5)

VideoPad Video Editor (x32)

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (x32 Version: 4.0.8080.0)

VMware Player (Version: 5.0.2)

VMware Player (x32 Version: 5.0.2)

VP6 Decoder (x32)

Wettlauf ins All (x32)

WhiteCap (x32 Version: 5.0.5)

WIFI Max (x32)

Wiggles (x32)

WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.14)

WildTangent-Spiele (x32 Version: 1.0.1.5)

WindowBlinds (x32 Version: 7.40)

Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (Version: 06/11/2009 1.0.0.0)

Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (Version: 09/02/2009 1.0.0.1)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3555.0308)

Windows Live Family Safety (Version: 15.4.3555.0308)

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live ID-Anmelde-Assistent (Version: 6.500.3165.0)

Windows Live Installer (x32 Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3555.0308)

Windows Live Mail (x32 Version: 15.4.3502.0922)

Windows Live Messenger (x32 Version: 15.4.3538.0513)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (x32 Version: 15.4.3502.0922)

Windows Live Photo Common (x32 Version: 15.4.3502.0922)

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)

Windows Live SOXE (x32 Version: 15.4.3502.0922)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)

Windows Live Sync (x32 Version: 14.0.8117.416)

Windows Live UX Platform (x32 Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)

Windows Live Writer (x32 Version: 15.4.3502.0922)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

Windows Style Builder 1.5 (x32 Version: 1.5)

WinHTTrack Website Copier 3.47-19 (x64) (Version: 3.47.19)

Winload Toolbar (x32 Version: )

WinRAR

Yahoo! Software Update (x32)

Yahoo! Toolbar (x32)

YouTube Song Downloader (x32 Version: 8.2)

ZPanel VC 64 (x32)

ZPanelX 10.0.2 (x32)

ZyDAS IEEE 802.11 b+g Wireless LAN - USB (x32)
 

==================== Restore Points  =========================
 

29-06-2013 07:40:51 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst

29-06-2013 07:42:07 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter

30-06-2013 10:46:41 Removed Apple Software Update
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {077841D7-DAC2-4A3A-9DEF-93741E4DC2CB} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\Freetec\SystemStore\SoftwareUpdater.Ui.exe No File

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {111A754A-6A09-42B7-88F6-3EB311EE189E} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Programme\GMBoostA\AutoUpdate.exe No File

Task: {13461A44-7EB1-48E1-BABC-CDA251E9CB9B} - System32\Tasks\Install => C:\Windows\SysWOW64\Macromed\Shockwave 10\nssstub.exe [2010-05-02] (Symantec Corporation)

Task: {1670FA5B-2273-4355-A142-378C4A57F728} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)

Task: {1A59F86D-717A-4957-AC84-AA617DB57E44} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2009-09-03] (TOSHIBA CORPORATION)

Task: {2820250B-ABDA-4B1E-984D-66E62386CB1D} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2009-07-14] (Microsoft Corp.)

Task: {2E13D2FF-2628-4849-BED3-B212618B8A1E} - System32\Tasks\avast! Emergency Update => C:\Sicherheit\Avast neu\AvastEmUpdate.exe No File

Task: {3F2BD938-CD2F-451B-A2D6-08D7CF0F5F5C} - System32\Tasks\CCleanerSkipUAC => C:\Sicherheit\Ccleaner(neu)\CCleaner\CCleaner.exe No File

Task: {56AB1A49-7616-47D1-9F66-0D497B705F29} - System32\Tasks\Software Updater => C:\Program Files (x86)\Freetec\SystemStore\SoftwareUpdater.Bootstrapper.exe No File

Task: {5B453F03-C74F-4398-9E97-2A2D6C839081} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)

Task: {5D1B1D38-5713-4AD1-97E5-633E9451CCE5} - System32\Tasks\4826 => C:\Windows\System32\wscript.exe [2009-07-14] (Microsoft Corporation)

Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs No File

Task: {77D65C5D-AB35-422D-AC0E-A891AD540C93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06] (Google Inc.)

Task: {79DCAAB4-AD2F-4AAE-93A2-2F43BDCA90BA} - System32\Tasks\{6DC66FDF-E7D1-4928-BB25-D3A1E47026F0} => C:\Programmieren\The Game Creators\Dark Basic Pro Free\Dark Basic Pro\Launch.exe No File

Task: {81134FAB-BAD2-406B-A261-3148998DC2A0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

Task: {930EF296-481D-45E6-BCFB-9066CBABAFEE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {A1C94C61-0C78-41AF-8BE9-BC3EA7530C41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06] (Google Inc.)

Task: {A7BF9746-4951-406E-BD09-52B7A2425BEB} - System32\Tasks\0 => C:\program files (x86)\internet explorer\iexplore.exe [2013-02-02] (Microsoft Corporation)

Task: {AC0F6C9F-710D-48FD-A150-7206E8D460B4} - System32\Tasks\{A08A9954-0A22-4C6E-9630-5CCBDF21782E} => C:\Program Files\MAGIX\MusicMaker16Premium\MusicMaker.exe No File

Task: {B9AE6DEA-E626-4B17-AFE6-EC21362276AA} - System32\Tasks\{EED82BC9-D4FF-4873-8D38-0B045512F49E} => C:\Program Files\MAGIX\MusicMaker16Premium\MusicMaker.exe No File

Task: {BC232E36-6F2B-478F-B317-F6CD74B9B445} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)

Task: {BFBD7D8B-89CC-4042-9A76-65D990526FF2} - System32\Tasks\{51D469C6-C830-4BBE-9E99-1F034310AFF5} => C:\Program Files\MAGIX\MusicMaker16Premium\MusicMaker.exe No File

Task: {CC0A5E0E-CF25-4800-8542-0DDAE88BC02E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-28] (Adobe Systems Incorporated)

Task: {D1EC2531-90F8-410D-A480-9CFE07FDDF52} - System32\Tasks\{60D517B7-DA51-4815-A263-655441ABCF99} => C:\Programme\Spore\Sporebin\SporeApp.exe No File

Task: {D4B05EBC-47F6-40E0-95F0-341A936F86EB} - System32\Tasks\{3EE4F6BF-B678-4F88-86DA-DA547CC07C71} => C:\Program Files\MAGIX\MusicMaker16Premium\MusicMaker.exe No File

Task: {E552502E-599F-4415-9D9D-175897ED54EA} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2010-11-20] (Microsoft Corporation)

Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs No File

Task: {F6686699-C25F-45AE-888B-71070B6586DC} - System32\Tasks\{0B57A645-0801-4F7D-8747-C5FF09D6941D} => C:\Program Files\MAGIX\MusicMaker16Premium\MusicMaker.exe No File

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\Install.job => C:\Windows\SysWOW64\Macromed\Shockwave 10\nssstub.exe
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/02/2013 05:41:12 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
 

Error: (07/02/2013 05:41:01 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
 

Error: (07/02/2013 05:37:56 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
 

Error: (07/02/2013 05:37:43 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
 

Error: (07/02/2013 05:37:38 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
 

Error: (07/02/2013 05:37:26 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
 

Error: (07/02/2013 05:35:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
 

Error: (07/02/2013 05:35:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
 

Error: (07/02/2013 05:35:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
 

Error: (07/02/2013 05:35:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Fehler beim Hinzufügen des Zertifikats zu Drittanbieter-Stammzertifizierungsstellen. Fehler: Zugriff verweigert
 
 

System errors:

=============

Error: (07/02/2013 05:28:30 PM) (Source: WMPNetworkSvc) (User: )

Description: WMPNetworkSvc0x80070006
 

Error: (07/02/2013 05:27:49 PM) (Source: DCOM) (User: )

Description: C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\agent.exe -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}
 

Error: (07/02/2013 05:25:34 PM) (Source: DCOM) (User: )

Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe -Embedding740{E9513610-F218-4DDA-B954-2C7E6BA7CABB}
 

Error: (07/02/2013 05:24:58 PM) (Source: Service Control Manager) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

SASDIFSV

SASKUTIL
 

Error: (07/02/2013 05:24:28 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Radio.fx Server" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (07/02/2013 05:23:38 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "WWAN - automatische Konfiguration" wurde mit folgendem Fehler beendet: 

%%5
 

Error: (07/02/2013 05:23:34 PM) (Source: atikmdag) (User: )

Description: Display is not active
 

Error: (07/02/2013 05:23:34 PM) (Source: atikmdag) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (07/02/2013 05:23:20 PM) (Source: Application Popup) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\D:\Sicherheit\SUPERAntiSpyware\SASDIFSV.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (07/02/2013 04:52:37 PM) (Source: WMPNetworkSvc) (User: )

Description: WMPNetworkSvc0x80070006
 
 

Microsoft Office Sessions:

=========================

Error: (10/06/2011 09:01:29 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.
 

Error: (12/02/2010 07:57:34 PM) (Source: Microsoft Office 12 Sessions)(User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.
 
 

CodeIntegrity Errors:

===================================

  Date: 2011-01-01 12:28:35.473

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-01-01 12:28:35.349

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-01-01 12:28:35.146

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-01-01 12:28:35.005

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-01-01 12:28:32.814

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\x64\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-01-01 12:28:32.720

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\x64\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-01-01 12:28:32.564

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\x64\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-01-01 12:28:32.346

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\x64\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-01-01 12:28:31.347

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2011-01-01 12:28:31.269

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Sicherheit\Avast neu\Setup\INF\aswSP.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 74%

Total physical RAM: 3036.87 MB

Available physical RAM: 777.07 MB

Total Pagefile: 6071.06 MB

Available Pagefile: 2880.48 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB
 

==================== Drives ================================
 

Drive c: (Windows7) (Fixed) (Total:149.04 GB) (Free:15.46 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]

Drive d: (;P ******) (Fixed) (Total:147.58 GB) (Free:0.23 GB) NTFS (Disk=0 Partition=3)

Drive e: (NFSMW) (CDROM) (Total:2.1 GB) (Free:0 GB) UDF
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 7878FC96)

Partition 1: (Not Active) - (Size=1 GB) - (Type=27)

Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=148 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Wenn ich was falsch gemacht habe, hier sind die Dateien nochmal zum Download:
Anhang 57323
Anhang 57322

MFG --- MoGa
[www.youtube.com/user/0moga0]

Guten Mittag,
:dankeschoen: erstmal, dass du mir so geholfen hast!
Mein Rechner wurde von einigen Ordnern und Dateien befreit, besitpielsweise 'MyWebSearchFunProduct' (oder so ähnlich), welche ich nicht deinstallieren konnte.
Ausserdem habe ich hier dir log-Datei:

Code:

ComboFix 13-07-07.01 - ****** 07.07.2013  12:51:06.1.2 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3037.1612 [GMT 2:00]

ausgeführt von:: c:\users\******\Desktop\ComboFix.exe

AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}

SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\FunWebProducts

c:\program files (x86)\MyWebSearch

c:\program files (x86)\MyWebSearch\bar\Settings\s_pid.dat

c:\users\******\AppData\Roaming\BouncyCastle.Crypto.dll

c:\users\******\AppData\Roaming\Game_Maker.exe

c:\users\******\AppData\Roaming\Inla

c:\users\******\AppData\Roaming\Inla\luqoh.nih

c:\users\******\AppData\Roaming\Ionic.Zip.Reduced.dll

c:\users\******\AppData\Roaming\Ipefru

c:\users\******\AppData\Roaming\Ipefru\vipe.ocl

c:\users\******\AppData\Roaming\libeay32.dll

c:\users\******\AppData\Roaming\Love

c:\users\******\AppData\Roaming\Love\mari0\options.txt

c:\users\******\AppData\Roaming\OfferBox

c:\users\******\AppData\Roaming\OfferBox\config.xml

c:\users\******\AppData\Roaming\Oryqev

c:\users\******\AppData\Roaming\Oryqev\myiwo.exe

c:\windows\Downloaded Program Files\f3initialsetup1.0.1.4.inf

c:\windows\IsUn0407.exe

c:\windows\SysWow64\frapsvid.dll

D:\install.exe

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_DCService.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-06-07 bis 2013-07-07  ))))))))))))))))))))))))))))))

.

.

2013-07-07 11:03 . 2013-07-07 11:03        --------        d-----w-        c:\users\Poop\AppData\Local\temp

2013-07-07 11:03 . 2013-07-07 11:03        --------        d-----w-        c:\users\Default\AppData\Local\temp

2013-07-05 19:53 . 2013-07-05 19:53        --------        d-----w-        c:\users\******\AppData\Local\GORETEST

2013-07-03 20:19 . 2013-07-03 20:20        --------        d-----w-        c:\users\******\AppData\Local\street racing

2013-07-03 10:19 . 2013-07-03 10:19        --------        d-----w-        c:\users\******\AppData\Local\ZshooterZ

2013-07-02 15:44 . 2013-07-02 15:44        --------        d-----w-        C:\FRST

2013-07-01 16:23 . 2013-07-01 16:23        --------        d-----w-        c:\users\******\AppData\Roaming\Subversion

2013-06-30 15:56 . 2013-06-30 15:56        --------        d-----w-        c:\users\******\AppData\Local\MoGasHorrorGame

2013-06-30 13:58 . 2013-06-30 13:58        --------        d-----w-        c:\windows\SysWow64\Hotspot Shield

2013-06-30 13:27 . 2013-06-30 13:27        --------        d-----w-        c:\users\******\AppData\Local\GoreGame

2013-06-30 06:40 . 2013-05-09 08:59        270824        ----a-w-        c:\windows\system32\drivers\aswNdis2.sys

2013-06-30 06:40 . 2013-05-09 08:59        131232        ----a-w-        c:\windows\system32\drivers\aswFW.sys

2013-06-29 07:43 . 2013-06-29 07:43        --------        d-----w-        c:\program files (x86)\Hotspot_Shield

2013-06-29 07:43 . 2013-06-29 07:43        --------        d-----w-        c:\users\******\AppData\Local\Conduit

2013-06-29 07:42 . 2013-06-29 07:43        --------        d-----w-        c:\users\fbwuser

2013-06-29 07:41 . 2013-06-29 08:40        --------        d-----w-        c:\programdata\Hotspot Shield

2013-06-29 07:40 . 2013-06-29 07:42        --------        d-----w-        c:\program files (x86)\Hotspot Shield

2013-06-29 07:40 . 2013-06-29 07:40        --------        d-----w-        c:\users\******\AppData\Roaming\Hotspot Shield

2013-06-28 20:32 . 2013-06-28 20:32        --------        d-----w-        c:\users\******\AppData\Roaming\Build and Shoot

2013-06-28 19:51 . 2013-06-28 19:51        --------        d--h--w-        c:\windows\AxInstSV

2013-06-28 16:15 . 2013-06-28 16:15        --------        d-----w-        c:\users\******\AppData\Local\BeatBeast

2013-06-28 16:01 . 2013-06-30 17:15        --------        d-----w-        c:\users\******\AppData\Local\gamemaker_studio

2013-06-28 16:01 . 2013-06-28 16:01        --------        d-----w-        c:\programdata\gamemaker_studio

2013-06-28 12:31 . 2013-06-28 12:31        --------        d-----w-        c:\users\******\AppData\Local\Macromedia

2013-06-26 13:27 . 2013-06-26 13:42        --------        d-----w-        c:\programdata\SecTaskMan

2013-06-23 17:34 . 2013-07-02 21:23        --------        d-----w-        c:\users\******\AppData\Local\CrashDumps

2013-06-23 14:39 . 2013-06-23 14:39        --------        d-----w-        c:\users\******\AppData\Local\TechSmith

2013-06-23 14:38 . 2013-06-23 14:38        --------        d-----w-        c:\users\******\AppData\Roaming\TechSmith

2013-06-23 14:27 . 2013-06-23 14:27        --------        d-----w-        c:\program files (x86)\QuickTime

2013-06-23 14:27 . 2013-06-23 14:27        --------        d-----w-        c:\program files (x86)\Common Files\TechSmith Shared

2013-06-23 14:26 . 2013-06-23 14:37        --------        d-----w-        c:\programdata\TechSmith

2013-06-22 09:01 . 2013-06-22 09:01        --------        d-----w-        c:\users\******\AppData\Roaming\Egudh

2013-06-22 08:38 . 2013-06-22 08:38        --------        d-----w-        C:\Meine Webseiten

2013-06-21 01:09 . 2013-06-21 01:09        42184        ----a-w-        c:\windows\system32\drivers\taphss6.sys

2013-06-21 01:07 . 2013-06-21 01:07        46792        ----a-w-        c:\windows\system32\drivers\hssdrv6.sys

2013-06-15 19:32 . 2013-06-15 19:38        --------        d-----w-        c:\users\******\AppData\Local\Roblox

2013-06-15 18:58 . 2013-06-15 18:58        --------        d-----w-        c:\program files (x86)\SoftwareUpdater

2013-06-11 14:09 . 2013-06-11 14:10        --------        d-----w-        c:\users\******\AppData\Roaming\Diciz

2013-06-08 18:30 . 2013-06-08 18:30        --------        d-----w-        c:\users\******\.SquashOccurrences

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-07-02 16:17 . 2013-02-02 09:55        282104        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr

2013-07-02 16:17 . 2013-01-31 16:39        282104        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe

2013-07-02 16:17 . 2013-01-31 16:39        234768        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0

2013-06-29 08:15 . 2013-01-31 16:39        76888        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe

2013-06-28 12:55 . 2012-05-04 17:06        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2013-06-28 12:55 . 2011-06-12 15:07        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-28 12:05 . 2013-03-04 17:56        189936        ----a-w-        c:\windows\system32\drivers\aswVmm.sys

2013-06-28 12:05 . 2011-04-09 16:52        1030952        ----a-w-        c:\windows\system32\drivers\aswSnx.sys

2013-06-28 12:05 . 2009-12-20 13:18        378944        ----a-w-        c:\windows\system32\drivers\aswSP.sys

2013-06-19 13:05 . 2010-03-09 19:03        165232        ---ha-w-        c:\users\******\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll

2013-06-02 11:56 . 2009-07-13 23:55        332288        ----a-w-        c:\windows\system32\uxtheme.dll

2013-06-02 11:56 . 2011-04-22 06:25        2851840        ----a-w-        c:\windows\system32\themeui.dll

2013-06-02 11:55 . 2009-07-13 23:54        44544        ----a-w-        c:\windows\system32\themeservice.dll

2013-05-18 09:45 . 2012-11-04 17:19        466456        ----a-w-        c:\windows\system32\wrap_oal.dll

2013-05-18 09:45 . 2012-11-04 17:19        122904        ----a-w-        c:\windows\system32\OpenAL32.dll

2013-05-18 09:45 . 2012-11-04 17:19        444952        ----a-w-        c:\windows\SysWow64\wrap_oal.dll

2013-05-18 09:45 . 2012-11-04 17:19        109080        ----a-w-        c:\windows\SysWow64\OpenAL32.dll

2013-05-09 08:59 . 2013-03-04 17:56        65336        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys

2013-05-09 08:59 . 2012-03-14 16:27        72016        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys

2013-05-09 08:59 . 2009-12-20 13:18        64288        ----a-w-        c:\windows\system32\drivers\aswTdi.sys

2013-05-09 08:59 . 2012-07-21 06:13        22600        ----a-w-        c:\windows\system32\drivers\aswKbd.sys

2013-05-09 08:59 . 2009-12-20 13:18        80816        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys

2013-05-09 08:59 . 2009-12-20 13:18        33400        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys

2013-05-09 08:58 . 2011-01-01 11:25        41664        ----a-w-        c:\windows\avastSS.scr

2013-05-09 08:58 . 2011-01-16 12:15        287840        ----a-w-        c:\windows\system32\aswBoot.exe

2013-05-08 15:37 . 2010-11-09 20:29        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\program files (x86)\Winload\tbWinl.dll" [2010-03-17 2355224]

"{707db484-2428-402d-afb5-d85b387544c7}"= "c:\program files (x86)\Mario_Forever\tbMar1.dll" [2010-04-04 2349080]

"{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}"= "c:\program files (x86)\Softonic_Deutsch\tbSof0.dll" [2010-05-30 2515552]

"{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "c:\program files (x86)\isoHunt\tbiso1.dll" [2010-05-09 2515552]

"{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}"= "c:\program files (x86)\Games_Bar_1\tbGame.dll" [2009-12-31 2349080]

"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files (x86)\free-downloads.net\tbfre1.dll" [2010-03-07 2349080]

"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files (x86)\Hotspot_Shield\prxtbHots.dll" [2013-06-18 231712]

.

[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]

.

[HKEY_CLASSES_ROOT\clsid\{707db484-2428-402d-afb5-d85b387544c7}]

.

[HKEY_CLASSES_ROOT\clsid\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}]

.

[HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]

.

[HKEY_CLASSES_ROOT\clsid\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}]

.

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

.

[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]

2013-03-04 08:13        454496        ----a-w-        c:\program files (x86)\PriceGong\2.6.11\PriceGongIE.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}]

2010-03-17 14:45        2355224        ----a-w-        c:\program files (x86)\Winload\tbWinl.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{707db484-2428-402d-afb5-d85b387544c7}]

2010-04-04 14:45        2349080        ----a-w-        c:\program files (x86)\Mario_Forever\tbMar1.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}]

2010-05-30 11:16        2515552        ----a-w-        c:\program files (x86)\Softonic_Deutsch\tbSof0.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]

2010-05-09 13:37        2515552        ----a-w-        c:\program files (x86)\isoHunt\tbiso1.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}]

2009-12-31 10:53        2349080        ----a-w-        c:\program files (x86)\Games_Bar_1\tbGame.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]

2013-06-18 11:54        231712        ----a-w-        c:\program files (x86)\Hotspot_Shield\prxtbHots.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]

2010-03-07 14:15        2349080        ----a-w-        c:\program files (x86)\free-downloads.net\tbfre1.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]

2013-06-21 00:19        233288        ----a-w-        c:\program files (x86)\Hotspot Shield\HssIE\HssIE.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\program files (x86)\Winload\tbWinl.dll" [2010-03-17 2355224]

"{707db484-2428-402d-afb5-d85b387544c7}"= "c:\program files (x86)\Mario_Forever\tbMar1.dll" [2010-04-04 2349080]

"{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}"= "c:\program files (x86)\Softonic_Deutsch\tbSof0.dll" [2010-05-30 2515552]

"{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "c:\program files (x86)\isoHunt\tbiso1.dll" [2010-05-09 2515552]

"{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}"= "c:\program files (x86)\Games_Bar_1\tbGame.dll" [2009-12-31 2349080]

"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files (x86)\free-downloads.net\tbfre1.dll" [2010-03-07 2349080]

"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files (x86)\Hotspot_Shield\prxtbHots.dll" [2013-06-18 231712]

.

[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]

.

[HKEY_CLASSES_ROOT\clsid\{707db484-2428-402d-afb5-d85b387544c7}]

.

[HKEY_CLASSES_ROOT\clsid\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}]

.

[HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]

.

[HKEY_CLASSES_ROOT\clsid\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}]

.

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

.

[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36        130736        ----a-w-        c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36        130736        ----a-w-        c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36        130736        ----a-w-        c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 163328]

"SUPERAntiSpyware"="d:\sicherheit\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" [2011-08-01 2424192]

"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-05-16 213936]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-05 39408]

"ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-05-16 213936]

"Akamai NetSession Interface"="c:\users\******\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]

"KiesPreload"="d:\programme\Kies\Kies\Kies.exe" [2012-12-03 967608]

"KiesAirMessage"="d:\programme\Kies\Kies\KiesAirMessage.exe" [2012-11-01 577536]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"TWebCamera"="%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun" [X]

"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]

"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]

"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2008-11-21 438272]

"TrayServer"="d:\progra~4\MAGIX\VIDEO_~1\TrayServer.exe" [2008-08-07 90112]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304]

"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 86960]

"WTClient"="WTClient.exe" [2009-10-30 32768]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"avast"="d:\sicherheit\Avast neu\avastUI.exe" [2013-05-09 4858968]

"KiesTrayAgent"="d:\programme\Kies\Kies\KiesTrayAgent.exe" [2012-12-03 309688]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"LogMeIn Hamachi Ui"="c:\users\******\Downloads\MC\Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]

.

c:\users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

SetPointII.lnk - d:\programme\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-2-24 391072]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

R1 SASDIFSV;SASDIFSV;d:\sicherheit\SUPERAntiSpyware\SASDIFSV.SYS;d:\sicherheit\SUPERAntiSpyware\SASDIFSV.SYS [x]

R1 SASKUTIL;SASKUTIL;c:\users\******\AppData\Local\Temp\SASKUTIL.SYS;c:\users\******\AppData\Local\Temp\SASKUTIL.SYS [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 Radio.fx;Radio.fx Server;g:\radio.fx\Server\rfx-server.exe;g:\radio.fx\Server\rfx-server.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]

R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]

R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]

R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]

R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]

R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimHid.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]

R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WinRing0_1_2_0;WinRing0_1_2_0;d:\programme\GMBoostA\Driver\WinRing0x64.sys;d:\programme\GMBoostA\Driver\WinRing0x64.sys [x]

R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(1).sys [x]

R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(2).sys [x]

R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(3).sys [x]

R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(4).sys [x]

R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(5).sys [x]

R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]

R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]

R3 ZDPSp50a64;ZDPSp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\ZDPSp50a64.sys;c:\windows\SYSNATIVE\Drivers\ZDPSp50a64.sys [x]

R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S0 aswKbd;aswKbd; [x]

S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]

S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys;c:\windows\SYSNATIVE\drivers\aswNdis2.sys [x]

S0 aswRvrt;aswRvrt; [x]

S0 aswVmm;aswVmm; [x]

S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]

S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]

S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]

S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys;c:\windows\SYSNATIVE\drivers\aswFW.sys [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]

S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 avast! Firewall;avast! Firewall;d:\sicherheit\Avast neu\afwServ.exe;d:\sicherheit\Avast neu\afwServ.exe [x]

S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]

S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]

S2 camsvc;TOSHIBA Web Camera Service;c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [x]

S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]

S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [x]

S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]

S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\users\******\Downloads\MC\Hamachi\hamachi-2.exe;c:\users\******\Downloads\MC\Hamachi\hamachi-2.exe [x]

S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]

S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]

S2 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]

S2 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]

S2 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]

S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]

S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]

S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]

S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]

S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]

.

.

Inhalt des "geplante Tasks" Ordners

.

2013-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 12:55]

.

2013-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06 14:57]

.

2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-06 14:57]

.

2010-05-03 c:\windows\Tasks\Install.job

- c:\windows\SysWOW64\Macromed\Shockwave 10\nssstub.exe [2010-05-02 10:56]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58        133840        ----a-w-        d:\sicherheit\Avast neu\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36        164016        ----a-w-        c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36        164016        ----a-w-        c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36        164016        ----a-w-        c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36        164016        ----a-w-        c:\users\******\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-03-29 238592]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]

"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" [2009-04-23 1128448]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.de/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local;<local>

IE: Free YouTube Download - c:\users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

TCP: Interfaces\{1A4D9296-FBEC-4C11-872D-72B4BBF700DE}: NameServer = 193.189.244.225 193.189.244.206

DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-5/SmileyCreatorInitialSetup1.0.1.4.cab

DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/downloads/activex/YoYo.cab

FF - ProfilePath - c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=2&CUI=UN71995909548713155&UM=1&sspv=TB_CH3&q=

FF - ExtSQL: 2013-06-29 09:43; {c95a4e8e-816d-4655-8c79-d736da1adb6d}; c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}

FF - ExtSQL: 2013-07-02 18:42; battlefieldheroespatcher@ea.com; c:\users\******\AppData\Roaming\Mozilla\Firefox\Profiles\rkbvm93b.default\extensions\battlefieldheroespatcher@ea.com

FF - ExtSQL: !HIDDEN! 2011-03-28 09:47; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - user.js: extensions.delta.tlbrSrchUrl - 

FF - user.js: extensions.delta.id - 200572fa000000000000001e655330ed

FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

FF - user.js: extensions.delta.instlDay - 15769

FF - user.js: extensions.delta.vrsn - 1.8.10.0

FF - user.js: extensions.delta.vrsni - 1.8.10.0

FF - user.js: extensions.delta.vrsnTs - 1.8.10.019:23

FF - user.js: extensions.delta.prtnrId - delta

FF - user.js: extensions.delta.prdct - delta

FF - user.js: extensions.delta.aflt - babsst

FF - user.js: extensions.delta.smplGrp - none

FF - user.js: extensions.delta.tlbrId - base

FF - user.js: extensions.delta.instlRef - sst

FF - user.js: extensions.delta.dfltLng - en

FF - user.js: extensions.delta.excTlbr - false

FF - user.js: extensions.delta.admin - false

FF - user.js: extensions.delta.autoRvrt - false

FF - user.js: extensions.delta.rvrt - false

FF - user.js: extensions.delta.newTab - false

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Wow6432Node-HKCU-Run-Steam - h:\b\Steam\steam.exe

Wow6432Node-HKCU-Run-rfxsrvtray - g:\radio.fx\\Client\rfx-tray.exe

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Radio.fx.LNK - g:\radio.fx\Client\rfx-client.exe

WebBrowser-{40C3CC16-7269-4B32-9531-17F2950FB06F} - (no file)

WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)

WebBrowser-{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - (no file)

WebBrowser-{A6E4A4EB-D169-4E99-8988-250FCBAFE767} - (no file)

WebBrowser-{BC04B34E-5DD8-465A-A5E0-86F7C11BC009} - (no file)

WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file)

WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file)

HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe

HKLM-Run-TPCHWMsg - c:\program files (x86)\TOSHIBA\TPHM\TPCHWMsg.exe

HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe

HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe

HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-Burger Shop 2 RebelMan - g:\b\Burger Shop 2-\Uninstall.exe

AddRemove-Call of Duty: Black Ops II_is1 - g:\b\Others\Call of Duty Black Ops II\game\unins000.exe

AddRemove-LEGO Creator - c:\windows\IsUn0407.exe

AddRemove-LEGO Rock Raiders - c:\windows\IsUn0407.exe

AddRemove-Steam App 12360 - g:\d\steam undead working!!\steam.exe

AddRemove-Steam App 201680 - g:\b\backup steam\STEAM UNDEAD\steam.exe

AddRemove-Steam App 2990 - g:\d\steam undead working!!\steam.exe

AddRemove-Steam App 40390 - g:\b\Steam\steam.exe

AddRemove-Steam App 410 - g:\b\backup steam\STEAM UNDEAD\steam.exe

AddRemove-Steam App 42910 - h:\d\steam undead working!!\steam.exe

AddRemove-Steam App 440 - g:\b\Steam\steam.exe

AddRemove-Steam App 47400 - h:\d\steam undead working!!\steam.exe

AddRemove-Steam App 47890 - g:\d\steam undead working!!\steam.exe

AddRemove-Steam App 48280 - g:\b\backup steam\STEAM UNDEAD\steam.exe

AddRemove-Steam App 55230 - g:\b\Steam\steam.exe

AddRemove-Steam App 72850 - h:\b\Steam\steam.exe

AddRemove-Steam App 98610 - g:\b\backup steam\STEAM UNDEAD\steam.exe

AddRemove-Steam App 99890 - g:\d\steam undead working!!\steam.exe

AddRemove-WTTLIA - c:\windows\IsUn0407.exe

AddRemove-{22BB0352-8E48-430C-85CC-F996BF51D2E7}_is1 - d:\programme\Schulisch_BITTER\Kurvenprofi\unins000.exe

AddRemove-GTA Control Panel - c:\users\******\Downloads\WR2\new mods\looedl\Uninstal_ControlPanel.exe

AddRemove-Plan it Green Deluxe - d:\programme\PlaanItGreen\Plan it Green Deluxe\GameInstlr.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]

"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]

"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-1621164656-1320583164-626291356-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:b9,b9,62,b3,11,34,2e,36,16,09,b9,01,5c,2e,08,2a,96,4c,94,3d,77,e7,09,

   4e,2f,62,61,46,1c,53,1f,15,5d,92,92,5e,b3,f1,0f,90,62,3f,af,93,2a,70,19,52,\

"??"=hex:a1,41,7b,2c,e5,89,a5,e9,45,ea,3c,31,82,31,ad,53

.

[HKEY_USERS\S-1-5-21-1621164656-1320583164-626291356-1000\Software\SecuROM\License information*]

"datasecu"=hex:71,0d,8e,45,8a,03,0a,67,33,83,dd,77,64,b0,a8,41,72,5f,86,f7,29,

   3e,16,c3,bb,9f,f5,00,de,66,dd,fb,af,40,03,c7,52,1a,d1,29,7c,01,1f,44,31,c0,\

"rkeysecu"=hex:f5,cb,cd,eb,11,4d,03,55,f4,88,e6,2a,33,cb,5b,50

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2633873~31bf3856ad364e35~amd64~~6.1.1.0]

@DACL=(02 0000)

"ApplicabilityState"=dword:00000070

"CurrentState"=dword:00000000

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2640148~31bf3856ad364e35~amd64~~6.1.2.0]

@DACL=(02 0000)

"ApplicabilityState"=dword:00000070

"CurrentState"=dword:00000000

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2645640~31bf3856ad364e35~amd64~~6.1.1.0]

@DACL=(02 0000)

"ApplicabilityState"=dword:00000070

"CurrentState"=dword:00000000

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2647516~31bf3856ad364e35~amd64~~9.4.1.0]

@DACL=(02 0000)

"ApplicabilityState"=dword:00000070

"CurrentState"=dword:00000000

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2654428~31bf3856ad364e35~amd64~~6.1.1.0]

@DACL=(02 0000)

"ApplicabilityState"=dword:00000070

"CurrentState"=dword:00000000

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2660075~31bf3856ad364e35~amd64~~6.1.1.0]

@DACL=(02 0000)

"ApplicabilityState"=dword:00000070

"CurrentState"=dword:00000000

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2660465~31bf3856ad364e35~amd64~~6.1.1.2]

@DACL=(02 0000)

"ApplicabilityState"=dword:00000070

"CurrentState"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Weitere laufende Prozesse ------------------------

.

d:\sicherheit\Avast neu\AvastSvc.exe

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

c:\windows\SysWOW64\vmnat.exe

c:\windows\System32\Drivers\WTSRV.EXE

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

d:\programme\VMware Player\vmware-authd.exe

c:\windows\SysWOW64\vmnetdhcp.exe

c:\program files (x86)\Hotspot Shield\bin\hsscp.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2013-07-07  13:14:30 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2013-07-07 11:14

.

Vor Suchlauf: 28 Verzeichnis(se), 14.154.043.392 Bytes frei

Nach Suchlauf: 37 Verzeichnis(se), 13.515.296.768 Bytes frei

.

- - End Of File - - 618BA7B129EF8771B54F8E334B5ADF28

A36C5E4F47E84449FF07ED3517B43A31

WAS ZUM TEUFEL HABE ICH DA FÜR PROGRAMME DRAUF? - Ich glaub da muss ich noch schimpfen -.-

Naja egal...

Wie immer ist mein Benutzer mit ****** unkenntlich gemacht.
Und falls es Probleme geben sollte, hier auch nochmal als Download:
Anhang 57571
Log.txt

MFG --- MoGa
[www.youtube.com/user/0moga0]