Ich seh keine Werbung.

Mach die Schritte mal, wir müssen noch Reste entfernen

Ich kann den Eset Smartinstaller nicht starten, Webpage nicht gefunden/kann nicht angezeigt werden: "DNS Server antwortet nicht"
Security Check download konnte ich machen.
Kann das wieder mit dem Firmenserver zusammenhängen? Dann muss ich das wieder heut abend machen.

Danke und Grüsse T

Jap, das ist der Firmenserver

Dachte ich mir, dann muss ich das heut abend erledigen. Grüsse T.

alles klar

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=71c8441fc1bc634487b3e9c7c84ca522
# engine=14448
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-18 06:42:18
# local_time=2013-07-18 08:42:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3592 16777213 100 91 689676 124835434 0 0
# compatibility_mode=5893 16776574 100 94 374798 125802788 0 0
# scanned=21248
# found=0
# cleaned=0
# scan_time=892
         

Code: Alles auswählenAufklappen

ATTFilter

 Results of screen317's Security Check version 0.99.69  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Norton 360 Online   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Reader 9 Adobe Reader out of Date! 
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Info zu Security check: Hier hatte ich das Anti-Virus Programm sowie Firewall wieder aktiviert. Lediglich für ESET hatte ich beides ausgeschalten. Hoffe das war o.k.?
FRST kommt gleich


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by tanjawelter (administrator) on 18-07-2013 20:54:26
Running from C:\Users\tanjawelter\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe
(CyberLink Corp.) C:\Program Files (x86)\Hp\QuickPlay\QPService.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Samsung) C:\Program Files (x86)\Samsung\Samsung PC Studio 7\LaunchApplication.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSkypeDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaIPDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaOneXDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeDriver.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
() C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
() C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKCU\...\Run: [IncrediMail] - C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [366576 2012-11-25] (IncrediMail, Ltd.)
HKCU\...\Run: [EssentialPIM] - C:\Users\tanjawelter\Downloads\EssentialPIM\EssentialPIM.exe [1851488 2010-02-03] ()
HKCU\...\Run: [KiesHelper] - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [937360 2011-12-28] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2011-12-28] ()
HKCU\...\Policies\system: [WallpaperStyle] 2
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKLM-x32\...\Run: [QPService] - "C:\Program Files (x86)\HP\QuickPlay\QPService.exe" [468264 2009-06-23] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] - "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [x]
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [SamsungPCSuiteTrayApplication] - C:\Program Files (x86)\Samsung\Samsung PC Studio 7\LaunchApplication.exe -startup [278528 2008-06-27] (Samsung)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3508624 2011-12-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Users\Public\Downloads\Reader\Reader_sl.exe" [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x]
HKU\Default\...\Policies\system: [WallpaperStyle] 2
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x]
HKU\Default User\...\Policies\system: [WallpaperStyle] 2
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Jabra Device Service.lnk
ShortcutTarget: Jabra Device Service.lnk -> C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe (GN Netcom A/S)
Startup: C:\Users\tanjawelter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {6909600D-850C-4039-A976-405D5683290E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM - {92FA3C3C-A6A9-41D1-900D-5AB24BD70C2B} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {ECF80529-D0A3-4EA3-ACA4-6896B15AEC90} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {6909600D-850C-4039-A976-405D5683290E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKCU - DefaultScope {44940AE6-2C83-4B08-9366-968D2D081684} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deDE366
SearchScopes: HKCU - {44940AE6-2C83-4B08-9366-968D2D081684} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deDE366
SearchScopes: HKCU - {6909600D-850C-4039-A976-405D5683290E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_39 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Users\Public\Downloads\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: \searchplugins\MyStart Search.xml
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-10-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130717.001\IDSvia64.sys [513184 2012-12-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130717.001\IDSvia64.sys [513184 2012-12-21] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130718.004\ENG64.SYS [126040 2013-07-06] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130718.004\ENG64.SYS [126040 2013-07-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130718.004\EX64.SYS [2098776 2013-07-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130718.004\EX64.SYS [2098776 2013-07-06] (Symantec Corporation)
S3 nmwcdsacjx64; C:\Windows\System32\drivers\nmwcdsacjx64.sys [17408 2007-05-02] (Nokia)
S3 nmwcdsacx64; C:\Windows\System32\drivers\nmwcdsacx64.sys [12288 2007-05-02] (Nokia)
S3 nmwcdsax64; C:\Windows\System32\drivers\nmwcdsax64.sys [171008 2007-05-02] (Nokia)
S1 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
U4 eabfiltr; 
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 SYMFW; \SystemRoot\System32\Drivers\N360x64\0308000.029\SYMFW.SYS [x]
S3 SYMNDISV; \SystemRoot\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-18 09:40 - 2013-07-18 09:40 - 00891022 _____ C:\Users\tanjawelter\Desktop\SecurityCheck.exe
2013-07-17 21:14 - 2013-07-17 21:14 - 00002179 _____ C:\Users\tanjawelter\Desktop\JRT.txt
2013-07-17 21:07 - 2013-07-17 21:07 - 00000000 ____D C:\Windows\ERUNT
2013-07-17 21:06 - 2013-07-17 21:06 - 00559459 _____ (Oleg N. Scherbakov) C:\Users\tanjawelter\Desktop\JRT.exe
2013-07-17 20:58 - 2013-07-17 20:58 - 00008390 _____ C:\AdwCleaner[S1].txt
2013-07-17 20:55 - 2013-07-17 20:55 - 00662345 _____ C:\Users\tanjawelter\Desktop\adwcleaner.exe
2013-07-17 14:40 - 2013-07-17 14:41 - 00022386 _____ C:\Users\tanjawelter\Desktop\Addition.txt
2013-07-17 14:39 - 2013-07-17 14:39 - 00000000 ____D C:\FRST
2013-07-17 14:37 - 2013-07-17 14:37 - 01778209 _____ (Farbar) C:\Users\tanjawelter\Desktop\FRST64.exe
2013-07-17 12:33 - 2013-07-17 14:23 - 00000000 ____D C:\Users\TANJAW~1\AppData\Local\LogMeIn Rescue Applet
2013-07-16 21:26 - 2013-07-16 21:26 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-16 21:26 - 2013-07-16 21:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-14 00:21 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-14 00:21 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-14 00:21 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-14 00:21 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-14 00:21 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-14 00:21 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-14 00:21 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-14 00:21 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-14 00:21 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-14 00:21 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-14 00:21 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-14 00:21 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-14 00:21 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-14 00:21 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-14 00:21 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-14 00:21 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-14 00:21 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-14 00:21 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-14 00:21 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-14 00:21 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-14 00:21 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-14 00:21 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-14 00:21 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-14 00:21 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-14 00:21 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-14 00:21 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-14 00:21 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-14 00:21 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-14 00:21 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-14 00:21 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-14 00:21 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-14 00:21 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 20:18 - 2013-07-12 20:18 - 00001413 _____ C:\Users\tanjawelter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-11 07:17 - 2013-07-11 07:17 - 00000000 ____D C:\5cc06d20a36bc158efbe0eb245
2013-07-11 06:03 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 06:03 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 06:03 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 06:03 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 06:02 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 06:02 - 2013-04-10 07:45 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 06:02 - 2013-04-10 07:02 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 21:04 - 2013-07-10 21:05 - 02989560 _____ (Symantec Corporation) C:\Users\tanjawelter\Downloads\NPE (1).exe
2013-07-09 22:11 - 2013-07-09 22:11 - 00000271 _____ C:\Users\tanjawelter\Desktop\tw70 - Microsoft Community.url
2013-07-04 07:13 - 2013-07-04 07:13 - 00000204 _____ C:\Users\tanjawelter\Desktop\Cookies und Websitedaten verwalten - Google Chrome-Hilfe.url
2013-06-30 22:20 - 2013-06-30 22:20 - 00000153 _____ C:\Users\tanjawelter\Desktop\Der Wasserfallweg bei Nesselwang.url
2013-06-30 22:07 - 2013-06-30 22:07 - 00000328 _____ C:\Users\tanjawelter\Desktop\Touren Nesselwang Wandern Nesselwang.url
2013-06-30 21:58 - 2013-06-30 21:58 - 00000253 _____ C:\Users\tanjawelter\Desktop\Nesselwang - ALPregio#lat=47.582547154806285&lng=10.419845581054687&z=11&mt=alpstein_map&activ=Wandern&tab=ToursTab#lat=47.582547154806285&lng=10.419845581054687&z=11&mt=alpstein_map&activ=Wandern&tab=ToursTab.url
2013-06-22 14:39 - 2013-06-22 14:39 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360

==================== One Month Modified Files and Folders =======

2013-07-18 20:36 - 2009-09-25 01:25 - 01345008 _____ C:\Windows\WindowsUpdate.log
2013-07-18 19:36 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-18 19:36 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-18 19:29 - 2009-09-25 01:55 - 00000292 _____ C:\ProgramData\hpqp.ini
2013-07-18 19:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-18 19:28 - 2009-07-14 06:51 - 00246793 _____ C:\Windows\setupact.log
2013-07-18 09:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-18 09:40 - 2013-07-18 09:40 - 00891022 _____ C:\Users\tanjawelter\Desktop\SecurityCheck.exe
2013-07-18 09:40 - 2009-09-30 06:16 - 01439342 _____ C:\Windows\system32\perfh007.dat
2013-07-18 09:40 - 2009-09-30 06:16 - 00381194 _____ C:\Windows\system32\perfc007.dat
2013-07-18 09:40 - 2009-07-14 07:13 - 00005210 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-17 21:14 - 2013-07-17 21:14 - 00002179 _____ C:\Users\tanjawelter\Desktop\JRT.txt
2013-07-17 21:07 - 2013-07-17 21:07 - 00000000 ____D C:\Windows\ERUNT
2013-07-17 21:06 - 2013-07-17 21:06 - 00559459 _____ (Oleg N. Scherbakov) C:\Users\tanjawelter\Desktop\JRT.exe
2013-07-17 20:58 - 2013-07-17 20:58 - 00008390 _____ C:\AdwCleaner[S1].txt
2013-07-17 20:55 - 2013-07-17 20:55 - 00662345 _____ C:\Users\tanjawelter\Desktop\adwcleaner.exe
2013-07-17 20:19 - 2011-11-02 22:22 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-07-17 20:19 - 2010-02-16 07:37 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-07-17 14:41 - 2013-07-17 14:40 - 00022386 _____ C:\Users\tanjawelter\Desktop\Addition.txt
2013-07-17 14:39 - 2013-07-17 14:39 - 00000000 ____D C:\FRST
2013-07-17 14:37 - 2013-07-17 14:37 - 01778209 _____ (Farbar) C:\Users\tanjawelter\Desktop\FRST64.exe
2013-07-17 14:23 - 2013-07-17 12:33 - 00000000 ____D C:\Users\TANJAW~1\AppData\Local\LogMeIn Rescue Applet
2013-07-17 14:22 - 2009-09-25 01:51 - 00368354 _____ C:\Windows\PFRO.log
2013-07-16 21:26 - 2013-07-16 21:26 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-16 21:26 - 2013-07-16 21:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-14 20:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-14 14:24 - 2009-09-29 21:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-14 14:03 - 2012-12-22 22:17 - 00000000 ____D C:\Users\TANJAW~1\AppData\Local\NPE
2013-07-14 12:35 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-14 12:35 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-14 00:24 - 2011-01-08 23:07 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-12 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-07-12 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-07-12 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-07-12 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-07-12 20:18 - 2013-07-12 20:18 - 00001413 _____ C:\Users\tanjawelter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-12 20:18 - 2011-07-18 07:22 - 00001447 _____ C:\Users\tanjawelter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-12 20:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-11 20:04 - 2009-07-14 06:45 - 00406112 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-11 07:17 - 2013-07-11 07:17 - 00000000 ____D C:\5cc06d20a36bc158efbe0eb245
2013-07-10 21:05 - 2013-07-10 21:04 - 02989560 _____ (Symantec Corporation) C:\Users\tanjawelter\Downloads\NPE (1).exe
2013-07-09 22:11 - 2013-07-09 22:11 - 00000271 _____ C:\Users\tanjawelter\Desktop\tw70 - Microsoft Community.url
2013-07-05 20:45 - 2010-03-25 07:36 - 00000000 ____D C:\Users\tanjawelter\1u1
2013-07-04 07:13 - 2013-07-04 07:13 - 00000204 _____ C:\Users\tanjawelter\Desktop\Cookies und Websitedaten verwalten - Google Chrome-Hilfe.url
2013-06-30 22:20 - 2013-06-30 22:20 - 00000153 _____ C:\Users\tanjawelter\Desktop\Der Wasserfallweg bei Nesselwang.url
2013-06-30 22:07 - 2013-06-30 22:07 - 00000328 _____ C:\Users\tanjawelter\Desktop\Touren Nesselwang Wandern Nesselwang.url
2013-06-30 21:58 - 2013-06-30 21:58 - 00000253 _____ C:\Users\tanjawelter\Desktop\Nesselwang - ALPregio#lat=47.582547154806285&lng=10.419845581054687&z=11&mt=alpstein_map&activ=Wandern&tab=ToursTab#lat=47.582547154806285&lng=10.419845581054687&z=11&mt=alpstein_map&activ=Wandern&tab=ToursTab.url
2013-06-28 05:51 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-22 14:39 - 2013-06-22 14:39 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-06-22 14:33 - 2012-12-23 20:56 - 00003206 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-06-22 14:33 - 2010-02-16 07:56 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2013-06-21 20:05 - 2010-02-16 07:56 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-06-21 20:05 - 2010-02-16 07:56 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-14 20:24

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

--- --- ---


FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by tanjawelter (administrator) on 18-07-2013 20:54:26
Running from C:\Users\tanjawelter\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe
(CyberLink Corp.) C:\Program Files (x86)\Hp\QuickPlay\QPService.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Samsung) C:\Program Files (x86)\Samsung\Samsung PC Studio 7\LaunchApplication.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSkypeDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaIPDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraAvayaOneXDriver.exe
(GN Netcom A/S) C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraSametimeDriver.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
() C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
() C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKCU\...\Run: [IncrediMail] - C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [366576 2012-11-25] (IncrediMail, Ltd.)
HKCU\...\Run: [EssentialPIM] - C:\Users\tanjawelter\Downloads\EssentialPIM\EssentialPIM.exe [1851488 2010-02-03] ()
HKCU\...\Run: [KiesHelper] - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [937360 2011-12-28] (Samsung)
HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2011-12-28] ()
HKCU\...\Policies\system: [WallpaperStyle] 2
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKLM-x32\...\Run: [QPService] - "C:\Program Files (x86)\HP\QuickPlay\QPService.exe" [468264 2009-06-23] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] - "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdatePRCShortCut] - "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [x]
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [500792 2010-03-23] (Hewlett-Packard Company)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [SamsungPCSuiteTrayApplication] - C:\Program Files (x86)\Samsung\Samsung PC Studio 7\LaunchApplication.exe -startup [278528 2008-06-27] (Samsung)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3508624 2011-12-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Users\Public\Downloads\Reader\Reader_sl.exe" [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x]
HKU\Default\...\Policies\system: [WallpaperStyle] 2
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [x]
HKU\Default User\...\Policies\system: [WallpaperStyle] 2
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Jabra Device Service.lnk
ShortcutTarget: Jabra Device Service.lnk -> C:\Program Files (x86)\Jabra\Jabra PC Suite\JabraDeviceService.exe (GN Netcom A/S)
Startup: C:\Users\tanjawelter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {6909600D-850C-4039-A976-405D5683290E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM - {92FA3C3C-A6A9-41D1-900D-5AB24BD70C2B} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {ECF80529-D0A3-4EA3-ACA4-6896B15AEC90} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcnnbie7-de-de
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {6909600D-850C-4039-A976-405D5683290E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKCU - DefaultScope {44940AE6-2C83-4B08-9366-968D2D081684} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deDE366
SearchScopes: HKCU - {44940AE6-2C83-4B08-9366-968D2D081684} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_deDE366
SearchScopes: HKCU - {6909600D-850C-4039-A976-405D5683290E} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_39 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Users\Public\Downloads\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: \searchplugins\MyStart Search.xml
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-12-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-10-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130717.001\IDSvia64.sys [513184 2012-12-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130717.001\IDSvia64.sys [513184 2012-12-21] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130718.004\ENG64.SYS [126040 2013-07-06] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130718.004\ENG64.SYS [126040 2013-07-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130718.004\EX64.SYS [2098776 2013-07-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130718.004\EX64.SYS [2098776 2013-07-06] (Symantec Corporation)
S3 nmwcdsacjx64; C:\Windows\System32\drivers\nmwcdsacjx64.sys [17408 2007-05-02] (Nokia)
S3 nmwcdsacx64; C:\Windows\System32\drivers\nmwcdsacx64.sys [12288 2007-05-02] (Nokia)
S3 nmwcdsax64; C:\Windows\System32\drivers\nmwcdsax64.sys [171008 2007-05-02] (Nokia)
S1 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
U4 eabfiltr; 
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 SYMFW; \SystemRoot\System32\Drivers\N360x64\0308000.029\SYMFW.SYS [x]
S3 SYMNDISV; \SystemRoot\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-18 09:40 - 2013-07-18 09:40 - 00891022 _____ C:\Users\tanjawelter\Desktop\SecurityCheck.exe
2013-07-17 21:14 - 2013-07-17 21:14 - 00002179 _____ C:\Users\tanjawelter\Desktop\JRT.txt
2013-07-17 21:07 - 2013-07-17 21:07 - 00000000 ____D C:\Windows\ERUNT
2013-07-17 21:06 - 2013-07-17 21:06 - 00559459 _____ (Oleg N. Scherbakov) C:\Users\tanjawelter\Desktop\JRT.exe
2013-07-17 20:58 - 2013-07-17 20:58 - 00008390 _____ C:\AdwCleaner[S1].txt
2013-07-17 20:55 - 2013-07-17 20:55 - 00662345 _____ C:\Users\tanjawelter\Desktop\adwcleaner.exe
2013-07-17 14:40 - 2013-07-17 14:41 - 00022386 _____ C:\Users\tanjawelter\Desktop\Addition.txt
2013-07-17 14:39 - 2013-07-17 14:39 - 00000000 ____D C:\FRST
2013-07-17 14:37 - 2013-07-17 14:37 - 01778209 _____ (Farbar) C:\Users\tanjawelter\Desktop\FRST64.exe
2013-07-17 12:33 - 2013-07-17 14:23 - 00000000 ____D C:\Users\TANJAW~1\AppData\Local\LogMeIn Rescue Applet
2013-07-16 21:26 - 2013-07-16 21:26 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-16 21:26 - 2013-07-16 21:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-14 00:21 - 2013-05-29 08:15 - 17829376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-14 00:21 - 2013-05-29 07:50 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-14 00:21 - 2013-05-29 07:43 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-14 00:21 - 2013-05-29 07:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-14 00:21 - 2013-05-29 07:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-14 00:21 - 2013-05-29 07:34 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-14 00:21 - 2013-05-29 07:33 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-14 00:21 - 2013-05-29 07:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-14 00:21 - 2013-05-29 07:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-14 00:21 - 2013-05-29 07:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-14 00:21 - 2013-05-29 07:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-14 00:21 - 2013-05-29 07:27 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-14 00:21 - 2013-05-29 07:27 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-14 00:21 - 2013-05-29 07:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-14 00:21 - 2013-05-29 07:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-14 00:21 - 2013-05-29 07:18 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-14 00:21 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-14 00:21 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-14 00:21 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-14 00:21 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-14 00:21 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-14 00:21 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-14 00:21 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-14 00:21 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-14 00:21 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-14 00:21 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-14 00:21 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-14 00:21 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-14 00:21 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-14 00:21 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-14 00:21 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-14 00:21 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 20:18 - 2013-07-12 20:18 - 00001413 _____ C:\Users\tanjawelter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-11 07:17 - 2013-07-11 07:17 - 00000000 ____D C:\5cc06d20a36bc158efbe0eb245
2013-07-11 06:03 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 06:03 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 06:03 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 06:03 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 06:02 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 06:02 - 2013-04-10 07:45 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 06:02 - 2013-04-10 07:02 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 21:04 - 2013-07-10 21:05 - 02989560 _____ (Symantec Corporation) C:\Users\tanjawelter\Downloads\NPE (1).exe
2013-07-09 22:11 - 2013-07-09 22:11 - 00000271 _____ C:\Users\tanjawelter\Desktop\tw70 - Microsoft Community.url
2013-07-04 07:13 - 2013-07-04 07:13 - 00000204 _____ C:\Users\tanjawelter\Desktop\Cookies und Websitedaten verwalten - Google Chrome-Hilfe.url
2013-06-30 22:20 - 2013-06-30 22:20 - 00000153 _____ C:\Users\tanjawelter\Desktop\Der Wasserfallweg bei Nesselwang.url
2013-06-30 22:07 - 2013-06-30 22:07 - 00000328 _____ C:\Users\tanjawelter\Desktop\Touren Nesselwang Wandern Nesselwang.url
2013-06-30 21:58 - 2013-06-30 21:58 - 00000253 _____ C:\Users\tanjawelter\Desktop\Nesselwang - ALPregio#lat=47.582547154806285&lng=10.419845581054687&z=11&mt=alpstein_map&activ=Wandern&tab=ToursTab#lat=47.582547154806285&lng=10.419845581054687&z=11&mt=alpstein_map&activ=Wandern&tab=ToursTab.url
2013-06-22 14:39 - 2013-06-22 14:39 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360

==================== One Month Modified Files and Folders =======

2013-07-18 20:36 - 2009-09-25 01:25 - 01345008 _____ C:\Windows\WindowsUpdate.log
2013-07-18 19:36 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-18 19:36 - 2009-07-14 06:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-18 19:29 - 2009-09-25 01:55 - 00000292 _____ C:\ProgramData\hpqp.ini
2013-07-18 19:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-18 19:28 - 2009-07-14 06:51 - 00246793 _____ C:\Windows\setupact.log
2013-07-18 09:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-18 09:40 - 2013-07-18 09:40 - 00891022 _____ C:\Users\tanjawelter\Desktop\SecurityCheck.exe
2013-07-18 09:40 - 2009-09-30 06:16 - 01439342 _____ C:\Windows\system32\perfh007.dat
2013-07-18 09:40 - 2009-09-30 06:16 - 00381194 _____ C:\Windows\system32\perfc007.dat
2013-07-18 09:40 - 2009-07-14 07:13 - 00005210 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-17 21:14 - 2013-07-17 21:14 - 00002179 _____ C:\Users\tanjawelter\Desktop\JRT.txt
2013-07-17 21:07 - 2013-07-17 21:07 - 00000000 ____D C:\Windows\ERUNT
2013-07-17 21:06 - 2013-07-17 21:06 - 00559459 _____ (Oleg N. Scherbakov) C:\Users\tanjawelter\Desktop\JRT.exe
2013-07-17 20:58 - 2013-07-17 20:58 - 00008390 _____ C:\AdwCleaner[S1].txt
2013-07-17 20:55 - 2013-07-17 20:55 - 00662345 _____ C:\Users\tanjawelter\Desktop\adwcleaner.exe
2013-07-17 20:19 - 2011-11-02 22:22 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-07-17 20:19 - 2010-02-16 07:37 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-07-17 14:41 - 2013-07-17 14:40 - 00022386 _____ C:\Users\tanjawelter\Desktop\Addition.txt
2013-07-17 14:39 - 2013-07-17 14:39 - 00000000 ____D C:\FRST
2013-07-17 14:37 - 2013-07-17 14:37 - 01778209 _____ (Farbar) C:\Users\tanjawelter\Desktop\FRST64.exe
2013-07-17 14:23 - 2013-07-17 12:33 - 00000000 ____D C:\Users\TANJAW~1\AppData\Local\LogMeIn Rescue Applet
2013-07-17 14:22 - 2009-09-25 01:51 - 00368354 _____ C:\Windows\PFRO.log
2013-07-16 21:26 - 2013-07-16 21:26 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-16 21:26 - 2013-07-16 21:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-14 20:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-14 14:24 - 2009-09-29 21:41 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-14 14:03 - 2012-12-22 22:17 - 00000000 ____D C:\Users\TANJAW~1\AppData\Local\NPE
2013-07-14 12:35 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-14 12:35 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-14 00:24 - 2011-01-08 23:07 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-12 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-07-12 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-07-12 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-07-12 22:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-07-12 20:18 - 2013-07-12 20:18 - 00001413 _____ C:\Users\tanjawelter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-07-12 20:18 - 2011-07-18 07:22 - 00001447 _____ C:\Users\tanjawelter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-12 20:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-11 20:04 - 2009-07-14 06:45 - 00406112 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-11 07:17 - 2013-07-11 07:17 - 00000000 ____D C:\5cc06d20a36bc158efbe0eb245
2013-07-10 21:05 - 2013-07-10 21:04 - 02989560 _____ (Symantec Corporation) C:\Users\tanjawelter\Downloads\NPE (1).exe
2013-07-09 22:11 - 2013-07-09 22:11 - 00000271 _____ C:\Users\tanjawelter\Desktop\tw70 - Microsoft Community.url
2013-07-05 20:45 - 2010-03-25 07:36 - 00000000 ____D C:\Users\tanjawelter\1u1
2013-07-04 07:13 - 2013-07-04 07:13 - 00000204 _____ C:\Users\tanjawelter\Desktop\Cookies und Websitedaten verwalten - Google Chrome-Hilfe.url
2013-06-30 22:20 - 2013-06-30 22:20 - 00000153 _____ C:\Users\tanjawelter\Desktop\Der Wasserfallweg bei Nesselwang.url
2013-06-30 22:07 - 2013-06-30 22:07 - 00000328 _____ C:\Users\tanjawelter\Desktop\Touren Nesselwang Wandern Nesselwang.url
2013-06-30 21:58 - 2013-06-30 21:58 - 00000253 _____ C:\Users\tanjawelter\Desktop\Nesselwang - ALPregio#lat=47.582547154806285&lng=10.419845581054687&z=11&mt=alpstein_map&activ=Wandern&tab=ToursTab#lat=47.582547154806285&lng=10.419845581054687&z=11&mt=alpstein_map&activ=Wandern&tab=ToursTab.url
2013-06-28 05:51 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-22 14:39 - 2013-06-22 14:39 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-06-22 14:33 - 2012-12-23 20:56 - 00003206 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-06-22 14:33 - 2010-02-16 07:56 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2013-06-21 20:05 - 2010-02-16 07:56 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-06-21 20:05 - 2010-02-16 07:56 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-14 20:24

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

Hallo "Schrauber",

ich glaube, das Thema wäre geschafft.... Wow. Sollte dies so sein, eine herzlichen Dank an Deine gedulgige Unterstützung und Hilfe!! Vielen vielen Dank. Die Trojaner Board Seite ist wirklich Bestens!
Sag mir einfach bescheid, ob somit alle Run's gelaufen sind. Die Popups, sowie Coupondropdown Links tauchen nicht mehr auf. computer läuft tadellos. Freu mich einfach nur.

Kann ich eigentlich die ganzen Downloads deinstallieren?

Sobald alles abgeschlossen, werde ich auf jeden Fall eine Spende machen, ihr habt's Euch wirklich verdient. LG T

Adobe bitte updaten. Fertig

Die Reihenfolge ist hier entscheidend.

1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
   • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
   • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
   • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
3. Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
   • Schließe alle offenen Programme.
   • Starte die delfix.exe mit einem Doppelklick.
   • Setze vor jede Funktion ein Häkchen.
   • Klicke auf Start.
   • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
   • Starte deinen Rechner abschließend neu.
4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

• Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
• Windows Updates
  • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
  • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
• Gehe sicher das die automatischen Updates aktiviert sind.
• Software Updates
  Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
  Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

• Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

• MalwareBytes Anti Malware
  Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
  Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
  Ein Tutorial zur Verwendung findest Du hier.
• WinPatrol
  Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

• SpywareBlaster
  Eine kurze Einführung findest du Hier
• MVPs hosts file
  Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
• WOT (Web of trust)
  Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

• Opera
• Mozilla Firefox.
  • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    
  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
    Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts

• Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
• verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
• Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
• Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Alles erledigt, passt:-). Danke auch für die vielen Tips, hab mir alles Notwenige runtergeladen. Der Threat kann dann also geschlossen werden.... Danke nochmals!!!!! Grüsse T

Gern Geschehen