Plötzlich nur noch weißer Bildschirm auf laptop - Frst.text erstellt

casimero · 16.07.2013, 14:26

Hallo, ich habe auch das Problem mit einem weißen Bildschirm auf meinem Laptop. Maus lässt sich zwar noch bewegen, allerdings komme ich nicht mehr zum Desktop. Habe nach Eurer Anleitung einen Scan gemacht. Hier die Ergebnisse. Könnt Ihr mir mit der Auswertung weiterhelfen?

Danke vorab...

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-07-2013 02
Ran by SYSTEM on 16-07-2013 14:30:04
Running from H:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - %ProgramFiles%\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [bazoo SHIVA BS Gaming Mouse] - "C:\Program Files (x86)\Vivanco\bazoo SHIVA BS Gaming Mouse\Panel.exe" [1103656 2010-10-07] ()
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKU\Carsten Appel\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-11-25] (Google Inc.)
HKU\Carsten Appel\...\Run: [Spotify Web Helper] - "C:\Users\Carsten Appel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1104384 2013-07-14] (Spotify Ltd)
HKU\Carsten Appel\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\CARSTE~1\AppData\Local\Temp\rvyxwwivxnwmgyayy.exe [53248 2013-07-16] (NVIDIA Corporation) <===== ATTENTION
HKU\Carsten Appel\...\Winlogon: [Shell] cmd.exe [344576 2009-07-14] (Microsoft Corporation) <==== ATTENTION
HKU\Carsten Appel\...\Command Processor: "C:\Users\CARSTE~1\AppData\Local\Temp\rvyxwwivxnwmgyayy.exe" <===== ATTENTION!
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Services (Whitelisted) =================

S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2012\MXSAS.exe [181248 2011-09-09] (MAGIX AG)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-03-28] (Wajam)

==================== Drivers (Whitelisted) ====================

S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2011-08-20] ()
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
S0 DiskSec; C:\Windows\System32\Drivers\DiskSec.sys [27616 2009-09-23] (MAGIX)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-19] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-19] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-10-22] (Symantec Corporation)
S3 GMFilter Filter; C:\Windows\System32\Drivers\GMFilter.sys [52080 2009-06-04] (Game)
S3 GMFilter Filter; C:\Windows\SysWow64\Drivers\GMFilter.sys [27648 2009-06-04] (Game)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2011-08-20] ()
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-11] (RapidSolution Software AG)
S3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-11] (RapidSolution Software AG)
S1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-02] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
S3 cpuz135; \??\C:\Users\CARSTE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-07-16 14:29 - 2013-07-16 14:29 - 00000000 ____D C:\FRST
2013-07-16 12:02 - 2013-07-16 12:02 - 01084709 _____ C:\Users\Carsten Appel\AppData\Roaming\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084682 _____ C:\Users\Carsten Appel\AppData\Local\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084668 _____ C:\ProgramData\2433f433
2013-06-19 16:25 - 2013-06-19 16:25 - 00045568 _____ C:\Users\Carsten Appel\Desktop\Vereine Cycling.pub
2013-06-19 15:37 - 2013-06-19 15:37 - 00030208 _____ C:\Users\Carsten Appel\Desktop\Vereine.pub
2013-06-19 12:07 - 2013-06-19 12:07 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iTunes
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iPod
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-19 11:47 - 2013-06-19 11:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-19 11:47 - 2013-06-19 11:47 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

==================== One Month Modified Files and Folders =======

2013-07-16 14:29 - 2013-07-16 14:29 - 00000000 ____D C:\FRST
2013-07-16 13:19 - 2011-03-01 22:59 - 01523300 _____ C:\Windows\WindowsUpdate.log
2013-07-16 13:19 - 2010-11-25 17:10 - 00654188 _____ C:\Windows\System32\perfh007.dat
2013-07-16 13:19 - 2010-11-25 17:10 - 00130028 _____ C:\Windows\System32\perfc007.dat
2013-07-16 13:19 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\System32\PerfStringBackup.INI
2013-07-16 13:17 - 2012-11-14 08:08 - 00118464 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2013-07-16 13:16 - 2013-06-04 09:34 - 00001920 _____ C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job
2013-07-16 13:16 - 2013-06-04 09:34 - 00001214 _____ C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2013-07-16 13:16 - 2013-06-04 09:34 - 00001210 _____ C:\Windows\Tasks\Plus-HD-2.6-updater.job
2013-07-16 13:16 - 2013-06-04 09:34 - 00001114 _____ C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2013-07-16 13:16 - 2011-10-16 09:19 - 00000294 _____ C:\Windows\Tasks\MxTray.job
2013-07-16 13:16 - 2011-05-29 08:42 - 00107652 _____ C:\Windows\setupact.log
2013-07-16 13:16 - 2010-11-25 08:36 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-16 13:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-16 13:07 - 2009-07-14 05:45 - 00013664 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-16 13:07 - 2009-07-14 05:45 - 00013664 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-16 13:00 - 2010-11-25 08:36 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-16 12:22 - 2012-06-08 00:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-16 12:02 - 2013-07-16 12:02 - 01084709 _____ C:\Users\Carsten Appel\AppData\Roaming\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084682 _____ C:\Users\Carsten Appel\AppData\Local\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084668 _____ C:\ProgramData\2433f433
2013-07-16 08:03 - 2011-03-01 23:03 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C36CCD86-CE80-4756-998F-44F4CD6B2052}
2013-07-15 22:55 - 2010-11-25 08:36 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-15 22:55 - 2010-11-25 08:36 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-15 22:48 - 2011-05-29 08:41 - 00397166 _____ C:\Windows\PFRO.log
2013-07-15 12:11 - 2011-06-03 19:32 - 00000000 ____D C:\Users\Carsten Appel\AppData\Local\CrashDumps
2013-07-14 21:05 - 2013-03-17 20:35 - 00000000 ____D C:\Users\Carsten Appel\AppData\Roaming\Spotify
2013-07-13 09:14 - 2013-03-17 20:38 - 00000000 ____D C:\Users\Carsten Appel\AppData\Local\Spotify
2013-07-10 11:23 - 2011-05-28 23:57 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-09 23:56 - 2011-10-16 09:24 - 00000476 _____ C:\Windows\Tasks\Java(TM) Platform SE Auto Updater 2 0 MAGIX PCCT.job
2013-07-09 23:00 - 2011-10-16 09:24 - 00000466 _____ C:\Windows\Tasks\Adobe Reader and Acrobat Manager MAGIX PCCT.job
2013-07-08 10:46 - 2013-04-25 22:18 - 00000000 _____ C:\END
2013-07-03 09:20 - 2011-05-26 16:39 - 00000000 ____D C:\ProgramData\Norton
2013-07-03 09:15 - 2012-03-19 08:07 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-06-25 12:15 - 2011-03-01 23:08 - 00000000 ___HD C:\Users\Carsten Appel\AppData\Local\Google
2013-06-23 23:33 - 2013-05-21 08:08 - 00256249 _____ C:\test.xml
2013-06-19 16:25 - 2013-06-19 16:25 - 00045568 _____ C:\Users\Carsten Appel\Desktop\Vereine Cycling.pub
2013-06-19 15:37 - 2013-06-19 15:37 - 00030208 _____ C:\Users\Carsten Appel\Desktop\Vereine.pub
2013-06-19 12:07 - 2013-06-19 12:07 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iTunes
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iPod
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-19 11:48 - 2013-06-19 11:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-19 11:47 - 2013-06-19 11:47 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

Files to move or delete:
====================
C:\ProgramData\27gb.bat
C:\ProgramData\27gb.pad
C:\ProgramData\27gb.reg

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-06-30 18:00:38
Restore point made on: 2013-07-07 22:46:14
Restore point made on: 2013-07-10 11:23:24
Restore point made on: 2013-07-14 18:00:40

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 3950.1 MB
Available physical RAM: 3323.7 MB
Total Pagefile: 3948.25 MB
Available Pagefile: 3318.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.29 GB) (Free:307.21 GB) NTFS (Disk=0 Partition=3)
Drive d: () (Fixed) (Total:465.76 GB) (Free:148.24 GB) NTFS (Disk=1 Partition=1)
Drive f: (Recovery) (Fixed) (Total:13.37 GB) (Free:0.76 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
Drive g: (20110310_113231) (CDROM) (Total:7.24 GB) (Free:0 GB) CDFS
Drive h: (USB DISK) (Removable) (Total:1.86 GB) (Free:1.85 GB) FAT (Disk=2 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6DFD231A)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7340D1FD)
Partition 1: (Not Active) - (Size=466 GB) - (Type=OF Extended)

========================================================
Disk: 2 (Size: 2 GB) (Disk ID: 23C70E4B)
Partition 1: (Not Active) - (Size=2 GB) - (Type=0E)

LastRegBack: 2013-07-14 20:06

==================== End Of Log ============================

M-K-D-B · 16.07.2013, 14:28

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Bei Anzeichen von illegaler Software wird der Support ohne Diskussion eingestellt.
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Ich habe dein Thema in Arbeit und melde mich so schnell wie möglich mit weiteren Anweisungen.

M-K-D-B · 16.07.2013, 14:32

Servus,

Schritt 1 sollte den Rechner entsperren.
Schritt 2 im normalen Modus ausführen.

Schritt 1
Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
HKU\Carsten Appel\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\CARSTE~1\AppData\Local\Temp\rvyxwwivxnwmgyayy.exe [53248 2013-07-16] (NVIDIA Corporation) <===== ATTENTION
HKU\Carsten Appel\...\Winlogon: [Shell] cmd.exe [344576 2009-07-14] (Microsoft Corporation) <==== ATTENTION
HKU\Carsten Appel\...\Command Processor: "C:\Users\CARSTE~1\AppData\Local\Temp\rvyxwwivxnwmgyayy.exe" <===== ATTENTION!
2013-07-16 12:02 - 2013-07-16 12:02 - 01084709 _____ C:\Users\Carsten Appel\AppData\Roaming\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084682 _____ C:\Users\Carsten Appel\AppData\Local\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084668 _____ C:\ProgramData\2433f433
C:\Users\Carsten Appel\AppData\Local\Temp\rvyxwwivxnwmgyayy.exe
C:\ProgramData\27gb.bat
C:\ProgramData\27gb.pad
C:\ProgramData\27gb.reg
end

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Schritt 2
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die beiden neuen Logdateien von FRST im normalen Modus.

casimero · 16.07.2013, 15:15

Oh, danke schon mal für die schnelle Antwort. Hier nun nochmal die Angaben in korrigierter Form...

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-07-2013 02
Ran by SYSTEM on 16-07-2013 14:30:04
Running from H:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3  [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - %ProgramFiles%\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [bazoo SHIVA BS Gaming Mouse] - "C:\Program Files (x86)\Vivanco\bazoo SHIVA BS Gaming Mouse\Panel.exe" [1103656 2010-10-07] ()
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKU\Carsten Appel\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-11-25] (Google Inc.)
HKU\Carsten Appel\...\Run: [Spotify Web Helper] - "C:\Users\Carsten Appel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1104384 2013-07-14] (Spotify Ltd)
HKU\Carsten Appel\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\CARSTE~1\AppData\Local\Temp\rvyxwwivxnwmgyayy.exe [53248 2013-07-16] (NVIDIA Corporation) <===== ATTENTION
HKU\Carsten Appel\...\Winlogon: [Shell] cmd.exe [344576 2009-07-14] (Microsoft Corporation) <==== ATTENTION 
HKU\Carsten Appel\...\Command Processor: "C:\Users\CARSTE~1\AppData\Local\Temp\rvyxwwivxnwmgyayy.exe" <===== ATTENTION!
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Services (Whitelisted) =================

S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2012\MXSAS.exe [181248 2011-09-09] (MAGIX AG)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-03-28] (Wajam)

==================== Drivers (Whitelisted) ====================

S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2011-08-20] ()
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
S0 DiskSec; C:\Windows\System32\Drivers\DiskSec.sys [27616 2009-09-23] (MAGIX)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-19] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-19] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-10-22] (Symantec Corporation)
S3 GMFilter Filter; C:\Windows\System32\Drivers\GMFilter.sys [52080 2009-06-04] (Game)
S3 GMFilter Filter; C:\Windows\SysWow64\Drivers\GMFilter.sys [27648 2009-06-04] (Game)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2011-08-20] ()
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-11] (RapidSolution Software AG)
S3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-11] (RapidSolution Software AG)
S1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-02] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
S3 cpuz135; \??\C:\Users\CARSTE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-16 14:29 - 2013-07-16 14:29 - 00000000 ____D C:\FRST
2013-07-16 12:02 - 2013-07-16 12:02 - 01084709 _____ C:\Users\Carsten Appel\AppData\Roaming\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084682 _____ C:\Users\Carsten Appel\AppData\Local\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084668 _____ C:\ProgramData\2433f433
2013-06-19 16:25 - 2013-06-19 16:25 - 00045568 _____ C:\Users\Carsten Appel\Desktop\Vereine Cycling.pub
2013-06-19 15:37 - 2013-06-19 15:37 - 00030208 _____ C:\Users\Carsten Appel\Desktop\Vereine.pub
2013-06-19 12:07 - 2013-06-19 12:07 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iTunes
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iPod
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-19 11:47 - 2013-06-19 11:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-19 11:47 - 2013-06-19 11:47 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

==================== One Month Modified Files and Folders =======

2013-07-16 14:29 - 2013-07-16 14:29 - 00000000 ____D C:\FRST
2013-07-16 13:19 - 2011-03-01 22:59 - 01523300 _____ C:\Windows\WindowsUpdate.log
2013-07-16 13:19 - 2010-11-25 17:10 - 00654188 _____ C:\Windows\System32\perfh007.dat
2013-07-16 13:19 - 2010-11-25 17:10 - 00130028 _____ C:\Windows\System32\perfc007.dat
2013-07-16 13:19 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\System32\PerfStringBackup.INI
2013-07-16 13:17 - 2012-11-14 08:08 - 00118464 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2013-07-16 13:16 - 2013-06-04 09:34 - 00001920 _____ C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job
2013-07-16 13:16 - 2013-06-04 09:34 - 00001214 _____ C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2013-07-16 13:16 - 2013-06-04 09:34 - 00001210 _____ C:\Windows\Tasks\Plus-HD-2.6-updater.job
2013-07-16 13:16 - 2013-06-04 09:34 - 00001114 _____ C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2013-07-16 13:16 - 2011-10-16 09:19 - 00000294 _____ C:\Windows\Tasks\MxTray.job
2013-07-16 13:16 - 2011-05-29 08:42 - 00107652 _____ C:\Windows\setupact.log
2013-07-16 13:16 - 2010-11-25 08:36 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-16 13:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-16 13:07 - 2009-07-14 05:45 - 00013664 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-16 13:07 - 2009-07-14 05:45 - 00013664 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-16 13:00 - 2010-11-25 08:36 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-16 12:22 - 2012-06-08 00:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-16 12:02 - 2013-07-16 12:02 - 01084709 _____ C:\Users\Carsten Appel\AppData\Roaming\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084682 _____ C:\Users\Carsten Appel\AppData\Local\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084668 _____ C:\ProgramData\2433f433
2013-07-16 08:03 - 2011-03-01 23:03 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C36CCD86-CE80-4756-998F-44F4CD6B2052}
2013-07-15 22:55 - 2010-11-25 08:36 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-15 22:55 - 2010-11-25 08:36 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-15 22:48 - 2011-05-29 08:41 - 00397166 _____ C:\Windows\PFRO.log
2013-07-15 12:11 - 2011-06-03 19:32 - 00000000 ____D C:\Users\Carsten Appel\AppData\Local\CrashDumps
2013-07-14 21:05 - 2013-03-17 20:35 - 00000000 ____D C:\Users\Carsten Appel\AppData\Roaming\Spotify
2013-07-13 09:14 - 2013-03-17 20:38 - 00000000 ____D C:\Users\Carsten Appel\AppData\Local\Spotify
2013-07-10 11:23 - 2011-05-28 23:57 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-09 23:56 - 2011-10-16 09:24 - 00000476 _____ C:\Windows\Tasks\Java(TM) Platform SE Auto Updater 2 0 MAGIX PCCT.job
2013-07-09 23:00 - 2011-10-16 09:24 - 00000466 _____ C:\Windows\Tasks\Adobe Reader and Acrobat Manager MAGIX PCCT.job
2013-07-08 10:46 - 2013-04-25 22:18 - 00000000 _____ C:\END
2013-07-03 09:20 - 2011-05-26 16:39 - 00000000 ____D C:\ProgramData\Norton
2013-07-03 09:15 - 2012-03-19 08:07 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-06-25 12:15 - 2011-03-01 23:08 - 00000000 ___HD C:\Users\Carsten Appel\AppData\Local\Google
2013-06-23 23:33 - 2013-05-21 08:08 - 00256249 _____ C:\test.xml
2013-06-19 16:25 - 2013-06-19 16:25 - 00045568 _____ C:\Users\Carsten Appel\Desktop\Vereine Cycling.pub
2013-06-19 15:37 - 2013-06-19 15:37 - 00030208 _____ C:\Users\Carsten Appel\Desktop\Vereine.pub
2013-06-19 12:07 - 2013-06-19 12:07 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iTunes
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iPod
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-19 11:48 - 2013-06-19 11:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-19 11:47 - 2013-06-19 11:47 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

Files to move or delete:
====================
C:\ProgramData\27gb.bat
C:\ProgramData\27gb.pad
C:\ProgramData\27gb.reg

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-06-30 18:00:38
Restore point made on: 2013-07-07 22:46:14
Restore point made on: 2013-07-10 11:23:24
Restore point made on: 2013-07-14 18:00:40

==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 3950.1 MB
Available physical RAM: 3323.7 MB
Total Pagefile: 3948.25 MB
Available Pagefile: 3318.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.29 GB) (Free:307.21 GB) NTFS (Disk=0 Partition=3)
Drive d: () (Fixed) (Total:465.76 GB) (Free:148.24 GB) NTFS (Disk=1 Partition=1)
Drive f: (Recovery) (Fixed) (Total:13.37 GB) (Free:0.76 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
Drive g: (20110310_113231) (CDROM) (Total:7.24 GB) (Free:0 GB) CDFS
Drive h: (USB DISK) (Removable) (Total:1.86 GB) (Free:1.85 GB) FAT (Disk=2 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6DFD231A)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7340D1FD)
Partition 1: (Not Active) - (Size=466 GB) - (Type=OF Extended)

========================================================
Disk: 2 (Size: 2 GB) (Disk ID: 23C70E4B)
Partition 1: (Not Active) - (Size=2 GB) - (Type=0E)


LastRegBack: 2013-07-14 20:06

==================== End Of Log ============================

--- --- ---

--- --- ---

[/CODE]

So, habe die Schritte nun soweit ausgeführt.

Schritt 1:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-07-2013 02
Ran by SYSTEM at 2013-07-16 15:49:01 Run:1
Running from H:\
Boot Mode: Recovery
==============================================

HKU\Carsten Appel\Software\Microsoft\Windows\CurrentVersion\Run\\qcgce2mrvjq91kk1e7pnbb19m52fx => Value deleted successfully.
HKU\Carsten Appel\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\Carsten Appel\Software\Microsoft\Command Processor\\AutoRun => Value deleted successfully.
C:\Users\Carsten Appel\AppData\Roaming\2433f433 => Moved successfully.
C:\Users\Carsten Appel\AppData\Local\2433f433 => Moved successfully.
C:\ProgramData\2433f433 => Moved successfully.
C:\Users\Carsten Appel\AppData\Local\Temp\rvyxwwivxnwmgyayy.exe => Moved successfully.
C:\ProgramData\27gb.bat => Moved successfully.
C:\ProgramData\27gb.pad => Moved successfully.
C:\ProgramData\27gb.reg => Moved successfully.

==== End of Fixlog ====

zu Schritt 2: Kann die Addition.txt nicht finden, aber hier schon mal die Ergebnisse des neuen Scans:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-07-2013 02
Ran by SYSTEM on 16-07-2013 14:30:04
Running from H:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3  [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - %ProgramFiles%\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [bazoo SHIVA BS Gaming Mouse] - "C:\Program Files (x86)\Vivanco\bazoo SHIVA BS Gaming Mouse\Panel.exe" [1103656 2010-10-07] ()
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKU\Carsten Appel\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-11-25] (Google Inc.)
HKU\Carsten Appel\...\Run: [Spotify Web Helper] - "C:\Users\Carsten Appel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1104384 2013-07-14] (Spotify Ltd)
HKU\Carsten Appel\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\CARSTE~1\AppData\Local\Temp\rvyxwwivxnwmgyayy.exe [53248 2013-07-16] (NVIDIA Corporation) <===== ATTENTION
HKU\Carsten Appel\...\Winlogon: [Shell] cmd.exe [344576 2009-07-14] (Microsoft Corporation) <==== ATTENTION 
HKU\Carsten Appel\...\Command Processor: "C:\Users\CARSTE~1\AppData\Local\Temp\rvyxwwivxnwmgyayy.exe" <===== ATTENTION!
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Services (Whitelisted) =================

S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2012\MXSAS.exe [181248 2011-09-09] (MAGIX AG)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
S2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-03-28] (Wajam)

==================== Drivers (Whitelisted) ====================

S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2011-08-20] ()
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
S0 DiskSec; C:\Windows\System32\Drivers\DiskSec.sys [27616 2009-09-23] (MAGIX)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-19] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-19] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-10-22] (Symantec Corporation)
S3 GMFilter Filter; C:\Windows\System32\Drivers\GMFilter.sys [52080 2009-06-04] (Game)
S3 GMFilter Filter; C:\Windows\SysWow64\Drivers\GMFilter.sys [27648 2009-06-04] (Game)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2011-08-20] ()
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-11] (RapidSolution Software AG)
S3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-11] (RapidSolution Software AG)
S1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-02] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
S3 cpuz135; \??\C:\Users\CARSTE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-16 14:29 - 2013-07-16 14:29 - 00000000 ____D C:\FRST
2013-07-16 12:02 - 2013-07-16 12:02 - 01084709 _____ C:\Users\Carsten Appel\AppData\Roaming\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084682 _____ C:\Users\Carsten Appel\AppData\Local\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084668 _____ C:\ProgramData\2433f433
2013-06-19 16:25 - 2013-06-19 16:25 - 00045568 _____ C:\Users\Carsten Appel\Desktop\Vereine Cycling.pub
2013-06-19 15:37 - 2013-06-19 15:37 - 00030208 _____ C:\Users\Carsten Appel\Desktop\Vereine.pub
2013-06-19 12:07 - 2013-06-19 12:07 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iTunes
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iPod
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-19 11:47 - 2013-06-19 11:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-19 11:47 - 2013-06-19 11:47 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

==================== One Month Modified Files and Folders =======

2013-07-16 14:29 - 2013-07-16 14:29 - 00000000 ____D C:\FRST
2013-07-16 13:19 - 2011-03-01 22:59 - 01523300 _____ C:\Windows\WindowsUpdate.log
2013-07-16 13:19 - 2010-11-25 17:10 - 00654188 _____ C:\Windows\System32\perfh007.dat
2013-07-16 13:19 - 2010-11-25 17:10 - 00130028 _____ C:\Windows\System32\perfc007.dat
2013-07-16 13:19 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\System32\PerfStringBackup.INI
2013-07-16 13:17 - 2012-11-14 08:08 - 00118464 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2013-07-16 13:16 - 2013-06-04 09:34 - 00001920 _____ C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job
2013-07-16 13:16 - 2013-06-04 09:34 - 00001214 _____ C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2013-07-16 13:16 - 2013-06-04 09:34 - 00001210 _____ C:\Windows\Tasks\Plus-HD-2.6-updater.job
2013-07-16 13:16 - 2013-06-04 09:34 - 00001114 _____ C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2013-07-16 13:16 - 2011-10-16 09:19 - 00000294 _____ C:\Windows\Tasks\MxTray.job
2013-07-16 13:16 - 2011-05-29 08:42 - 00107652 _____ C:\Windows\setupact.log
2013-07-16 13:16 - 2010-11-25 08:36 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-16 13:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-16 13:07 - 2009-07-14 05:45 - 00013664 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-16 13:07 - 2009-07-14 05:45 - 00013664 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-16 13:00 - 2010-11-25 08:36 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-16 12:22 - 2012-06-08 00:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-16 12:02 - 2013-07-16 12:02 - 01084709 _____ C:\Users\Carsten Appel\AppData\Roaming\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084682 _____ C:\Users\Carsten Appel\AppData\Local\2433f433
2013-07-16 12:02 - 2013-07-16 12:02 - 01084668 _____ C:\ProgramData\2433f433
2013-07-16 08:03 - 2011-03-01 23:03 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C36CCD86-CE80-4756-998F-44F4CD6B2052}
2013-07-15 22:55 - 2010-11-25 08:36 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-15 22:55 - 2010-11-25 08:36 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-15 22:48 - 2011-05-29 08:41 - 00397166 _____ C:\Windows\PFRO.log
2013-07-15 12:11 - 2011-06-03 19:32 - 00000000 ____D C:\Users\Carsten Appel\AppData\Local\CrashDumps
2013-07-14 21:05 - 2013-03-17 20:35 - 00000000 ____D C:\Users\Carsten Appel\AppData\Roaming\Spotify
2013-07-13 09:14 - 2013-03-17 20:38 - 00000000 ____D C:\Users\Carsten Appel\AppData\Local\Spotify
2013-07-10 11:23 - 2011-05-28 23:57 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-09 23:56 - 2011-10-16 09:24 - 00000476 _____ C:\Windows\Tasks\Java(TM) Platform SE Auto Updater 2 0 MAGIX PCCT.job
2013-07-09 23:00 - 2011-10-16 09:24 - 00000466 _____ C:\Windows\Tasks\Adobe Reader and Acrobat Manager MAGIX PCCT.job
2013-07-08 10:46 - 2013-04-25 22:18 - 00000000 _____ C:\END
2013-07-03 09:20 - 2011-05-26 16:39 - 00000000 ____D C:\ProgramData\Norton
2013-07-03 09:15 - 2012-03-19 08:07 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-06-25 12:15 - 2011-03-01 23:08 - 00000000 ___HD C:\Users\Carsten Appel\AppData\Local\Google
2013-06-23 23:33 - 2013-05-21 08:08 - 00256249 _____ C:\test.xml
2013-06-19 16:25 - 2013-06-19 16:25 - 00045568 _____ C:\Users\Carsten Appel\Desktop\Vereine Cycling.pub
2013-06-19 15:37 - 2013-06-19 15:37 - 00030208 _____ C:\Users\Carsten Appel\Desktop\Vereine.pub
2013-06-19 12:07 - 2013-06-19 12:07 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iTunes
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files\iPod
2013-06-19 12:06 - 2013-06-19 12:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-19 11:48 - 2013-06-19 11:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-19 11:47 - 2013-06-19 11:47 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

Files to move or delete:
====================
C:\ProgramData\27gb.bat
C:\ProgramData\27gb.pad
C:\ProgramData\27gb.reg

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-06-30 18:00:38
Restore point made on: 2013-07-07 22:46:14
Restore point made on: 2013-07-10 11:23:24
Restore point made on: 2013-07-14 18:00:40

==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 3950.1 MB
Available physical RAM: 3323.7 MB
Total Pagefile: 3948.25 MB
Available Pagefile: 3318.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.29 GB) (Free:307.21 GB) NTFS (Disk=0 Partition=3)
Drive d: () (Fixed) (Total:465.76 GB) (Free:148.24 GB) NTFS (Disk=1 Partition=1)
Drive f: (Recovery) (Fixed) (Total:13.37 GB) (Free:0.76 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
Drive g: (20110310_113231) (CDROM) (Total:7.24 GB) (Free:0 GB) CDFS
Drive h: (USB DISK) (Removable) (Total:1.86 GB) (Free:1.85 GB) FAT (Disk=2 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6DFD231A)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7340D1FD)
Partition 1: (Not Active) - (Size=466 GB) - (Type=OF Extended)

========================================================
Disk: 2 (Size: 2 GB) (Disk ID: 23C70E4B)
Partition 1: (Not Active) - (Size=2 GB) - (Type=0E)


LastRegBack: 2013-07-14 20:06

==================== End Of Log ============================

--- --- ---

--- --- ---

[/CODE]

M-K-D-B · 16.07.2013, 18:37

Servus,

du hast mir einmal die Logdatei des Fix gepostet. Das sieht ja schon mal gut aus.

Dann hast du mir aber zweimal (??) die alte Logdatei von FRST gepostet. Die kenne ich schon.

Lies dir bitte meine Anleitung zu Schritt 2 nochmal durch.... du sollst den Rechner normal (= normaler Modus) starten (oder kannst du den Rechner immer noch nicht normal starten???) und dort FRST neu laden und die beiden Logdateien von FRST posten.

casimero · 17.07.2013, 09:15

Moin, hier nun die Angaben zu Schritt 2:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-07-2013 03
Ran by Carsten Appel (administrator) on 17-07-2013 10:10:21
Running from C:\Users\Carsten Appel\Desktop
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(iMesh Inc.) C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrCoordinator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(MAGIX AG) C:\Program Files (x86)\MAGIX\PC_Live\MxTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Spotify Ltd) C:\Users\Carsten Appel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
() C:\Program Files (x86)\Vivanco\bazoo SHIVA BS Gaming Mouse\Panel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(iMesh Inc.) C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrUI.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Plus HD) C:\program files (x86)\plus-hd-2.6\plus-hd-2.6-bg.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-25] (Google Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Carsten Appel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-14] (Spotify Ltd)
MountPoints2: {3c9b7e01-444e-11e0-a76c-806e6f6e6963} - E:\Autorun.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [bazoo SHIVA BS Gaming Mouse] - "C:\Program Files (x86)\Vivanco\bazoo SHIVA BS Gaming Mouse\Panel.exe" [1103656 2010-10-07] ()
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MUSICT~1\Datamngr\x64\mgrldr.dll  [21056 2013-06-30] ()
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\MUSICT~1\Datamngr\mgrldr.dll  [17472 2013-06-30] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1487&systemid=1&apn_uid=6259384153244552&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1487&systemid=1&apn_uid=6259384153244552&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
HKCU SearchScopes: DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1487&systemid=1&apn_uid=6259384153244552&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
SearchScopes: HKCU - {0A90701E-47FB-4ED9-A155-E5802BCCB8C9} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=MGX&o=15359&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=JQ&apn_dtid=YYYYYYYYDE&apn_uid=2C834124-4E66-44AA-AAE9-0597AD928E20&apn_sauid=C762291A-EF48-4916-991A-C188043A5CCF
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.holasearch.com/?q={searchTerms}&affID=121962&tt=gc_&babsrc=SP_ss&mntrId=A0C918F46AE1BD63
SearchScopes: HKCU - {17E6E576-87D1-4118-B556-BFBA64E74963} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1487&systemid=1&apn_uid=6259384153244552&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=DE&ver=19
SearchScopes: HKCU - {E2C1E351-B984-4BF1-935F-CD21F786ADA1} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {E827C38C-7A56-46A5-92D4-8278A2FB3718} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Plus-HD-2.6 - {11111111-1111-1111-1111-110311341140} - C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho.dll (Plus HD)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Music Box Toolbar (Dist. by iMesh, Inc.) - {45177936-603b-4261-8d42-df6f7091d5d0} - C:\PROGRA~2\MUSICT~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll ()
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Music Box Toolbar (Dist. by iMesh, Inc.) - {45177936-603b-4261-8d42-df6f7091d5d0} - C:\PROGRA~2\MUSICT~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll ()
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: msdaipp - No CLSID Value - 
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler-x32: msdaipp - No CLSID Value - 
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 DatamngrCoordinator; C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrCoordinator.exe [3179584 2013-06-30] (iMesh Inc.)
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_2012\MXSAS.exe [181248 2011-09-09] (MAGIX AG)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-03-28] (Wajam)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2011-08-20] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R0 DiskSec; C:\Windows\System32\Drivers\DiskSec.sys [27616 2009-09-23] (MAGIX)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-19] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-19] (Symantec Corporation)
R3 GMFilter Filter; C:\Windows\System32\Drivers\GMFilter.sys [52080 2009-06-04] (Game)
R3 GMFilter Filter; C:\Windows\SysWow64\Drivers\GMFilter.sys [27648 2009-06-04] (Game)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130716.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130716.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2011-08-20] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130716.017\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130716.017\ENG64.SYS [126040 2013-05-22] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130716.017\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130716.017\EX64.SYS [2098776 2013-05-22] (Symantec Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-11] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-03-11] (RapidSolution Software AG)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-02] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
R3 cpuz135; \??\C:\Users\CARSTE~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-17 10:06 - 2013-07-17 10:06 - 01778253 _____ (Farbar) C:\Users\Carsten Appel\Desktop\FRST64.exe
2013-07-17 10:03 - 2013-07-17 10:03 - 00000000 ____D C:\Users\Carsten Appel\Documents\My Received Files
2013-07-17 10:03 - 2013-07-17 10:03 - 00000000 ____D C:\Users\Carsten Appel\AppData\Roaming\MusicNet
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\Users\CARSTE~1\AppData\Local\imeshmusicboxtoolbar
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\Wincert
2013-07-17 09:39 - 2013-07-17 10:09 - 00000000 ____D C:\ProgramData\Datamngr
2013-07-17 09:39 - 2013-07-17 09:39 - 00000000 ____D C:\Program Files (x86)\Music Toolbar
2013-07-16 15:29 - 2013-07-16 15:29 - 00000000 ____D C:\FRST
2013-06-19 17:25 - 2013-06-19 17:25 - 00045568 _____ C:\Users\Carsten Appel\Desktop\Vereine Cycling.pub
2013-06-19 16:37 - 2013-06-19 16:37 - 00030208 _____ C:\Users\Carsten Appel\Desktop\Vereine.pub
2013-06-19 13:07 - 2013-06-19 13:07 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-06-19 13:06 - 2013-06-19 13:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-19 13:06 - 2013-06-19 13:06 - 00000000 ____D C:\Program Files\iTunes
2013-06-19 13:06 - 2013-06-19 13:06 - 00000000 ____D C:\Program Files\iPod
2013-06-19 13:06 - 2013-06-19 13:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-19 12:47 - 2013-06-19 12:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-19 12:47 - 2013-06-19 12:47 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

==================== One Month Modified Files and Folders =======

2013-07-17 10:09 - 2013-07-17 09:39 - 00000000 ____D C:\ProgramData\Datamngr
2013-07-17 10:06 - 2013-07-17 10:06 - 01778253 _____ (Farbar) C:\Users\Carsten Appel\Desktop\FRST64.exe
2013-07-17 10:04 - 2010-11-25 18:10 - 00654188 _____ C:\Windows\system32\perfh007.dat
2013-07-17 10:04 - 2010-11-25 18:10 - 00130028 _____ C:\Windows\system32\perfc007.dat
2013-07-17 10:04 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-17 10:03 - 2013-07-17 10:03 - 00000000 ____D C:\Users\Carsten Appel\Documents\My Received Files
2013-07-17 10:03 - 2013-07-17 10:03 - 00000000 ____D C:\Users\Carsten Appel\AppData\Roaming\MusicNet
2013-07-17 10:02 - 2011-03-02 00:03 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C36CCD86-CE80-4756-998F-44F4CD6B2052}
2013-07-17 10:02 - 2009-07-14 06:45 - 00013664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-17 10:02 - 2009-07-14 06:45 - 00013664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-17 10:01 - 2011-05-29 09:42 - 00108617 _____ C:\Windows\setupact.log
2013-07-17 10:00 - 2010-11-25 09:36 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-17 09:58 - 2011-03-01 23:59 - 01554703 _____ C:\Windows\WindowsUpdate.log
2013-07-17 09:56 - 2012-11-14 09:08 - 00118464 _____ C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2013-07-17 09:55 - 2013-06-04 10:34 - 00001920 _____ C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job
2013-07-17 09:55 - 2013-06-04 10:34 - 00001214 _____ C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2013-07-17 09:55 - 2013-06-04 10:34 - 00001210 _____ C:\Windows\Tasks\Plus-HD-2.6-updater.job
2013-07-17 09:55 - 2013-06-04 10:34 - 00001114 _____ C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2013-07-17 09:55 - 2011-10-16 10:19 - 00000294 _____ C:\Windows\Tasks\MxTray.job
2013-07-17 09:55 - 2010-11-25 09:36 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-17 09:54 - 2011-10-16 10:24 - 00000476 _____ C:\Windows\Tasks\Java(TM) Platform SE Auto Updater 2 0 MAGIX PCCT.job
2013-07-17 09:54 - 2011-05-29 09:41 - 00397866 _____ C:\Windows\PFRO.log
2013-07-17 09:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\Users\CARSTE~1\AppData\Local\imeshmusicboxtoolbar
2013-07-17 09:40 - 2013-07-17 09:40 - 00000000 ____D C:\ProgramData\Wincert
2013-07-17 09:39 - 2013-07-17 09:39 - 00000000 ____D C:\Program Files (x86)\Music Toolbar
2013-07-17 09:22 - 2012-06-08 01:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-17 00:22 - 2011-06-03 20:32 - 00000000 ____D C:\Users\CARSTE~1\AppData\Local\CrashDumps
2013-07-17 00:00 - 2011-10-16 10:24 - 00000466 _____ C:\Windows\Tasks\Adobe Reader and Acrobat Manager MAGIX PCCT.job
2013-07-16 15:29 - 2013-07-16 15:29 - 00000000 ____D C:\FRST
2013-07-15 23:55 - 2010-11-25 09:36 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-15 23:55 - 2010-11-25 09:36 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-14 22:05 - 2013-03-17 21:35 - 00000000 ____D C:\Users\Carsten Appel\AppData\Roaming\Spotify
2013-07-13 10:14 - 2013-03-17 21:38 - 00000000 ____D C:\Users\CARSTE~1\AppData\Local\Spotify
2013-07-10 12:23 - 2011-05-29 00:57 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-08 11:46 - 2013-04-25 23:18 - 00000000 _____ C:\END
2013-07-03 10:20 - 2011-05-26 17:39 - 00000000 ____D C:\ProgramData\Norton
2013-07-03 10:15 - 2012-03-19 09:07 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-06-25 13:15 - 2011-03-02 00:08 - 00000000 ___HD C:\Users\CARSTE~1\AppData\Local\Google
2013-06-24 00:33 - 2013-05-21 09:08 - 00256249 _____ C:\test.xml
2013-06-19 17:25 - 2013-06-19 17:25 - 00045568 _____ C:\Users\Carsten Appel\Desktop\Vereine Cycling.pub
2013-06-19 16:37 - 2013-06-19 16:37 - 00030208 _____ C:\Users\Carsten Appel\Desktop\Vereine.pub
2013-06-19 13:07 - 2013-06-19 13:07 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-06-19 13:06 - 2013-06-19 13:06 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-19 13:06 - 2013-06-19 13:06 - 00000000 ____D C:\Program Files\iTunes
2013-06-19 13:06 - 2013-06-19 13:06 - 00000000 ____D C:\Program Files\iPod
2013-06-19 13:06 - 2013-06-19 13:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-19 12:48 - 2013-06-19 12:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-19 12:47 - 2013-06-19 12:47 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-14 21:06

==================== End Of Log ============================

--- --- ---

[/CODE]

und die zweite Datei:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-07-2013 03
Ran by Carsten Appel at 2013-07-17 10:10:57
Running from C:\Users\Carsten Appel\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe AIR (x32 Version: 2.5.1.17730)
Adobe Flash Player 10 Plugin (x32 Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0)
Adobe Premiere Elements 8.0 (x32 Version: 8.0)
Adobe Reader 9.3 - Deutsch (x32 Version: 9.3.0)
Alps Pointing-device for VAIO
ANNO 1404 - Königsedition (x32 Version: 1.02.0000)
ANNO 1503 GOLD (x32 Version: 1.05.00)
ANNO 2070 (x32 Version: 1.0.0.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.115)
ArcSoft TotalMedia Extreme (x32 Version: 1.0.22.2)
ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.368)
ATI Catalyst Install Manager (Version: 3.0.769.0)
Audials (x32 Version: 10.1.12408.800)
bazoo SHIVA BS Gaming Mouse (x32 Version: 1.0.5)
Bonjour (Version: 3.0.0.10)
BPM Counter 1.6.0.0 (x32 Version: 1.6.0.0)
BrowserDefender (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Light (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306)
Catalyst Control Center InstallProxy (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Localization All (x32 Version: 2010.0920.2143.37117)
CCC Help Chinese Standard (x32 Version: 2010.0920.2142.37117)
CCC Help Chinese Traditional (x32 Version: 2010.0920.2142.37117)
CCC Help Czech (x32 Version: 2010.0920.2142.37117)
CCC Help Danish (x32 Version: 2010.0920.2142.37117)
CCC Help Dutch (x32 Version: 2010.0920.2142.37117)
CCC Help English (x32 Version: 2010.0920.2142.37117)
CCC Help Finnish (x32 Version: 2010.0920.2142.37117)
CCC Help French (x32 Version: 2010.0920.2142.37117)
CCC Help German (x32 Version: 2010.0920.2142.37117)
CCC Help Greek (x32 Version: 2010.0920.2142.37117)
CCC Help Hungarian (x32 Version: 2010.0920.2142.37117)
CCC Help Italian (x32 Version: 2010.0920.2142.37117)
CCC Help Japanese (x32 Version: 2010.0920.2142.37117)
CCC Help Korean (x32 Version: 2010.0920.2142.37117)
CCC Help Norwegian (x32 Version: 2010.0920.2142.37117)
CCC Help Polish (x32 Version: 2010.0920.2142.37117)
CCC Help Portuguese (x32 Version: 2010.0920.2142.37117)
CCC Help Russian (x32 Version: 2010.0920.2142.37117)
CCC Help Spanish (x32 Version: 2010.0920.2142.37117)
CCC Help Swedish (x32 Version: 2010.0920.2142.37117)
CCC Help Thai (x32 Version: 2010.0920.2142.37117)
CCC Help Turkish (x32 Version: 2010.0920.2142.37117)
ccc-core-static (x32 Version: 2010.0920.2143.37117)
ccc-utility64 (Version: 2010.0920.2143.37117)
Cities XL 2012 (x32 Version: 1.0.0)
DIE SIEDLER - Das Erbe der Könige - Gold Edition (x32 Version: 1.00.0000)
DivX-Setup (x32 Version: 2.1.2.2)
Evernote (x32 Version: 3.5.4.2224)
FUSSBALL MANAGER 10 (x32)
FUSSBALL MANAGER 11 (x32 Version: 1.0.0.2)
FUSSBALL MANAGER 12 (x32 Version: 1.0.0.0)
Google Chrome (x32 Version: 28.0.1500.72)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)
Google Update Helper (x32 Version: 1.3.21.153)
Handball Action (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.02.00.1002)
iTunes (Version: 11.0.4.4)
Java Auto Updater (x32 Version: 2.0.2.1)
Java(TM) 6 Update 20 (64-bit) (Version: 6.0.200)
Java(TM) 6 Update 20 (x32 Version: 6.0.200)
Junk Mail filter update (x32 Version: 14.0.8117.416)
MAGIX PC Check & Tuning 2012 (x32 Version: 7.0.401.2)
MAGIX PC Live (x32 Version: 1.0.4.6)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
Media Gallery (Version: 1.3.0)
Media Gallery (x32 Version: 1.3.0.06230)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Small Business Edition 2003 (x32 Version: 11.0.5614.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Music Box Toolbar for Chrome (Dist. by iMesh, Inc.) (x32 Version: 1.5.0.0)
Music Box Toolbar for Internet Explorer (Dist. by iMesh, Inc.) (x32 Version: 1.5.0.0)
Nikon File Uploader 2 (x32 Version: 2.00.0001)
Norton Internet Security (x32 Version: 19.9.1.14)
Norton Online Backup (x32 Version: 2.1.17869)
Origin (x32 Version: 9.1.13.85)
Picture Control Utility (x32 Version: 1.2.0)
Plus-HD-2.6 (x32 Version: 1.27.153.5)
PMB (x32 Version: 5.3.00.06040)
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00)
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00)
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00)
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14)
QuickTime (x32 Version: 7.74.80.86)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6098)
Remote Play mit PlayStation®3 (x32 Version: 1.0.2.06210)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210)
Remote-Tastatur mit PlayStation 3 (x32 Version: 1.0.2.06170)
rosoft .NET Framework 4 Client Profile (Version: 4.0.30319)
SimCity™ (x32 Version: 1.0.0.0)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
TuneUp Utilities 2013 (x32 Version: 13.0.3000.133)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.133)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
VAIO - Media Gallery (x32 Version: 1.3.0.06230)
VAIO - PMB VAIO Edition Guide (x32 Version: 1.4.00.09200)
VAIO - PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180)
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.4.00.12020)
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180)
VAIO Care (x32 Version: 6.4.2.11150)
VAIO Control Center (x32 Version: 4.3.0.05310)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240)
VAIO DVD Menu Data (x32 Version: 2.2.00.05120)
VAIO Gate (x32 Version: 2.2.0.06080)
VAIO Gate Default (x32 Version: 2.2.0.07020)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230)
VAIO Media plus (Version: 2.1.0)
VAIO Media plus (x32 Version: 2.1.0.18210)
VAIO Media plus Opening Movie (x32 Version: 2.1.0.13220)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040)
VAIO Quick Web Access (x32 Version: 1.3.4.2)
VAIO Sample Contents (x32 Version: 1.3.0.06041)
VAIO screensaver (x32 Version: 1.0.0.0)
VAIO Smart Network (x32 Version: 3.3.0.06080)
VAIO Update (x32 Version: 6.1.1.10250)
VAIO-Handbuch (x32 Version: 1.1.0.05280)
VAIO-Support für Übertragungen (x32 Version: 1.2.0.06230)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0)
ViewNX 2 (x32 Version: 2.0.1)
VLC media player 1.1.9 (x32 Version: 1.1.9)
VU5x64 (Version: 1.1.0)
VU5x86 (x32 Version: 1.0.0)
VU5x86 (x32 Version: 1.1.0)
Wajam (x32 Version: 1.72)
WIDCOMM Bluetooth Software (Version: 6.3.0.5600)
Wieso? Weshalb? Warum? - Unser Körper (x32 Version: 1.0.0)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)

==================== Restore Points  =========================

30-06-2013 17:00:31 Windows-Sicherung
07-07-2013 21:45:59 Windows-Sicherung
10-07-2013 10:23:16 Windows Update
14-07-2013 17:00:30 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {07D59A1D-3E1A-4E53-BC69-0FE4DC14B189} - System32\Tasks\MxTray => C:\Program Files (x86)\MAGIX\PC_Live\MxTray.exe [2011-09-09] (MAGIX AG)
Task: {12176707-3974-4C87-A7A6-4CC2F56FA2C4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-08-04] (Microsoft Corporation)
Task: {2B3AFB67-D47B-49E9-B198-097FD902609C} - System32\Tasks\Plus-HD-2.6-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-chromeinstaller.exe [2013-06-04] (Plus HD)
Task: {2E0E82AE-3A92-4D84-8EC9-AE24AE27E69A} - System32\Tasks\Plus-HD-2.6-updater => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-updater.exe [2013-06-04] (Plus HD)
Task: {365B0EED-20D3-4F13-B5AA-2570D481B30E} - System32\Tasks\Plus-HD-2.6-codedownloader => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe [2013-06-04] (Plus HD)
Task: {401963E8-851B-42D2-AC9F-97353FFA1968} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4B2B7295-C3A8-4CE4-ABB7-67FF0F535C5A} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {4C621BC0-2A13-4328-91C8-33A1653D2057} - System32\Tasks\User_Feed_Synchronization-{C36CCD86-CE80-4756-998F-44F4CD6B2052} => C:\Windows\system32\msfeedssync.exe [2013-03-02] (Microsoft Corporation)
Task: {53E08184-1725-4BEA-99F6-ADFE6B0E5120} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {5459D5DE-FBD7-4A24-9164-34194AE0A720} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {5E5B58A7-67B7-47C7-8DB0-2F582E56CD16} - System32\Tasks\Java(TM) Platform SE Auto Updater 2 0 MAGIX PCCT => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18] (Sun Microsystems, Inc.)
Task: {5E646215-2773-42DC-9FF5-9F191B0EFF28} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {695124A6-8104-43EA-A445-D6B5F0B106C0} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {6952FAC2-C502-4E95-A4CE-EF186090A176} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)
Task: {69E2B96B-158B-4E99-B350-0F62C99E7191} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-06-08] (Sony Corporation)
Task: {74392A80-FF59-4660-A6C2-70572B0A1596} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {764498E9-641E-414B-ADC7-805F9CD44D96} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: {91F4F65C-36BC-4D19-9792-8B55423397D0} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {98FA5E4E-E835-432E-BAD4-B875D0E7CF52} - System32\Tasks\Plus-HD-2.6-enabler => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe [2013-06-04] (Plus HD)
Task: {A13C612C-37C1-4C18-B2EF-13A8570841AA} - System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244} => C:\Windows\system32\msfeedssync.exe [2013-03-02] (Microsoft Corporation)
Task: {A2DB0D8B-9894-43D6-912E-9393985F1064} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)
Task: {A7251422-FA53-45F8-B91E-52D9280470F9} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-06-08] (Sony Corporation)
Task: {A8B63A9C-A773-46BD-9A98-EDAF2803D71B} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {B579CC62-CD44-428B-AE05-8608A56A1B76} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {BE98FDD3-9CE7-4231-909D-BCDFA9E2E5C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-25] (Google Inc.)
Task: {CD541992-88B6-4F10-BF02-3C2E58F8AFC9} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {DA2C889E-17C6-4901-BDC2-E1B556090265} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {DBEB58A7-4106-4303-B4C3-94872942C3E0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {DFF0CA0B-BFE7-43AE-B759-3ECEBA4BDDEE} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.)
Task: {E4A08565-95A4-4A02-AD9E-FCC4CAE4E116} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-25] (Google Inc.)
Task: {F6635550-6DC7-419C-906E-5D1CBD51AF1E} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2009-07-14] (Microsoft Corporation)
Task: {F964D210-7F91-4E69-B7F9-2EDE4D081079} - System32\Tasks\Adobe Reader and Acrobat Manager MAGIX PCCT => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11] (Adobe Systems Incorporated)
Task: {FA31150C-6927-47D6-B31C-FF0B69A82FD5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-11-29] (TuneUp Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Adobe Reader and Acrobat Manager MAGIX PCCT.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Java(TM) Platform SE Auto Updater 2 0 MAGIX PCCT.job => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: C:\Windows\Tasks\MxTray.job => C:\Program Files (x86)\MAGIX\PC_Live\MxTray.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-enabler.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-updater.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-updater.exe

==================== Faulty Device Manager Devices =============

Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2013 00:21:55 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Manager11.exe, Version: 1.0.0.2, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: Manager11.exe, Version: 1.0.0.2, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0072bf72
ID des fehlerhaften Prozesses: 0xc64
Startzeit der fehlerhaften Anwendung: 0xManager11.exe0
Pfad der fehlerhaften Anwendung: Manager11.exe1
Pfad des fehlerhaften Moduls: Manager11.exe2
Berichtskennung: Manager11.exe3

Error: (07/16/2013 10:53:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8514815

Error: (07/16/2013 10:53:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8514815

Error: (07/16/2013 10:53:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/16/2013 09:31:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3614886

Error: (07/16/2013 09:31:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3614886

Error: (07/16/2013 09:31:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/16/2013 05:27:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2342745

Error: (07/16/2013 05:27:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2342745

Error: (07/16/2013 05:27:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/17/2013 09:54:51 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (07/17/2013 09:54:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (07/17/2013 09:54:44 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎17.‎07.‎2013 um 09:52:11 unerwartet heruntergefahren.

Error: (07/17/2013 09:40:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Datamngr Coordinator" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/16/2013 04:16:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (07/16/2013 04:16:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (07/16/2013 02:16:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (07/16/2013 02:16:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (07/16/2013 02:13:03 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AFD
BHDrvx64
ccSet_NIS
DfsC
discache
eeCtrl
IDSVia64
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
SRTSP
SRTSPX
SymIRON
SymNetS
tdx
vwififlt
Wanarpv6
WfpLwf

Error: (07/16/2013 02:13:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (07/17/2013 00:21:55 AM) (Source: Application Error)(User: )
Description: Manager11.exe1.0.0.200000000Manager11.exe1.0.0.200000000c00000050072bf72c6401ce8266b4d50895C:\Program Files (x86)\EA SPORTS\FUSSBALL MANAGER 11\Manager11.exeC:\Program Files (x86)\EA SPORTS\FUSSBALL MANAGER 11\Manager11.exe1eb47031-ee66-11e2-a698-544249fb18ea

Error: (07/16/2013 10:53:06 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8514815

Error: (07/16/2013 10:53:06 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8514815

Error: (07/16/2013 10:53:06 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/16/2013 09:31:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3614886

Error: (07/16/2013 09:31:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3614886

Error: (07/16/2013 09:31:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/16/2013 05:27:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2342745

Error: (07/16/2013 05:27:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2342745

Error: (07/16/2013 05:27:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-07-17 09:54:51.509
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-17 09:54:51.431
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-17 09:54:50.180
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-17 09:54:50.110
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-16 16:16:52.396
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-16 16:16:52.318
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-16 16:16:50.197
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-16 16:16:50.119
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-16 14:16:13.045
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-16 14:16:12.967
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 3950.1 MB
Available physical RAM: 1998.93 MB
Total Pagefile: 7898.33 MB
Available Pagefile: 5634 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.29 GB) (Free:307.32 GB) NTFS (Disk=0 Partition=3)
Drive d: () (Fixed) (Total:465.76 GB) (Free:148.02 GB) NTFS (Disk=1 Partition=1)
Drive e: (20110310_113231) (CDROM) (Total:7.24 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6DFD231A)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7340D1FD)
Partition 1: (Not Active) - (Size=466 GB) - (Type=OF Extended)

==================== End Of Log ============================

M-K-D-B · 17.07.2013, 19:16

Servus,

kanns du mir mal bitte sagen, was du du heute gegen 09:40 Uhr auf deinem Rechner gemacht hast?
Du hast dir lauter unerwünschte Software und Adware installiert...
Wieso erschwerst du mir die Bereinigung?

So geht es weiter:

AdwCleaner bitte zweimal direkt hintereinander genau so ausführen und beide Logdateien davon posten!

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die beiden Logdateien von AdwCleaner,
die Logdatei von JRT.

M-K-D-B · 20.07.2013, 10:33

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Plötzlich nur noch weißer Bildschirm auf laptop - Frst.text erstellt

Log-Analyse und Auswertung: Plötzlich nur noch weißer Bildschirm auf laptop - Frst.text erstellt