Hallo,

ich habe nach Aviras Meinung ein Virus, bzw. Trojaner (oder was es auch immer ist) auf meinem PC! Die Datei wurde in die Quarantäne verschoben, wurde aber schon am 29.6.14 entdeckt, ich hatte bis jetzt nur keine Zeit mich drum zu kümmern!

Es bestehen auch Probleme! Nämlich, wenn ich den PC hochfahre, spricht das BIOS die Tastatur normal an (ich komme auch mit F2 ins BIOS), aber wenn ich dann z.B. "Windows normal starten" mit der Tastatur auswählen will, dann reagiert sie nicht!

Ein anderes Problem, evtl. auch ein anderes Virus ist, dass eine system.exe im Taskmanager aufgeführt wird!
PID 4 und den Port 80 benutzt, weswegen ich auch drauf aufmerksam geworden bin, denn XAMP (PHP, MySQL... Programm, also ein "virtueller Server") braucht auch den Port 80 und meckert deswegen immer!

Sonst gibt es aber keine Probleme die mir aufgefallen sind!


Ich habe auch schoneinmal mit "Farbar Recovery Scan Tool" ein Durchlauf gemacht:

Ich hoffe, dass nun dieser spoiler funktioniert


FRST Additions Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-07-2014
Ran by Jona at 2014-07-03 17:02:56
Running from I:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe After Effects CS4 (HKLM\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (HKLM\...\Adobe_5aab5a491a3a52ae624fd639f6aaa95) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 Third Party Content (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Fonts All (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (Version: 2.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Aptana Studio 3 (HKLM\...\Aptana Studio 3) (Version: 3.4.2 - Appcelerator, Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 3™ (HKLM\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version:  - Relic Entertainment)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
DeshakerIF 2.01 (HKLM\...\{C39CDB78-924E-4DEE-94E8-97B77F1A6080}_is1) (Version:  - )
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
ffdshow v1.3.4530 [2014-02-09] (HKLM\...\ffdshow_is1) (Version: 1.3.4530.0 - )
FileZilla Client 3.8.1 (HKLM\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Free YouTube Download version 3.2.33.424 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.33.424 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
FreeMind (HKLM\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
IIS 8.0 Express (HKLM\...\{B8FFB7D6-6ABD-47C3-8BAD-86FF5D8F3EDC}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lexmark 640 Series (HKLM\...\Lexmark 640 Series) (Version:  - Lexmark International, Inc.)
LibreOffice 4.2.2.1 (HKLM\...\{0ECDB550-79ED-4E9E-851B-19A8B2B4EBFA}) (Version: 4.2.2.1 - The Document Foundation)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
MAGIX Content und Soundpools (HKLM\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM\...\MAGIX_{B03055E4-8381-4834-8CD6-602141C8D702}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 (HKLM\...\MX.{CC87429C-BC87-4D90-9D5F-C6D9721A6663}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM\...\MAGIX_{BA816CCA-0FEA-4A68-9AD0-4CF3D2DF40CC}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\MAGIX_{36F289DE-F9E6-4AD3-AD37-90CCB61F1638}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (HKLM\...\MAGIX_{9ADAE3A4-87DD-4091-B5E0-24F4B6F08F3A}) (Version: 11.0.5.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Version: 11.0.5.0 - MAGIX AG) Hidden
MediaFire Desktop (HKLM\...\MediaFire Desktop 0.10.36.9353) (Version: 0.10.52.9493 - MediaFire)
MediaInfo 0.7.69 (HKLM\...\MediaInfo) (Version: 0.7.69 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Expression Web 4 (HKLM\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Expression Web 4 (Version: 4.0.1460.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{30640168-E261-4261-B8FF-7FA5E0F6A2F1}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{E43AC95E-66B0-4CEC-AADD-C9BFEF5A4C0A}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{1D39E015-C3D2-45DE-B070-A69C5F2FB309}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft WebMatrix 3 (HKLM\...\{F3A4C164-245F-4548-AE80-BB766E16B637}) (Version: 2.0.1932 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nmap 6.46 (HKLM\...\Nmap) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shark007 Standard Codecs (HKLM\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 2.0.1 - Shark007)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SRWare Iron Version SRWare Iron 34.0.1850.0 (HKLM\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 34.0.1850.0 - SRWare)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 9.0 (HKLM\...\{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}) (Version: 9.0.1147 - Sony)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WampServer 2.5 (HKLM\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
Wisdom-soft AutoScreenRecorder 3.1 Free (HKLM\...\Wisdom-soft AutoScreenRecorder 3.1 Free) (Version:  - Wisdom Software Inc.)
XMedia Recode Version 3.1.8.6 (HKLM\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.6 - XMedia Recode)

==================== Restore Points  =========================

30-06-2014 13:09:32 Removed Windows Phone Emulator - ENU
30-06-2014 13:10:04 Removed Skype™ 6.16
30-06-2014 13:10:41 Removed Adobe Media Player
30-06-2014 13:14:04 Removed LibreOffice 4.2.2.1
30-06-2014 13:15:42 Microsoft PowerPoint Viewer wird entfernt
30-06-2014 13:16:46 Removed Windows Phone SDK 7.1 Assemblies
01-07-2014 14:31:08 Windows Update
01-07-2014 16:00:22 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0E257772-C26E-4575-9FF7-C7FAA8FA7788} - System32\Tasks\{E9CEFB17-FAE6-4E28-962B-25A6D267E625} => C:\Users\Jona\Downloads\x264_r2431\x264-10b-r2431-ac76440.exe
Task: {333504A7-07DA-492D-817D-31BFD0C0CA4D} - System32\Tasks\FF Watcher {F3F1A344-69ED-4689-8031-D686065E4419} => C:\Program Files\V-bates\PrefHelper.exe
Task: {4E95A93D-867E-4687-8A52-47FE0FBC77B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)
Task: {6D852DBB-4C08-408B-9B40-A9B8B3AE73CB} - System32\Tasks\FF Watcher {C06124DF-5D94-4C79-93A7-767545A5F03F} => C:\Program Files\V-bates\PrefHelper.exe
Task: {7E8E187B-0253-4266-826D-7E1324726C68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)
Task: {8A5D1D9B-4996-4172-ADCF-FD0D4867516A} - System32\Tasks\FF Watcher {6BC52A8A-733A-4149-9DB0-F70E345BFB75} => C:\Program Files\V-bates\PrefHelper.exe
Task: {E3792A5C-EDB0-4BB6-8DFA-EDF4EE997FC3} - System32\Tasks\FF Watcher {591BDE40-27C6-4EF4-8260-58470B08B36A} => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\FF Watcher {591BDE40-27C6-4EF4-8260-58470B08B36A}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\FF Watcher {6BC52A8A-733A-4149-9DB0-F70E345BFB75}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\FF Watcher {C06124DF-5D94-4C79-93A7-767545A5F03F}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\FF Watcher {F3F1A344-69ED-4689-8031-D686065E4419}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-14 19:38 - 2014-03-04 14:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-01 11:08 - 2014-06-01 11:08 - 00035328 _____ () F:\Programme\filezilla\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () F:\Programme\filezilla\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () F:\Programme\filezilla\FileZilla FTP Client\libstdc++-6.dll
2014-05-06 16:57 - 2014-05-30 01:04 - 00457736 _____ () C:\Users\Jona\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
2014-06-02 20:34 - 2014-06-30 20:10 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-06-12 20:57 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 20:57 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 20:57 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 20:58 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 20:57 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MediaFire Tray => C:\Users\Jona\AppData\Local\MediaFire Desktop\mf_watch.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Registry Helper => "C:\Program Files\Registry Helper\RegistryHelper.Exe" /boot
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: TrayServer => F:\Programme\Magix\Videodeluxe\Programm\TrayServer_de.exe
MSCONFIG\startupreg: V-bates => C:\Program Files\V-bates\notifier.exe

==================== Faulty Device Manager Devices =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Virtual Machine Monitor
Description: Virtual Machine Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: vmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2014 04:45:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 04:43:58 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (07/02/2014 10:30:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2014 06:22:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 06:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 05:02:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 04:45:01 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting


For more information, see Help and Support Center at hxxp://www.mysql.com.

Error: (07/01/2014 04:45:01 PM) (Source: MySQL) (EventID: 100) (User: )
Description: wampmysqld: unknown option '--skip-locking'

For more information, see Help and Support Center at hxxp://www.mysql.com.

Error: (07/01/2014 04:26:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2014 09:55:18 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting


For more information, see Help and Support Center at hxxp://www.mysql.com.


System errors:
=============
Error: (07/03/2014 04:44:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vmm

Error: (07/03/2014 04:43:34 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (07/02/2014 10:29:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vmm

Error: (07/02/2014 10:28:17 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (07/02/2014 06:21:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vmm

Error: (07/02/2014 06:20:46 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (07/01/2014 06:03:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vmm

Error: (07/01/2014 06:02:09 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (07/01/2014 05:01:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vmm

Error: (07/01/2014 05:00:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.


Microsoft Office Sessions:
=========================
Error: (07/03/2014 04:45:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 04:43:58 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (07/02/2014 10:30:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2014 06:22:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 06:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 05:02:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 04:45:01 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting

Error: (07/01/2014 04:45:01 PM) (Source: MySQL) (EventID: 100) (User: )
Description: wampmysqld: unknown option '--skip-locking'

Error: (07/01/2014 04:26:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2014 09:55:18 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting


==================== Memory info =========================== 

Percentage of memory in use: 37%
Total physical RAM: 3327.3 MB
Available physical RAM: 2085.4 MB
Total Pagefile: 5372.59 MB
Available Pagefile: 3727.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:76.63 GB) (Free:2.14 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (DatenGrab) (Fixed) (Total:117.24 GB) (Free:103.88 GB) NTFS
Drive f: (Lokaler Datenträger) (Fixed) (Total:92.88 GB) (Free:63.41 GB) NTFS
Drive i: (Downloads) (Fixed) (Total:9.76 GB) (Free:6.63 GB) NTFS
Drive u: (PHP) (Fixed) (Total:13 GB) (Free:12.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 77 GB) (Disk ID: 2E2E2E2E)
Partition 1: (Active) - (Size=77 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: F9335D9E)
Partition 1: (Active) - (Size=117 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=93 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=13 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-07-2014
Ran by Jona (administrator) on JONAPC on 03-07-2014 17:22:41
Running from I:\
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
( ) C:\Windows\System32\lxdacoms.exe
() C:\Users\Jona\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [BCSSync] => F:\Programme\Microsoft Office Pack\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-17610030-839998563-2177145587-1000\...\Run: [MediaFire Tray] => [X]
ShellIconOverlayIdentifiers: 1MediaFireIconError -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files\MediaFire Desktop\MediaFireIcon3_edc86.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 1MediaFireIconSynched -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files\MediaFire Desktop\MediaFireIcon_edc86.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 1MediaFireIconSyncing -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files\MediaFire Desktop\MediaFireIcon2_edc86.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: MediaFireIconLock -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files\MediaFire Desktop\MediaFireIcon4_edc86.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: MediaFireIconReadOnly -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files\MediaFire Desktop\MediaFireIcon5_edc86.dll (TODO: <Company name>)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=MF544B194-ECFB-4DFD-A2B0-5AE82508B40F&SearchSource=55&CUI=&UM=5&UP=SPDEAE4214-E735-455A-9CAF-73CA57767414&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE5154D72AA3FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\Programme\Microsoft Office Pack\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Jona\AppData\Roaming\Mozilla\Firefox\Profiles\ut86ydbj.default
FF Homepage: hxxp://search.conduit.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=MF544B194-ECFB-4DFD-A2B0-5AE82508B40F&SearchSource=55&CUI=&UM=5&UP=SPDEAE4214-E735-455A-9CAF-73CA57767414&SSPV=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.4.0 - C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - F:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - F:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Jona\AppData\Roaming\Mozilla\Firefox\Profiles\ut86ydbj.default\user.js
FF SearchPlugin: C:\Users\Jona\AppData\Roaming\Mozilla\Firefox\Profiles\ut86ydbj.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=MF544B194-ECFB-4DFD-A2B0-5AE82508B40F&SearchSource=55&CUI=&UM=5&UP=SPDEAE4214-E735-455A-9CAF-73CA57767414&SSPV=
CHR StartupUrls: "hxxp://multicultipage.bplaced.net/"
CHR Extension: (Google Translate) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-05-27]
CHR Extension: (Google Docs) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-20]
CHR Extension: (Google Drive) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-20]
CHR Extension: (Web Developer) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-05-16]
CHR Extension: (YouTube) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-20]
CHR Extension: (Telegram UNOFFICIAL) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhhggbfdinjmjhajaheehoeibfljjno [2014-03-20]
CHR Extension: (Google-Suche) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-20]
CHR Extension: (Button Generator) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\njphjoojdldjpogfhbncccnkldebgbnd [2014-05-15]
CHR Extension: (Google Wallet) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-20]
CHR Extension: (Google Mail) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-20]
         

Wenn ihr noch irgendwelche Infos braucht meldet euch!



Vielen Dank für eure tolle Hilfe!!!!!

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

• Bitte arbeite alle Schritte der Reihe nach ab.
• Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
• Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
• Bitte kein Crossposting (posten in mehreren Foren).
• Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
• Speichere alle unsere Tools auf dem Desktop ab.
• Poste die Logfiles direkt in Deinen Thread in Code-Tags.
• Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Bitte FRST-Log vollständig posten!

Zitat:

Zitat von deeprybka

Bitte FRST-Log vollständig posten!

Danke für deine Hilfe!

Aber was fehlt denn da? Beide Dateien sind das, mehr hat er nicht ausgespuckt!

Naja, es wäre in der Tat seltsam wenn beim Chrome im Log schon Ende wäre...

Dienste, Treiber, modifizierte und erstellte Dateien sind auch wichtig...

Zitat:

Zitat von deeprybka

Naja, es wäre in der Tat seltsam wenn beim Chrome im Log schon Ende wäre...

Dienste, Treiber, modifizierte und erstellte Dateien sind auch wichtig...

Nochmal, das ist alles!


FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-07-2014
Ran by Jona (administrator) on JONAPC on 03-07-2014 17:22:41
Running from I:\
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
( ) C:\Windows\System32\lxdacoms.exe
() C:\Users\Jona\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
(Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [BCSSync] => F:\Programme\Microsoft Office Pack\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-17610030-839998563-2177145587-1000\...\Run: [MediaFire Tray] => [X]
ShellIconOverlayIdentifiers: 1MediaFireIconError -> {5EE8C634-CDC0-453D-9731-DF0B19F4E807} => C:\Program Files\MediaFire Desktop\MediaFireIcon3_edc86.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 1MediaFireIconSynched -> {9A3B79CB-D899-40B5-8DBC-20447F1ADC8F} => C:\Program Files\MediaFire Desktop\MediaFireIcon_edc86.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 1MediaFireIconSyncing -> {C4D81971-6B13-4173-AB21-F83AD20CCC04} => C:\Program Files\MediaFire Desktop\MediaFireIcon2_edc86.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: MediaFireIconLock -> {759F3E92-F4E8-4953-8315-238B8B17E0F3} => C:\Program Files\MediaFire Desktop\MediaFireIcon4_edc86.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: MediaFireIconReadOnly -> {7995D0FC-769B-4197-AEC0-991921CB99E1} => C:\Program Files\MediaFire Desktop\MediaFireIcon5_edc86.dll (TODO: <Company name>)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=MF544B194-ECFB-4DFD-A2B0-5AE82508B40F&SearchSource=55&CUI=&UM=5&UP=SPDEAE4214-E735-455A-9CAF-73CA57767414&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE5154D72AA3FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Programme\Microsoft Office Pack\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - F:\Programme\Microsoft Office Pack\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Jona\AppData\Roaming\Mozilla\Firefox\Profiles\ut86ydbj.default
FF Homepage: hxxp://search.conduit.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=MF544B194-ECFB-4DFD-A2B0-5AE82508B40F&SearchSource=55&CUI=&UM=5&UP=SPDEAE4214-E735-455A-9CAF-73CA57767414&SSPV=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.4.0 - C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - F:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - F:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Jona\AppData\Roaming\Mozilla\Firefox\Profiles\ut86ydbj.default\user.js
FF SearchPlugin: C:\Users\Jona\AppData\Roaming\Mozilla\Firefox\Profiles\ut86ydbj.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=MF544B194-ECFB-4DFD-A2B0-5AE82508B40F&SearchSource=55&CUI=&UM=5&UP=SPDEAE4214-E735-455A-9CAF-73CA57767414&SSPV=
CHR StartupUrls: "hxxp://multicultipage.bplaced.net/"
CHR Extension: (Google Translate) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-05-27]
CHR Extension: (Google Docs) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-20]
CHR Extension: (Google Drive) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-20]
CHR Extension: (Web Developer) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-05-16]
CHR Extension: (YouTube) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-20]
CHR Extension: (Telegram UNOFFICIAL) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhhggbfdinjmjhajaheehoeibfljjno [2014-03-20]
CHR Extension: (Google-Suche) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-20]
CHR Extension: (Button Generator) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\njphjoojdldjpogfhbncccnkldebgbnd [2014-05-15]
CHR Extension: (Google Wallet) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-20]
CHR Extension: (Google Mail) - C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-20]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S4 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1889616 2014-06-23] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-04-15] (LogMeIn, Inc.)
R2 lxda_device; C:\Windows\system32\lxdacoms.exe [537520 2007-04-26] ( )
R2 MF NTFS Monitor; C:\Users\Jona\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe [457736 2014-05-30] ()
S3 Microsoft SharePoint Workspace Audit Service; F:\Programme\Microsoft Office Pack\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80472 2012-09-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19701080 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-06-30] ()
S3 wampmysqld; U:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [10959360 2014-05-01] () [File not signed]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 mfmonitor; C:\Windows\System32\DRIVERS\mfmonitor_x86.sys [19160 2013-12-06] (Windows (R) Win 7 DDK provider)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19400 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-25] (Avira GmbH)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
S1 vmm; \??\C:\Windows\system32\Drivers\vmm.sys [X]
U3 wampapache; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-03 17:13 - 2014-07-03 17:16 - 00036818 _____ () C:\Users\Jona\Desktop\FRST.txt
2014-07-03 17:12 - 2014-07-03 16:52 - 01073664 _____ (Farbar) C:\Users\Jona\Desktop\FRST.exe
2014-07-03 17:00 - 2014-07-03 17:22 - 00000000 ___DC () C:\FRST
2014-07-02 22:33 - 2014-07-02 22:33 - 00000000 ____D () C:\Users\Jona\AppData\Local\Macromedia
2014-07-02 22:25 - 2014-07-02 22:25 - 00045366 _____ () C:\Users\Jona\AppData\Local\recently-used.xbel
2014-06-30 21:51 - 2014-06-30 21:51 - 00000532 _____ () C:\Users\Jona\Desktop\WampServer.lnk
2014-06-30 21:51 - 2014-06-30 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
2014-06-30 21:32 - 2014-06-30 21:32 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-30 21:32 - 2014-06-30 21:32 - 00000000 ___RD () C:\Program Files\Skype
2014-06-30 21:32 - 2014-06-30 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-30 21:32 - 2014-06-30 21:32 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-30 20:04 - 2014-06-30 20:04 - 00000000 ____D () C:\Program Files\Battlelog Web Plugins
2014-06-30 19:29 - 2014-06-30 19:30 - 00000000 ____D () C:\Users\Jona\.zenmap
2014-06-30 19:28 - 2014-06-30 19:28 - 00000649 _____ () C:\Users\Jona\Desktop\Nmap - Zenmap GUI.lnk
2014-06-30 19:28 - 2014-06-30 19:28 - 00000000 ____D () C:\Users\Jona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2014-06-30 19:28 - 2014-06-30 19:28 - 00000000 ____D () C:\Program Files\WinPcap
2014-06-30 18:49 - 2014-06-30 18:51 - 00000000 ____D () C:\Users\Jona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PHPTriad
2014-06-30 18:49 - 2014-06-30 18:49 - 00000000 ___DC () C:\winnt
2014-06-30 18:49 - 2014-06-30 18:49 - 00000000 ___DC () C:\phptriad
2014-06-30 18:49 - 2014-06-30 18:49 - 00000000 ___DC () C:\apache
2014-06-30 18:20 - 2014-06-30 18:20 - 00000834 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-06-30 18:20 - 2014-06-30 18:20 - 00000834 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-06-28 20:32 - 2014-06-28 20:32 - 00000684 _____ () C:\Users\Administrator.JONAPC\Desktop\Aptana Studio 3.lnk
2014-06-28 19:32 - 2014-06-28 19:32 - 00000824 _____ () C:\Users\Jona\Desktop\Microsoft Expression Web 4.lnk
2014-06-28 19:15 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-06-28 19:14 - 2014-06-28 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-06-28 19:14 - 2014-06-28 19:14 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-06-27 20:26 - 2014-06-27 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-27 20:26 - 2009-03-18 18:35 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-06-27 20:25 - 2014-06-27 20:26 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-06-17 15:35 - 2014-06-17 15:35 - 00000104 _____ () C:\Users\Jona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Standardprogramme - Verknüpfung.lnk
2014-06-17 15:35 - 2014-06-17 15:35 - 00000000 ___RD () C:\Users\Jona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Geräte und Drucker - Verknüpfung
2014-06-17 15:33 - 2006-05-11 06:14 - 00073728 _____ (Lexmark International, Inc.) C:\Windows\system32\lxdapwr.dll
2014-06-17 15:33 - 2006-04-17 19:48 - 00200704 _____ (Lexmark International, Inc.) C:\Windows\system32\lexlmpm.dll
2014-06-17 15:33 - 2006-04-17 19:42 - 00311296 _____ (Lexmark International, Inc.) C:\Windows\system32\LEXBCES.EXE
2014-06-17 15:33 - 2006-04-17 19:42 - 00198144 _____ (Lexmark International, Inc.) C:\Windows\system32\LEX2KUSB.DLL
2014-06-17 15:33 - 2006-04-17 19:41 - 00201216 _____ (Lexmark International, Inc.) C:\Windows\system32\LEXP2P32.DLL
2014-06-17 15:33 - 2006-04-17 19:41 - 00174592 _____ (Lexmark International, Inc.) C:\Windows\system32\LEXPPS.EXE
2014-06-17 15:33 - 2006-04-17 19:41 - 00147456 _____ (Lexmark International, Inc.) C:\Windows\system32\LEXBCE.DLL
2014-06-14 20:40 - 2014-06-14 20:40 - 00003584 _____ () C:\Users\Jona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-14 16:24 - 2014-06-14 16:25 - 00000000 ____D () C:\Users\Jona\AppData\Local\Adobe
2014-06-12 16:27 - 2014-06-15 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-06-12 16:27 - 2014-06-12 16:27 - 00000927 _____ () C:\Users\Jona\Desktop\FileZilla.lnk
2014-06-12 08:45 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 08:45 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 08:45 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 08:45 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 08:44 - 2014-05-24 03:27 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 08:44 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 08:44 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 08:44 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 08:44 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 08:44 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 08:44 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 08:44 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 08:44 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 08:44 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 08:44 - 2014-05-24 02:06 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-12 08:40 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 08:40 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 08:40 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 08:40 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 08:40 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-10 21:22 - 2014-06-10 21:22 - 00000000 ____D () C:\Program Files\MSECache
2014-06-07 22:50 - 2014-06-07 22:50 - 00000000 _____ () C:\Users\Jona\AppData\Local\{6FAECDCC-2329-4941-BF48-2AE68C725B08}
2014-06-06 21:53 - 2014-06-06 21:53 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-06 20:42 - 2014-06-06 21:25 - 00000000 ____D () C:\Users\Jona\AppData\Roaming\tor
2014-06-06 15:02 - 2014-06-06 15:25 - 00000000 ____D () C:\Users\Jona\Documents\FIFA World
2014-06-05 22:29 - 2014-06-05 22:29 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-05 22:29 - 2014-06-05 22:29 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-05 21:23 - 2014-06-05 21:23 - 00000000 ____D () C:\Users\Jona\Documents\Fächer Sicherheitskopie
2014-06-05 19:55 - 2014-06-05 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-05 19:55 - 2014-06-05 19:55 - 00003095 _____ () C:\Users\Jona\Desktop\Microsoft PowerPoint 2010.lnk
2014-06-05 19:54 - 2014-06-05 19:54 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-05 19:54 - 2014-06-05 19:54 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-06-05 19:54 - 2014-06-05 19:54 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-06-05 19:51 - 2014-06-05 19:51 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-06-05 19:50 - 2014-06-12 17:43 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-05 19:50 - 2014-06-07 18:42 - 00000000 ____D () C:\Users\Jona\AppData\Local\Microsoft Help
2014-06-04 20:27 - 2014-07-01 16:32 - 00000000 ____D () C:\Users\Jona\AppData\Local\LogMeIn Hamachi
2014-06-04 20:27 - 2014-06-04 20:27 - 00000000 ____D () C:\Users\Jona\AppData\Local\LogMeIn
2014-06-04 20:27 - 2014-06-04 20:27 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-06-03 21:55 - 2014-06-03 21:55 - 04996210 _____ (Tim Kosse) C:\Users\Jona\Downloads\FileZilla_3.8.1_win32-setup.exe
2014-06-03 16:38 - 2014-06-30 20:10 - 00297088 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-06-03 16:38 - 2014-06-03 16:38 - 00000000 ____D () C:\Users\Jona\Documents\Battlefield 3
2014-06-03 16:38 - 2014-06-03 16:38 - 00000000 ____D () C:\Users\Jona\AppData\Local\PunkBuster

==================== One Month Modified Files and Folders =======

2014-07-03 17:42 - 2014-05-19 13:57 - 00000000 ____D () C:\Users\Administrator.JONAPC
2014-07-03 17:42 - 2014-04-24 18:33 - 00000000 ____D () C:\Users\Jona\AppData\Local\gtk-2.0
2014-07-03 17:42 - 2014-03-21 16:44 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-03 17:42 - 2014-03-14 19:22 - 00000000 ____D () C:\Users\Jona
2014-07-03 17:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-07-03 17:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-07-03 17:22 - 2014-07-03 17:00 - 00000000 ___DC () C:\FRST
2014-07-03 17:17 - 2014-05-18 21:47 - 00000280 _____ () C:\Windows\Tasks\FF Watcher {F3F1A344-69ED-4689-8031-D686065E4419}.job
2014-07-03 17:16 - 2014-07-03 17:13 - 00036818 _____ () C:\Users\Jona\Desktop\FRST.txt
2014-07-03 17:11 - 2014-04-29 18:11 - 00000280 _____ () C:\Windows\Tasks\FF Watcher {C06124DF-5D94-4C79-93A7-767545A5F03F}.job
2014-07-03 16:56 - 2014-04-30 17:26 - 00000280 _____ () C:\Windows\Tasks\FF Watcher {6BC52A8A-733A-4149-9DB0-F70E345BFB75}.job
2014-07-03 16:55 - 2014-04-30 17:25 - 00000280 _____ () C:\Windows\Tasks\FF Watcher {591BDE40-27C6-4EF4-8260-58470B08B36A}.job
2014-07-03 16:52 - 2014-07-03 17:12 - 01073664 _____ (Farbar) C:\Users\Jona\Desktop\FRST.exe
2014-07-03 16:51 - 2014-03-20 20:24 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 16:51 - 2009-07-14 06:34 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-03 16:51 - 2009-07-14 06:34 - 00020304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 16:49 - 2014-03-14 19:54 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-03 16:48 - 2014-03-14 19:11 - 01360208 _____ () C:\Windows\WindowsUpdate.log
2014-07-03 16:44 - 2009-07-14 06:39 - 00059870 _____ () C:\Windows\setupact.log
2014-07-03 16:43 - 2014-03-20 20:24 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-03 16:43 - 2014-03-14 19:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-03 16:43 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 22:33 - 2014-07-02 22:33 - 00000000 ____D () C:\Users\Jona\AppData\Local\Macromedia
2014-07-02 22:25 - 2014-07-02 22:25 - 00045366 _____ () C:\Users\Jona\AppData\Local\recently-used.xbel
2014-07-02 22:25 - 2014-04-19 14:52 - 00000000 ____D () C:\Users\Jona\.gimp-2.8
2014-07-01 17:59 - 2014-03-20 20:39 - 00000000 ____D () C:\Users\Jona\AppData\Roaming\Skype
2014-07-01 16:32 - 2014-06-04 20:27 - 00000000 ____D () C:\Users\Jona\AppData\Local\LogMeIn Hamachi
2014-06-30 21:51 - 2014-06-30 21:51 - 00000532 _____ () C:\Users\Jona\Desktop\WampServer.lnk
2014-06-30 21:51 - 2014-06-30 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
2014-06-30 21:32 - 2014-06-30 21:32 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-30 21:32 - 2014-06-30 21:32 - 00000000 ___RD () C:\Program Files\Skype
2014-06-30 21:32 - 2014-06-30 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-30 21:32 - 2014-06-30 21:32 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-30 21:32 - 2014-03-20 20:39 - 00000000 ____D () C:\ProgramData\Skype
2014-06-30 21:00 - 2014-04-19 14:45 - 00000000 ____D () C:\ProgramData\Origin
2014-06-30 20:10 - 2014-06-03 16:38 - 00297088 _____ () C:\Windows\system32\PnkBstrB.xtr
2014-06-30 20:10 - 2014-06-02 20:35 - 00140520 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-06-30 20:10 - 2014-06-02 20:34 - 00297088 _____ () C:\Windows\system32\PnkBstrB.exe
2014-06-30 20:10 - 2014-06-02 20:34 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-06-30 20:05 - 2014-06-02 20:34 - 00280904 _____ () C:\Windows\system32\PnkBstrB.ex0
2014-06-30 20:04 - 2014-06-30 20:04 - 00000000 ____D () C:\Program Files\Battlelog Web Plugins
2014-06-30 19:30 - 2014-06-30 19:29 - 00000000 ____D () C:\Users\Jona\.zenmap
2014-06-30 19:28 - 2014-06-30 19:28 - 00000649 _____ () C:\Users\Jona\Desktop\Nmap - Zenmap GUI.lnk
2014-06-30 19:28 - 2014-06-30 19:28 - 00000000 ____D () C:\Users\Jona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2014-06-30 19:28 - 2014-06-30 19:28 - 00000000 ____D () C:\Program Files\WinPcap
2014-06-30 18:51 - 2014-06-30 18:49 - 00000000 ____D () C:\Users\Jona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PHPTriad
2014-06-30 18:49 - 2014-06-30 18:49 - 00000000 ___DC () C:\winnt
2014-06-30 18:49 - 2014-06-30 18:49 - 00000000 ___DC () C:\phptriad
2014-06-30 18:49 - 2014-06-30 18:49 - 00000000 ___DC () C:\apache
2014-06-30 18:38 - 2014-05-20 15:26 - 00000000 ____D () C:\Users\Jona\AppData\Roaming\FileZilla
2014-06-30 18:20 - 2014-06-30 18:20 - 00000834 _____ () C:\Users\Public\Desktop\GIMP 2.lnk
2014-06-30 18:20 - 2014-06-30 18:20 - 00000834 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-06-30 17:56 - 2014-03-20 20:22 - 00163576 _____ () C:\Users\Jona\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-30 17:19 - 2009-07-14 06:33 - 02470208 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-30 17:18 - 2010-11-20 23:48 - 00274312 _____ () C:\Windows\PFRO.log
2014-06-30 15:17 - 2014-05-20 19:01 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-06-30 15:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-30 15:12 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-30 15:08 - 2014-03-21 21:23 - 00000000 ____D () C:\Fraps
2014-06-30 14:58 - 2014-03-21 20:21 - 00000000 ____D () C:\Program Files\Steam
2014-06-30 13:56 - 2014-03-21 15:37 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-06-28 20:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-28 20:32 - 2014-06-28 20:32 - 00000684 _____ () C:\Users\Administrator.JONAPC\Desktop\Aptana Studio 3.lnk
2014-06-28 20:32 - 2014-05-18 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aptana
2014-06-28 19:32 - 2014-06-28 19:32 - 00000824 _____ () C:\Users\Jona\Desktop\Microsoft Expression Web 4.lnk
2014-06-28 19:14 - 2014-06-28 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-06-28 19:14 - 2014-06-28 19:14 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-06-28 11:56 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-27 20:26 - 2014-06-27 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-27 20:26 - 2014-06-27 20:25 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-06-17 21:02 - 2014-05-23 13:10 - 00000000 ____D () C:\Users\Jona\.freemind
2014-06-17 15:35 - 2014-06-17 15:35 - 00000104 _____ () C:\Users\Jona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Standardprogramme - Verknüpfung.lnk
2014-06-17 15:35 - 2014-06-17 15:35 - 00000000 ___RD () C:\Users\Jona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Geräte und Drucker - Verknüpfung
2014-06-16 14:12 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-15 18:19 - 2014-06-12 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-06-14 20:40 - 2014-06-14 20:40 - 00003584 _____ () C:\Users\Jona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-14 16:25 - 2014-06-14 16:24 - 00000000 ____D () C:\Users\Jona\AppData\Local\Adobe
2014-06-14 13:00 - 2014-04-19 15:52 - 00000000 ____D () C:\Users\Jona\Documents\FIFA 13
2014-06-13 15:15 - 2014-03-21 17:02 - 00000000 ____D () C:\Users\Jona\AppData\Roaming\Sony
2014-06-12 20:58 - 2014-03-20 20:26 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-12 19:22 - 2014-05-06 17:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 17:43 - 2014-06-05 19:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 17:42 - 2014-03-25 21:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 17:39 - 2014-03-25 21:37 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 16:27 - 2014-06-12 16:27 - 00000927 _____ () C:\Users\Jona\Desktop\FileZilla.lnk
2014-06-12 16:26 - 2014-03-22 11:48 - 00000000 ____D () C:\Program Files\Sony
2014-06-10 21:22 - 2014-06-10 21:22 - 00000000 ____D () C:\Program Files\MSECache
2014-06-08 11:37 - 2014-05-06 17:03 - 00000000 ___HD () C:\Users\Jona\.mediafire
2014-06-08 10:48 - 2014-06-12 08:40 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-12 08:40 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 10:35 - 2014-03-14 19:26 - 00007592 _____ () C:\Users\Jona\AppData\Local\Resmon.ResmonCfg
2014-06-07 22:50 - 2014-06-07 22:50 - 00000000 _____ () C:\Users\Jona\AppData\Local\{6FAECDCC-2329-4941-BF48-2AE68C725B08}
2014-06-07 18:42 - 2014-06-05 19:50 - 00000000 ____D () C:\Users\Jona\AppData\Local\Microsoft Help
2014-06-07 18:13 - 2014-03-23 17:50 - 00000237 _____ () C:\Windows\LEXSTAT.INI
2014-06-06 21:53 - 2014-06-06 21:53 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-06 21:25 - 2014-06-06 20:42 - 00000000 ____D () C:\Users\Jona\AppData\Roaming\tor
2014-06-06 20:36 - 2014-04-19 15:18 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-06 20:36 - 2014-04-19 15:18 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-06 15:25 - 2014-06-06 15:02 - 00000000 ____D () C:\Users\Jona\Documents\FIFA World
2014-06-05 22:29 - 2014-06-05 22:29 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-05 22:29 - 2014-06-05 22:29 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-05 21:23 - 2014-06-05 21:23 - 00000000 ____D () C:\Users\Jona\Documents\Fächer Sicherheitskopie
2014-06-05 19:58 - 2014-06-05 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-05 19:55 - 2014-06-05 19:55 - 00003095 _____ () C:\Users\Jona\Desktop\Microsoft PowerPoint 2010.lnk
2014-06-05 19:54 - 2014-06-05 19:54 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-05 19:54 - 2014-06-05 19:54 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-06-05 19:54 - 2014-06-05 19:54 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-06-05 19:54 - 2014-03-20 23:05 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-05 19:51 - 2014-06-05 19:51 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-06-05 19:51 - 2011-04-12 03:39 - 00000000 ____D () C:\Windows\ShellNew
2014-06-04 20:27 - 2014-06-04 20:27 - 00000000 ____D () C:\Users\Jona\AppData\Local\LogMeIn
2014-06-04 20:27 - 2014-06-04 20:27 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-06-03 21:55 - 2014-06-03 21:55 - 04996210 _____ (Tim Kosse) C:\Users\Jona\Downloads\FileZilla_3.8.1_win32-setup.exe
2014-06-03 16:38 - 2014-06-03 16:38 - 00000000 ____D () C:\Users\Jona\Documents\Battlefield 3
2014-06-03 16:38 - 2014-06-03 16:38 - 00000000 ____D () C:\Users\Jona\AppData\Local\PunkBuster

Some content of TEMP:
====================
C:\Users\Administrator.JONAPC\AppData\Local\Temp\avgnt.exe
C:\Users\Jona\AppData\Local\Temp\avgnt.exe
C:\Users\Jona\AppData\Local\Temp\uninst.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-10 09:55

==================== End Of Log ============================
         

--- --- ---

--- --- ---


FRST Additions Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-07-2014
Ran by Jona at 2014-07-03 17:02:56
Running from I:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe After Effects CS4 (HKLM\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (HKLM\...\Adobe_5aab5a491a3a52ae624fd639f6aaa95) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 Third Party Content (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Fonts All (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (Version: 2.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Aptana Studio 3 (HKLM\...\Aptana Studio 3) (Version: 3.4.2 - Appcelerator, Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 3™ (HKLM\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version:  - Relic Entertainment)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
DeshakerIF 2.01 (HKLM\...\{C39CDB78-924E-4DEE-94E8-97B77F1A6080}_is1) (Version:  - )
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
ffdshow v1.3.4530 [2014-02-09] (HKLM\...\ffdshow_is1) (Version: 1.3.4530.0 - )
FileZilla Client 3.8.1 (HKLM\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Free YouTube Download version 3.2.33.424 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.33.424 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
FreeMind (HKLM\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
IIS 8.0 Express (HKLM\...\{B8FFB7D6-6ABD-47C3-8BAD-86FF5D8F3EDC}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lexmark 640 Series (HKLM\...\Lexmark 640 Series) (Version:  - Lexmark International, Inc.)
LibreOffice 4.2.2.1 (HKLM\...\{0ECDB550-79ED-4E9E-851B-19A8B2B4EBFA}) (Version: 4.2.2.1 - The Document Foundation)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
MAGIX Content und Soundpools (HKLM\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM\...\MAGIX_{B03055E4-8381-4834-8CD6-602141C8D702}) (Version: 4.3.2.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 (HKLM\...\MX.{CC87429C-BC87-4D90-9D5F-C6D9721A6663}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM\...\MAGIX_{BA816CCA-0FEA-4A68-9AD0-4CF3D2DF40CC}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\MAGIX_{36F289DE-F9E6-4AD3-AD37-90CCB61F1638}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (HKLM\...\MAGIX_{9ADAE3A4-87DD-4091-B5E0-24F4B6F08F3A}) (Version: 11.0.5.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Version: 11.0.5.0 - MAGIX AG) Hidden
MediaFire Desktop (HKLM\...\MediaFire Desktop 0.10.36.9353) (Version: 0.10.52.9493 - MediaFire)
MediaInfo 0.7.69 (HKLM\...\MediaInfo) (Version: 0.7.69 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Expression Web 4 (HKLM\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Expression Web 4 (Version: 4.0.1460.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{30640168-E261-4261-B8FF-7FA5E0F6A2F1}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{E43AC95E-66B0-4CEC-AADD-C9BFEF5A4C0A}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{1D39E015-C3D2-45DE-B070-A69C5F2FB309}) (Version: 5.0.50430.0 - Microsoft Corporation)
Microsoft WebMatrix 3 (HKLM\...\{F3A4C164-245F-4548-AE80-BB766E16B637}) (Version: 2.0.1932 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nmap 6.46 (HKLM\...\Nmap) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shark007 Standard Codecs (HKLM\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 2.0.1 - Shark007)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SRWare Iron Version SRWare Iron 34.0.1850.0 (HKLM\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 34.0.1850.0 - SRWare)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 9.0 (HKLM\...\{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}) (Version: 9.0.1147 - Sony)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WampServer 2.5 (HKLM\...\WampServer 2_is1) (Version:  - Hervé Leclerc (HeL))
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
Wisdom-soft AutoScreenRecorder 3.1 Free (HKLM\...\Wisdom-soft AutoScreenRecorder 3.1 Free) (Version:  - Wisdom Software Inc.)
XMedia Recode Version 3.1.8.6 (HKLM\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.8.6 - XMedia Recode)

==================== Restore Points  =========================

30-06-2014 13:09:32 Removed Windows Phone Emulator - ENU
30-06-2014 13:10:04 Removed Skype™ 6.16
30-06-2014 13:10:41 Removed Adobe Media Player
30-06-2014 13:14:04 Removed LibreOffice 4.2.2.1
30-06-2014 13:15:42 Microsoft PowerPoint Viewer wird entfernt
30-06-2014 13:16:46 Removed Windows Phone SDK 7.1 Assemblies
01-07-2014 14:31:08 Windows Update
01-07-2014 16:00:22 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0E257772-C26E-4575-9FF7-C7FAA8FA7788} - System32\Tasks\{E9CEFB17-FAE6-4E28-962B-25A6D267E625} => C:\Users\Jona\Downloads\x264_r2431\x264-10b-r2431-ac76440.exe
Task: {333504A7-07DA-492D-817D-31BFD0C0CA4D} - System32\Tasks\FF Watcher {F3F1A344-69ED-4689-8031-D686065E4419} => C:\Program Files\V-bates\PrefHelper.exe
Task: {4E95A93D-867E-4687-8A52-47FE0FBC77B6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)
Task: {6D852DBB-4C08-408B-9B40-A9B8B3AE73CB} - System32\Tasks\FF Watcher {C06124DF-5D94-4C79-93A7-767545A5F03F} => C:\Program Files\V-bates\PrefHelper.exe
Task: {7E8E187B-0253-4266-826D-7E1324726C68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)
Task: {8A5D1D9B-4996-4172-ADCF-FD0D4867516A} - System32\Tasks\FF Watcher {6BC52A8A-733A-4149-9DB0-F70E345BFB75} => C:\Program Files\V-bates\PrefHelper.exe
Task: {E3792A5C-EDB0-4BB6-8DFA-EDF4EE997FC3} - System32\Tasks\FF Watcher {591BDE40-27C6-4EF4-8260-58470B08B36A} => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\FF Watcher {591BDE40-27C6-4EF4-8260-58470B08B36A}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\FF Watcher {6BC52A8A-733A-4149-9DB0-F70E345BFB75}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\FF Watcher {C06124DF-5D94-4C79-93A7-767545A5F03F}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\FF Watcher {F3F1A344-69ED-4689-8031-D686065E4419}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-14 19:38 - 2014-03-04 14:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-01 11:08 - 2014-06-01 11:08 - 00035328 _____ () F:\Programme\filezilla\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () F:\Programme\filezilla\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () F:\Programme\filezilla\FileZilla FTP Client\libstdc++-6.dll
2014-05-06 16:57 - 2014-05-30 01:04 - 00457736 _____ () C:\Users\Jona\AppData\Local\MediaFire Desktop\MFUsnMonitorService.exe
2014-06-02 20:34 - 2014-06-30 20:10 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-06-12 20:57 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-12 20:57 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-12 20:57 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 20:58 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 20:57 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MediaFire Tray => C:\Users\Jona\AppData\Local\MediaFire Desktop\mf_watch.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Registry Helper => "C:\Program Files\Registry Helper\RegistryHelper.Exe" /boot
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: TrayServer => F:\Programme\Magix\Videodeluxe\Programm\TrayServer_de.exe
MSCONFIG\startupreg: V-bates => C:\Program Files\V-bates\notifier.exe

==================== Faulty Device Manager Devices =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Virtual Machine Monitor
Description: Virtual Machine Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: vmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2014 04:45:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 04:43:58 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (07/02/2014 10:30:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2014 06:22:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 06:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 05:02:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 04:45:01 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting


For more information, see Help and Support Center at hxxp://www.mysql.com.

Error: (07/01/2014 04:45:01 PM) (Source: MySQL) (EventID: 100) (User: )
Description: wampmysqld: unknown option '--skip-locking'

For more information, see Help and Support Center at hxxp://www.mysql.com.

Error: (07/01/2014 04:26:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2014 09:55:18 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting


For more information, see Help and Support Center at hxxp://www.mysql.com.


System errors:
=============
Error: (07/03/2014 04:44:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vmm

Error: (07/03/2014 04:43:34 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (07/02/2014 10:29:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vmm

Error: (07/02/2014 10:28:17 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (07/02/2014 06:21:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vmm

Error: (07/02/2014 06:20:46 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (07/01/2014 06:03:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vmm

Error: (07/01/2014 06:02:09 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (07/01/2014 05:01:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vmm

Error: (07/01/2014 05:00:48 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.


Microsoft Office Sessions:
=========================
Error: (07/03/2014 04:45:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 04:43:58 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0

Error: (07/02/2014 10:30:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2014 06:22:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 06:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 05:02:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 04:45:01 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting

Error: (07/01/2014 04:45:01 PM) (Source: MySQL) (EventID: 100) (User: )
Description: wampmysqld: unknown option '--skip-locking'

Error: (07/01/2014 04:26:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2014 09:55:18 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Aborting


==================== Memory info =========================== 

Percentage of memory in use: 37%
Total physical RAM: 3327.3 MB
Available physical RAM: 2085.4 MB
Total Pagefile: 5372.59 MB
Available Pagefile: 3727.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:76.63 GB) (Free:2.14 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (DatenGrab) (Fixed) (Total:117.24 GB) (Free:103.88 GB) NTFS
Drive f: (Lokaler Datenträger) (Fixed) (Total:92.88 GB) (Free:63.41 GB) NTFS
Drive i: (Downloads) (Fixed) (Total:9.76 GB) (Free:6.63 GB) NTFS
Drive u: (PHP) (Fixed) (Total:13 GB) (Free:12.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 77 GB) (Disk ID: 2E2E2E2E)
Partition 1: (Active) - (Size=77 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: F9335D9E)
Partition 1: (Active) - (Size=117 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=93 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=13 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

--- --- ---


So, mehr gibt es wirklich nicht!

OK...

Schritt 1

Bitte deinstalliere folgende Programme:

Java 7 Update 51


Versuche es bei Windows 7 über Systemsteuerung/Programme deinstallieren.

Schritt 2
Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Downloade Dir HitmanProauf Deinen Desktop:

32 Bit Version
64 Bit Version

• Starte die HitmanPro.exe
• Klicke auf
  
• Entferne den Haken bei
  
• Klicke auf
  und
• Akzeptiere die Lizenzbedingungen und klicke auf
• Klicke auf
  
  und auf
• Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
  und speichere die Logdatei auf Deinem Desktop.
• Schließe HitmanPro und poste mir das Log.