Probleme mit PUP.Optional.Iminent.A

Kapitän · 09.01.2014, 22:02

Hallo,

hatte Probleme mit PUP.Optional.Iminent.A. Habe mit dem JRT-Tool versucht alle Schädlingsprogramme zu beseitigen. Könnte sich mal jemand die Kopie meines JRT-Editors anschauen, ob alle Schädlingsprogramme erfolgreich beseitigt wurden? Danke

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by J”rg on 09.01.2014 at 21:39:25,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apnupdater
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\482aa67ad25e6e74e9f48bd5fbe8533c
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\482aa67ad25e6e74e9f48bd5fbe8533c
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontoolbarsrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontoolbarsrv_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoods_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\facemoods_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{118d6ce9-5f18-42f9-958a-14676a629fde}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a76aa284-e52d-47e6-9e4f-b85dbf8e35c3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB01620.IEToolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB01620.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB01620.IEToolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB01620.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_tor(1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_tor(1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_tor_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_tor_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_tor(1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_tor(1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_tor_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_tor_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8BC55D5A-7F6C-4460-A649-D96F0097A2C1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"

~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\registrybooster.job

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\iminent"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\Users\J”rg\AppData\Roaming\iminent"
Successfully deleted: [Folder] "C:\Users\J”rg\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\J”rg\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\J”rg\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\umbrella"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
Successfully deleted: [Empty Folder] C:\Users\J”rg\appdata\local\{3F23ACB1-885E-4BAB-9DA5-16E98EF415B6}
Successfully deleted: [Empty Folder] C:\Users\J”rg\appdata\local\{6D1C1E91-6D3A-4A91-AD77-871269C58C80}
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\Users\J”rg\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com"
Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"

~~~ FireFox

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdsrch.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\safesearch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdsrch.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\safesearch.xml"
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\user.js
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\w8pepqn3.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\w8pepqn3.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\w8pepqn3.default\searchplugins\safesearch.xml
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\f7t3fg5x.Standard-Benutzer\searchplugins\safesearch.xml
Successfully deleted: [Folder] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\w8pepqn3.default\extensions\ffxtlbr@babylon.com
Successfully deleted: [Folder] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\w8pepqn3.default\extensions\toolbar@ask.com
Successfully deleted: [Folder] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\w8pepqn3.default\extensions\{c9b68337-e93a-44ea-94dc-cb300ec06444}
Successfully deleted: [Folder] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\{c9b68337-e93a-44ea-94dc-cb300ec06444}
Successfully deleted: [Folder] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\f7t3fg5x.Standard-Benutzer\extensions\{c9b68337-e93a-44ea-94dc-cb300ec06444}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\webbooster@iminent.com
Successfully deleted the following from C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\w8pepqn3.default\prefs.js

user_pref("browser.search.defaultthis.engineName", "Utubebario Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2680812&SearchSource=3&q={searchTerms}");
user_pref("extensions.BabylonToolbar.bbDpng", 9);
user_pref("extensions.BabylonToolbar.cntry", "US");
user_pref("extensions.BabylonToolbar.dfltLng", "de");
user_pref("extensions.BabylonToolbar.firstRun", false);
user_pref("extensions.BabylonToolbar.hdrMd5", "1F44E708B8616CBEA495E65F13FA63FD");
user_pref("extensions.BabylonToolbar.id", "5db1bb0ca6c24016bea3494168e3343a");
user_pref("extensions.BabylonToolbar.instlDay", "15120");
user_pref("extensions.BabylonToolbar.lastActv", "9");
user_pref("extensions.BabylonToolbar.lastDP", 9);
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.propectorlck", 59417459);
user_pref("extensions.BabylonToolbar.prtkDS", 1);
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.sid", "5db1bb0ca6c24016bea3494168e3343a");
user_pref("extensions.asktb.ff-original-keyword-url", "");
user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=A89E6740-1C76-47CB-9E41-FDB21ECC5440&apn_ptnrs=&apn_sauid=8FABD44E-8193-
Successfully deleted the following from C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\f7t3fg5x.Standard-Benutzer\prefs.js

user_pref("iminent.LayoutId", "1");
user_pref("iminent.ShowThankyouPixel", "0");
user_pref("iminent.adapters", "{\"112\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":2,\"expireTime\":\"1386374434735259200\"},\"web\":{\"CountryCode\":\"DE\",\"NoAds\":
user_pref("iminent.displayFavLinks", "0");
user_pref("iminent.registerToolbarEvent101", "1389267075259");
user_pref("iminent.registerToolbarEvent102", "1389292589773");
user_pref("iminent.registerToolbarEvent105", "1386440644344");
user_pref("iminent.registerToolbarEvent109", "1389267772460");
user_pref("iminent.registerToolbarEvent110", "1389268599346");
user_pref("iminent.registerToolbarEvent111", "1389267772464");
user_pref("iminent.registerToolbarEvent112", "1389267772878");
user_pref("iminent.registerToolbarEvent122", "1389267772467");
user_pref("iminent.registerToolbarEvent140", "1389269805644");
user_pref("iminent.version", "8.1.2.3");
user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.1.2.3\",\"InstallEventCTime\":1389293902811,\"InstallEvent\":\"True\"}");
user_pref("iminent.webbooster.scripts.minibar.FavLinkSplitTestingClass", "v1");
user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000");
user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent101", "1376575020764");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1376237310852");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1376572307661");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1376572307662");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1376572307664");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1376234338483");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent140", "1376081955654");
user_pref("iminent.webbooster.scripts.sslminibar.FavLinkSplitTestingClass", "v2");
user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.sslminibar.SOFTONICREFRESHRATE", "140000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.sslminibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "1");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1376235536575");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1376494561704");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1376494561708");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1376494562534");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1376494561711");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent134", "1376237310323");
Emptied folder: C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\w8pepqn3.default\minidumps [11 files]
Emptied folder: C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\f7t3fg5x.Standard-Benutzer\minidumps [128 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.01.2014 at 21:44:58,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber · 09.01.2014, 22:03

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Kapitän · 09.01.2014, 22:11

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-01-2014 01
Ran by Jörg (administrator) on JÖRG-PC on 09-01-2014 22:09:22
Running from C:\Users\Jörg\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
( ) C:\Windows\System32\lxczcoms.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GTLite.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(klickTel GmbH) C:\Program Files (x86)\Digitale Rückwärtssuche\Digitale Rückwärtssuche auf CD-ROM\KMON.EXE
() C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(North Star com.) C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe
() C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [ISW] - "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
HKLM\...\Run: [lxczbmgr.exe] - C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe [74672 2007-02-08] (Lexmark International, Inc.)
HKLM\...\Run: [Ocs_SM] - C:\Users\Jörg\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2011-07-26] (OCS)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [FaxCenterServer] - C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe [295856 2007-02-08] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [GamingMouse] - C:\Program Files (x86)\Drakonia Configurator\hid.exe [246784 2012-06-07] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [GameTracker] - C:\Program Files (x86)\GameTracker\GTLite.exe [4018984 2010-09-02] (ClanServers Hosting LLC)
HKCU\...\Run: [Software Suite SE] - C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe [2353184 2009-07-28] (Acer Incorporated)
HKCU\...\Run: [InversMonitor] - C:\Program Files (x86)\Digitale Rückwärtssuche\Digitale Rückwärtssuche auf CD-ROM\KMON.EXE [7263232 2008-05-13] (klickTel GmbH)
HKCU\...\Run: [Vidalia] - C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe [5636136 2010-11-19] ()
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-06-26] ()
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-25] (AMD)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [162336 2009-07-22] ()
Startup: C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = iGoogle Redirect
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKCU - DefaultScope {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&k=0
SearchScopes: HKCU - {41458688-D4F1-4536-ADFE-70281F588BDE} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {4246FEF4-F8AE-4CF3-AB2E-9DB4D59BA2C8} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5B1CC2CE-8545-4EB6-A962-410D468E7BF8} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5B27E59B-CCD3-4C1B-92E1-FD56C9C3DCC0} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE378
SearchScopes: HKCU - {67A4CE77-D3ED-4B82-81E0-31DB6BC12B35} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D696537&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&k=0
SearchScopes: HKCU - {798F67B9-B037-4639-BA5A-BF1C25749CA2} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
BHO: Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können. - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll (Conversion One GmbH)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können. - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\ipsbho.dll (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -  No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62

FireFox:
========
FF ProfilePath: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: WEB.DE Suche
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://web.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SQLite Manager - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
FF Extension: WEB.DE MailCheck - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\Extensions\toolbar@web.de.xpi
FF Extension: Iminent - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\Extensions\webbooster@iminent.com.xpi
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
FF Extension: preisspion.de - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox

==================== Services (Whitelisted) =================

R2 DiskDoctorService; C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [1029480 2010-11-30] (Symantec Corporation)
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 lxcz_device; C:\Windows\system32\lxczcoms.exe [566192 2007-02-08] ( )
R2 lxcz_device; C:\Windows\SysWow64\lxczcoms.exe [537520 2007-02-08] ( )
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe [186368 2010-11-12] (MAGIX AG)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S3 OberonGameConsoleService; C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe [44312 2009-08-29] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-01-12] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\RpcAgentSrv.exe [93848 2008-08-14] (SiSoftware)
S2 SearchAnonymizer; C:\Users\Jörg\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2011-07-26] ()
R2 SpeedDiskService; C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [1037672 2010-11-30] (Symantec Corporation)
S2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20131218.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20140108.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140108.023\ENG64.SYS [126040 2014-01-09] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140108.023\EX64.SYS [2099288 2014-01-09] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
S3 SymDSMon; C:\Windows\system32\drivers\SymDSMon.sys [191232 2010-11-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 SYMSpeedDisk; C:\Windows\system32\drivers\SymSpeedDisk.sys [163384 2010-11-30] (Symantec Corporation)
S3 SYMSpeedDisk; C:\Windows\SysWow64\drivers\SymSpeedDisk.sys [108800 2010-11-30] (Symantec Corporation)
R3 cpuz132; \??\C:\Users\JRG~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
S3 SYMFW; \SystemRoot\System32\Drivers\NISx64\1008000.029\SYMFW.SYS [x]
S3 SYMNDISV; \SystemRoot\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-09 22:09 - 2014-01-09 22:09 - 00024667 _____ C:\Users\Jörg\Downloads\FRST.txt
2014-01-09 22:08 - 2014-01-09 22:08 - 01931770 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64.exe
2014-01-09 22:08 - 2014-01-09 22:08 - 00000000 ____D C:\FRST
2014-01-09 21:46 - 2014-01-09 21:46 - 00018713 _____ C:\Users\Jörg\Documents\JRT.txt
2014-01-09 21:44 - 2014-01-09 21:44 - 00018713 _____ C:\Users\Jörg\Desktop\JRT.txt
2014-01-09 21:39 - 2014-01-09 21:39 - 00000000 ____D C:\Windows\ERUNT
2014-01-09 21:38 - 2014-01-09 21:38 - 01037068 _____ (Thisisu) C:\Users\Jörg\Downloads\JRT.exe
2014-01-09 19:32 - 2014-01-09 19:32 - 00000000 ____D C:\AdwCleaner
2014-01-09 19:31 - 2014-01-09 19:32 - 01233962 _____ C:\Users\Jörg\Downloads\adwcleaner.exe
2014-01-09 19:30 - 2014-01-09 19:30 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller(1).exe
2014-01-09 19:29 - 2014-01-09 19:29 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller.exe
2014-01-08 16:07 - 2014-01-08 16:07 - 00055445 _____ C:\Windows\SysWOW64\CCCInstall_201401081607103522.log
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\ProgramData\ATI
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2014-01-08 16:03 - 2014-01-08 16:03 - 00000000 ____D C:\Program Files\AMD
2014-01-08 15:57 - 2014-01-08 16:02 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-08 15:49 - 2014-01-08 15:50 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Jörg\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe
2014-01-08 15:47 - 2014-01-08 15:48 - 253557288 _____ (AMD Inc.) C:\Users\Jörg\Downloads\amd_catalyst_13.11_betav9.5.exe
2013-12-30 18:27 - 2013-12-30 18:27 - 00915368 _____ (Oracle Corporation) C:\Users\Jörg\Downloads\jxpiinstall.exe
2013-12-13 17:46 - 2013-12-13 17:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-13 01:09 - 2013-12-13 01:09 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 18:19 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 18:19 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 18:19 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 18:19 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 18:19 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 18:19 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 18:19 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 18:19 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 18:19 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 18:19 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 18:19 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 18:19 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 18:19 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 18:19 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 18:19 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 18:19 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 18:19 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 18:19 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 18:19 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 18:19 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 18:19 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 18:19 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 18:19 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 18:19 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 18:19 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 18:19 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 18:19 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 18:19 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 18:19 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 18:19 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 18:19 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 14:33 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 14:33 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 14:33 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 14:33 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 14:33 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 14:33 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 14:33 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 14:33 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 14:33 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 14:33 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 14:33 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 14:33 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 14:33 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 14:33 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 14:33 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

==================== One Month Modified Files and Folders =======

2014-01-09 22:09 - 2014-01-09 22:09 - 00024667 _____ C:\Users\Jörg\Downloads\FRST.txt
2014-01-09 22:09 - 2012-04-02 12:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-09 22:09 - 2010-05-07 21:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-09 22:08 - 2014-01-09 22:08 - 01931770 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64.exe
2014-01-09 22:08 - 2014-01-09 22:08 - 00000000 ____D C:\FRST
2014-01-09 21:46 - 2014-01-09 21:46 - 00018713 _____ C:\Users\Jörg\Documents\JRT.txt
2014-01-09 21:44 - 2014-01-09 21:44 - 00018713 _____ C:\Users\Jörg\Desktop\JRT.txt
2014-01-09 21:39 - 2014-01-09 21:39 - 00000000 ____D C:\Windows\ERUNT
2014-01-09 21:38 - 2014-01-09 21:38 - 01037068 _____ (Thisisu) C:\Users\Jörg\Downloads\JRT.exe
2014-01-09 21:25 - 2011-05-05 20:33 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\Tor
2014-01-09 20:09 - 2010-05-07 21:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-09 19:34 - 2011-06-26 14:20 - 00000000 ____D C:\Users\Jörg\AppData\Local\PMB Files
2014-01-09 19:32 - 2014-01-09 19:32 - 00000000 ____D C:\AdwCleaner
2014-01-09 19:32 - 2014-01-09 19:31 - 01233962 _____ C:\Users\Jörg\Downloads\adwcleaner.exe
2014-01-09 19:30 - 2014-01-09 19:30 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller(1).exe
2014-01-09 19:29 - 2014-01-09 19:29 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller.exe
2014-01-09 19:11 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-09 19:11 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-09 19:08 - 2010-01-22 15:36 - 01692804 _____ C:\Windows\WindowsUpdate.log
2014-01-09 19:04 - 2010-09-29 12:48 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\GameTracker
2014-01-09 19:03 - 2013-10-17 11:16 - 00000342 _____ C:\Windows\Tasks\rbmonitor.job
2014-01-09 19:03 - 2011-05-05 20:33 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\Vidalia
2014-01-09 19:02 - 2011-07-26 12:59 - 00000436 _____ C:\Windows\Tasks\PCCT - MAGIX AG.job
2014-01-09 19:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-09 19:02 - 2009-07-14 05:51 - 00130737 _____ C:\Windows\setupact.log
2014-01-09 16:20 - 2011-11-10 18:07 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-09 16:20 - 2010-01-05 12:10 - 00699416 _____ C:\Windows\system32\perfh007.dat
2014-01-09 16:20 - 2010-01-05 12:10 - 00149556 _____ C:\Windows\system32\perfc007.dat
2014-01-09 16:20 - 2009-07-14 06:13 - 01593956 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-09 12:03 - 2009-12-04 11:47 - 00366440 _____ C:\Windows\PFRO.log
2014-01-08 16:07 - 2014-01-08 16:07 - 00055445 _____ C:\Windows\SysWOW64\CCCInstall_201401081607103522.log
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\ProgramData\ATI
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2014-01-08 16:07 - 2012-03-25 12:25 - 00000000 ____D C:\ProgramData\AMD
2014-01-08 16:07 - 2010-05-07 21:29 - 00000000 ____D C:\Users\Jörg\AppData\Local\Google
2014-01-08 16:06 - 2011-10-27 12:07 - 00000000 ____D C:\Users\Jörg\AppData\Local\CrashDumps
2014-01-08 16:06 - 2011-10-19 14:07 - 00000000 ____D C:\Program Files\ATI Technologies
2014-01-08 16:03 - 2014-01-08 16:03 - 00000000 ____D C:\Program Files\AMD
2014-01-08 16:02 - 2014-01-08 15:57 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-08 15:50 - 2014-01-08 15:49 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Jörg\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe
2014-01-08 15:48 - 2014-01-08 15:47 - 253557288 _____ (AMD Inc.) C:\Users\Jörg\Downloads\amd_catalyst_13.11_betav9.5.exe
2014-01-07 14:00 - 2010-05-07 21:29 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\Adobe
2014-01-07 13:13 - 2011-07-11 17:19 - 00000000 ____D C:\Users\Jörg\Documents\B E W E R B U N G E N; Z E U G N I S S E
2013-12-30 18:27 - 2013-12-30 18:27 - 00915368 _____ (Oracle Corporation) C:\Users\Jörg\Downloads\jxpiinstall.exe
2013-12-28 18:12 - 2010-05-07 21:11 - 00000000 ____D C:\Users\Jörg
2013-12-28 18:11 - 2009-07-14 03:34 - 85458944 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 20185088 _____ C:\Windows\system32\config\SYSTEM.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 00020480 _____ C:\Windows\system32\config\SECURITY.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 00020480 _____ C:\Windows\system32\config\SAM.bak
2013-12-25 19:03 - 2013-11-20 13:22 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\HpUpdate
2013-12-15 21:05 - 2013-08-14 17:39 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 21:02 - 2010-05-16 14:07 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 16:41 - 2010-05-23 13:28 - 00000000 ____D C:\Users\Jörg\Documents\E I N K O M M E N S T E U E R
2013-12-15 15:52 - 2012-04-26 13:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-13 17:46 - 2013-12-13 17:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-13 01:09 - 2013-12-13 01:09 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-13 01:09 - 2012-04-02 12:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-13 01:09 - 2012-04-02 12:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-13 01:09 - 2011-05-20 09:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-12 21:58 - 2011-02-28 14:52 - 00000000 ____D C:\Users\Jörg\AppData\Local\Microsoft Games
2013-12-12 15:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-11 20:23 - 2009-07-14 05:45 - 00436472 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 18:20 - 2009-12-04 11:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 15:10 - 2009-12-04 11:38 - 00000000 ____D C:\Program Files (x86)\Google

Some content of TEMP:
====================
C:\Users\Jörg\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Jörg\AppData\Local\Temp\SymcPCCUInstaller.exe
C:\Users\Jörg\AppData\Local\Temp\_is83CF.exe
C:\Users\Jörg\AppData\Local\Temp\_is95F8.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2010-11-06 17:45

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2014 01
Ran by Jörg at 2014-01-09 22:09:47
Running from C:\Users\Jörg\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.1926.41617 - ABBYY Software House)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1.3 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.5.146 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alice Greenfingers (x32 Version:  - Oberon Media)
Amazonia (x32 Version:  - Oberon Media)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 11.7.0.11025 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.10 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Application Profiles (x32 Version: 2.0.4888.34279 - Advanced Micro Devices, Inc.)
ArcSoft Panorama Maker 6 (x32 Version: 6.0.8.85 - ArcSoft)
Ask Toolbar Updater (HKCU Version: 1.2.1.23037 - Ask.com) <==== ATTENTION
Bing Bar (x32 Version: 7.0.619.0 - Microsoft Corporation)
Black Mirror 2 (x32 Version:  - dtp)
Black Mirror III (x32 Version:  - dtp)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Call of Duty - United Offensive (x32 Version: 1.00.0000 - Activision)
Call of Duty - United Offensive (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty (x32 Version:  - )
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) (x32 Version: 1.7 - Activision)
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty(R) 2 (x32 Version: 1.2 - Activision)
Call of Duty(R) 2 (x32 Version: 1.2 - Activision) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1118.1260.23275 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 3.12 - Piriform)
Chicken Invaders 2 (x32 Version:  - Oberon Media)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (x32 Version:  - Oberon Media)
Darkness Within: Auf der Jagd nach Loath Nolder 1.02 (x32 Version:  - Iceberg Interactive)
Digitale Rückwärtssuche auf CD-ROM (x32 Version: 1.00.0000 - klickTel)
Drakonia Configurator (x32 Version:  - )
Dream Day First Home (x32 Version:  - Oberon Media)
DriverBoost (x32 Version: 8.0.1 - DriverBoost)
eBay Worldwide (x32 Version: 2.1.0901 - OEM)
EVEREST Home Edition v2.20 (x32 Version: 2.20 - Lavalys Inc)
Farm Frenzy 2 (x32 Version:  - Oberon Media)
FILEminimizer Pictures (x32 Version:  - balesio AG)
First Class Flurry (x32 Version:  - Oberon Media)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GameTracker Lite (x32 Version:  - ClanServers Hosting LLC.)
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Granny In Paradise (x32 Version:  - Oberon Media)
Heroes of Hellas (x32 Version:  - Oberon Media)
HP Deskjet 2540 series - Grundlegende Software für das Gerät (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP Deskjet 2540 series Hilfe (x32 Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (x32 Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (x32 Version: 1.0.0.7702 - HP)
HP Update (x32 Version: 5.003.003.001 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.218.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (Version: 3.1.0.40 - Apple Inc.)
Identity Card (x32 Version: 1.00.3002 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Iminent (x32 Version: 6.4.56.0 - Iminent) <==== ATTENTION
Intel® Matrix Storage Manager (Version:  - Intel Corporation)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0 - Microsoft Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)
JMicron JMB36X Driver (x32 Version: 1.00.0000 - JMicron Technology Corp.)
JonDo (x32 Version:  - )
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Lexmark 1200 Series (Version:  - Lexmark International, Inc.)
Lexmark Fax-Lösungen (Version:  - )
MAGIX PC Check & Tuning Free 2011 (x32 Version: 6.0.403.1052 - MAGIX AG)
MAGIX PC Check & Tuning Free 2011 (x32 Version: 6.0.403.1052 - MAGIX AG) Hidden
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mein Gutscheincode Finder 1.0.0.0 (x32 Version: 1.0.0.0 - Conversion One GmbH)
Merriam Websters Spell Jam (x32 Version:  - Oberon Media)
Metaboli (x32 Version: 1.00.0006 - Packard Bell)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
Miro (x32 Version: 4.0.3 - Participatory Culture Foundation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (x32 Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.11.208 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Norton Internet Security (x32 Version: 20.4.0.40 - Symantec Corporation)
Norton Online Backup (x32 Version: 1.2.0.36 - Symantec)
Norton Utilities 15 (x32 Version: 15.0 - Symantec Corporation)
NVIDIA Drivers (Version: 1.7 - )
O&O MediaRecovery (x32 Version: 4.1.1322 - O&O Software GmbH)
Opera 12.16 (x32 Version: 12.16.1860 - Opera Software ASA)
Packard Bell GameZone Console (x32 Version: 5.1.2.5 - Oberon Media, Inc.)
Packard Bell InfoCentre (x32 Version: 3.02.3000 - Packard Bell)
Packard Bell Recovery Management (x32 Version: 4.05.3005 - Packard Bell)
Packard Bell Registration (x32 Version: 1.02.3006 - Packard Bell)
Packard Bell ScreenSaver (x32 Version: 1.1.0812 - Packard Bell Incorporated)
Packard Bell Software Suite SE (x32 Version: 2.01.3001 - Packard Bell)
Packard Bell Updater (x32 Version: 1.01.3017 - Packard Bell)
Pando Media Booster (x32 Version: 2.3.6.0 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Frame (x32 Version: 5.0.0.2 - Northstar Systems Corp.)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PixiePack Codec Pack (x32 Version: 1.1.1200.0 - None)
Polipo 1.0.4.1 (x32 Version:  - )
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (x32 Version: 0.986 - Even Balance, Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Radiotracker (x32 Version: 6.2.13700.0 - RapidSolution Software AG)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Registry Reviver (x32 Version:  - ReviverSoft)
SearchAnonymizer (Version: 1.0.1 (de) - )
SiSoftware Sandra Lite 2011.SP4c (Version: 17.77.2011.10 - SiSoftware)
Studie zur Verbesserung von HP Deskjet 2540 series (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TomTom HOME (x32 Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Tor 0.2.1.30 (x32 Version:  - )
Uniblue RegistryBooster (x32 Version: 6.1.1.2 - Uniblue Systems Limited)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Vidalia 0.2.10 (x32 Version:  - )
Welcome Center (x32 Version: 1.00.3008 - Packard Bell)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0 - Microsoft Corporation)
World of Tanks (x32 Version:  - Wargaming.net)

==================== Restore Points  =========================

22-12-2013 18:00:28 Windows-Sicherung
28-12-2013 17:07:40 MAGIX PC Check & Tuning Free (PC Check)
30-12-2013 16:06:48 Windows-Sicherung
05-01-2014 18:00:26 Windows-Sicherung
08-01-2014 14:57:05 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
08-01-2014 15:02:11 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
09-01-2014 15:07:42 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {07C939A0-8E45-4253-89A8-E34512DD5882} - System32\Tasks\{AB24144F-6E0B-4FA6-B12D-3B2713E177CC} => C:\Microids\Dracula 3\Dracula3.exe
Task: {0D336A73-7171-4642-945B-A7004BC430A7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\symerr.exe [2013-06-03] (Symantec Corporation)
Task: {100921AF-95F7-492C-AA9A-7EAD4414C591} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2011-08-10] (Microsoft Corporation)
Task: {1598B538-F0C4-4B63-88ED-63FE3649C68C} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\symerr.exe [2013-06-03] (Symantec Corporation)
Task: {1AA3ACBD-8FAD-452B-A869-A90B866CD9ED} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)
Task: {2A45A25E-1B31-4BFF-9C00-013E985981C6} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2D0D0796-0403-4CA3-BCCD-E6F604B595B1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2EF64786-A6B0-41D0-9F44-0EA17E90B97B} - System32\Tasks\{1DBE84C3-6BD8-4107-988A-089FB649CE7E} => C:\Microids\Dracula 3\Dracula3.exe
Task: {3494DEAF-3F5D-4B31-A776-9FE704E2B3C1} - System32\Tasks\rbmonitor => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2013-06-17] (Uniblue Systems Limited)
Task: {79621202-7872-459D-ADCD-38CC498A0FF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-07] (Google Inc.)
Task: {7B2F53C8-9F16-41C0-9C9C-2447E3B5EC8B} - System32\Tasks\{565EFF38-243B-41CB-9139-3B99B2475AEB} => C:\Microids\Dracula 3\Dracula3.exe
Task: {7D71514E-ED2F-48AB-A661-3C3233FF7398} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2013-02-08] (Hewlett-Packard Co.)
Task: {814B2A2A-6C37-49B3-9C7C-1EADD0725AA0} - System32\Tasks\{ECEA55E5-8F8C-4008-8FCD-238076B4E9DE} => C:\Microids\Dracula 3\Dracula3.exe
Task: {A3F4BB4D-CFC8-4AE8-999D-530769809CF5} - System32\Tasks\{857EC364-FB7D-4740-BC4A-2D7C21BE9A47} => C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\uiStub.exe
Task: {A62C683C-77BF-4A9B-B498-2889376E8506} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-07] (Google Inc.)
Task: {BDB869F4-A7BB-4934-9A67-787794180322} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13] (Adobe Systems Incorporated)
Task: {C75E4815-4BC3-4436-A029-8541772890AD} - System32\Tasks\PCCT - MAGIX AG => C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe [2010-11-08] ()
Task: {D13AF200-B8C1-4C7C-8D84-A67A5D447BAD} - System32\Tasks\{075E58BC-6A5A-46A1-96B5-4FC36581CB95} => C:\Microids\Dracula 3\Dracula3.exe
Task: {D46C7169-452A-4F82-B11C-D2DF376CFE2C} - System32\Tasks\Start Registry Reviver => C:\Program Files (x86)\Reviversoft\Registry Reviver\RegistryReviver.exe
Task: {D6F44862-0EF2-4D2B-A68F-95068B9D1F15} - System32\Tasks\{1CA66286-5BDA-499B-BC09-BA92EDCF5084} => Firefox.exe 
Task: {E23127C3-61F9-4B88-9F49-F0DB4FF0713B} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe
Task: {EDD80598-D140-4006-AA09-F2D096006E56} - System32\Tasks\{C33DABB9-0A40-4876-9A72-ED0F216B69FE} => C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\uiStub.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCCT - MAGIX AG.job => C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
Task: C:\Windows\Tasks\rbmonitor.job => C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

==================== Loaded Modules (whitelisted) =============

2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-12 08:50 - 2010-11-12 08:50 - 00635904 _____ () C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MFL_u_VC9.dll
2007-09-05 15:42 - 2007-09-05 15:42 - 00638976 _____ () C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\PlayRIpl.dll
2013-07-24 09:11 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2008-06-05 07:01 - 2008-06-05 07:01 - 00344064 _____ () C:\Program Files (x86)\Packard Bell\Software Suite SE\sqlite3.dll
2011-04-05 14:53 - 1999-03-02 08:12 - 00372736 ____N () C:\Program Files (x86)\Digitale Rückwärtssuche\Digitale Rückwärtssuche auf CD-ROM\KSDB32.DLL
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2011-04-05 14:53 - 2004-12-03 15:10 - 00409088 ____N () C:\Program Files (x86)\Digitale Rückwärtssuche\Digitale Rückwärtssuche auf CD-ROM\KMRICAPI.DLL
2011-04-05 14:53 - 2004-12-02 19:07 - 00384000 ____N () C:\Program Files (x86)\Digitale Rückwärtssuche\Digitale Rückwärtssuche auf CD-ROM\KMRITAPI.DLL
2010-05-30 06:08 - 2010-05-30 06:08 - 02417664 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtCore4.dll
2009-01-10 11:32 - 2009-01-10 11:32 - 00011362 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll
2009-06-22 19:42 - 2009-06-22 19:42 - 00043008 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll
2010-02-10 17:36 - 2010-02-10 17:36 - 09565184 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtGui4.dll
2010-02-10 17:11 - 2010-02-10 17:11 - 01148416 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtNetwork4.dll
2010-02-10 17:08 - 2010-02-10 17:08 - 00398336 _____ () C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtXml4.dll
2010-02-01 01:47 - 2010-02-01 01:47 - 00076800 _____ () C:\Program Files (x86)\Vidalia Bundle\Polipo\libgnurx-0.dll
2012-08-24 15:15 - 2011-11-22 13:18 - 00061440 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2012-08-24 15:15 - 2011-11-22 13:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2013-12-13 17:46 - 2013-12-13 17:46 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-07-24 09:11 - 2012-05-30 07:51 - 00699280 ____R () C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
2013-12-13 01:09 - 2013-12-13 01:09 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:444C53BA
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA
AlternateDataStreams: C:\ProgramData\TEMP:D287FACF
AlternateDataStreams: C:\ProgramData\TEMP:D3A96964

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2011-10-27 13:05:34.095
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-27 13:05:34.080
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-19 15:10:57.346
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-10-19 15:10:57.300
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-08-22 14:24:57.297
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\JRG~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-08-22 14:24:57.279
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\JRG~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-08-22 14:24:57.169
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-08-22 14:24:57.151
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-05-09 16:36:23.200
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\JRG~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-05-09 16:36:23.196
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\JRG~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 36%
Total physical RAM: 6135.11 MB
Available physical RAM: 3895.14 MB
Total Pagefile: 12268.4 MB
Available Pagefile: 9701.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:225.95 GB) (Free:77.03 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:30.84 GB) NTFS
Drive e: (DATA) (Fixed) (Total:226.71 GB) (Free:226.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: D33E3FEA)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=226 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=227 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C2BB90F2)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

schrauber · 10.01.2014, 12:11

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

und ein frisches FRST log bitte.

Kapitän · 10.01.2014, 16:36

Sieht es arg schlimm aus? Ich denke nicht, oder?

Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free Anti-Malware

Datenbank Version: v2014.01.10.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Jörg :: JÖRG-PC [Administrator]

10.01.2014 16:11:30
mbam-log-2014-01-10 (16-11-30).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 218702
Laufzeit: 3 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Logfile:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.10.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Jörg :: JÖRG-PC [Administrator]

10.01.2014 16:11:30
mbam-log-2014-01-10 (16-11-30).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 218702
Laufzeit: 3 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Logdatei:
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.016 - Bericht erstellt am 10/01/2014 um 16:26:19
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Jörg - JÖRG-PC
# Gestartet von : C:\Users\Jörg\Downloads\adwcleaner(1).exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : SearchAnonymizer

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Mein Gutscheincode Finder
Ordner Gelöscht : C:\Users\Jörg\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\JRG~1\AppData\Local\Temp\boost_interprocess
Ordner Gelöscht : C:\Users\Jörg\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\w8pepqn3.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Datei Gelöscht : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\Extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Uninstall.exe
Datei Gelöscht : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\w8pepqn3.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\StartWeb.xml
Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\prefs.js ]

Zeile gelöscht : user_pref("extensions.enabledAddons", "toolbar%40web.de:2.8.1,%7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.4.5%20-%201,webbooster%40iminent.com:8.1.2.3,%7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:20[...]
Zeile gelöscht : user_pref("iminent.LayoutId", "1");
Zeile gelöscht : user_pref("iminent.ShowThankyouPixel", "0");
Zeile gelöscht : user_pref("iminent.adapters", "{\"112\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":2,\"expireTime\":\"1386374434735259200\"},\"web\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"expi[...]
Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1389306320460");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent140", "1389305474854");
Zeile gelöscht : user_pref("iminent.version", "8.1.2.3");
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.1.2.3\",\"InstallEventCTime\":1389367272120,\"InstallEvent\":\"True\"}");

[ Datei : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\prefs.js ]

Zeile gelöscht : user_pref("pttl.menu-search-groups-tab", false);
Zeile gelöscht : user_pref("pttl.menu-search-groups-win", false);

[ Datei : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\w8pepqn3.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");

*************************

AdwCleaner[R0].txt - [37504 octets] - [09/01/2014 19:32:32]
AdwCleaner[R1].txt - [23170 octets] - [10/01/2014 16:23:46]
AdwCleaner[S0].txt - [22720 octets] - [10/01/2014 16:26:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22781 octets] ##########

--- --- ---

Sorry, vorhin 2 mal versehentlich Malwarbytes-Logfile gepostet

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2014
Ran by Jörg (administrator) on JÖRG-PC on 10-01-2014 16:35:22
Running from C:\Users\Jörg\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
() C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
( ) C:\Windows\System32\lxczcoms.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Acer) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GTLite.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(klickTel GmbH) C:\Program Files (x86)\Digitale Rückwärtssuche\Digitale Rückwärtssuche auf CD-ROM\KMON.EXE
() C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(North Star com.) C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Farbar) C:\Users\Jörg\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [ISW] - "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
HKLM\...\Run: [lxczbmgr.exe] - C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe [74672 2007-02-08] (Lexmark International, Inc.)
HKLM\...\Run: [Ocs_SM] - C:\Users\Jörg\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [FaxCenterServer] - C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe [295856 2007-02-08] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [GamingMouse] - C:\Program Files (x86)\Drakonia Configurator\hid.exe [246784 2012-06-07] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKCU\...\Run: [GameTracker] - C:\Program Files (x86)\GameTracker\GTLite.exe [4018984 2010-09-02] (ClanServers Hosting LLC)
HKCU\...\Run: [Software Suite SE] - C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe [2353184 2009-07-28] (Acer Incorporated)
HKCU\...\Run: [InversMonitor] - C:\Program Files (x86)\Digitale Rückwärtssuche\Digitale Rückwärtssuche auf CD-ROM\KMON.EXE [7263232 2008-05-13] (klickTel GmbH)
HKCU\...\Run: [Vidalia] - C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe [5636136 2010-11-19] ()
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-06-26] ()
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-25] (AMD)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [162336 2009-07-22] ()
Startup: C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = iGoogle Redirect
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&k=0
SearchScopes: HKCU - {41458688-D4F1-4536-ADFE-70281F588BDE} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {4246FEF4-F8AE-4CF3-AB2E-9DB4D59BA2C8} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5B1CC2CE-8545-4EB6-A962-410D468E7BF8} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5B27E59B-CCD3-4C1B-92E1-FD56C9C3DCC0} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE378
SearchScopes: HKCU - {67A4CE77-D3ED-4B82-81E0-31DB6BC12B35} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D696537&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&k=0
SearchScopes: HKCU - {798F67B9-B037-4639-BA5A-BF1C25749CA2} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\ipsbho.dll (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -  No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62

FireFox:
========
FF ProfilePath: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: WEB.DE Suche
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://web.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SQLite Manager - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
FF Extension: WEB.DE MailCheck - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\Extensions\toolbar@web.de.xpi
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox

==================== Services (Whitelisted) =================

R2 DiskDoctorService; C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [1029480 2010-11-30] (Symantec Corporation)
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 lxcz_device; C:\Windows\system32\lxczcoms.exe [566192 2007-02-08] ( )
R2 lxcz_device; C:\Windows\SysWow64\lxczcoms.exe [537520 2007-02-08] ( )
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe [186368 2010-11-12] (MAGIX AG)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S3 OberonGameConsoleService; C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe [44312 2009-08-29] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-01-12] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\RpcAgentSrv.exe [93848 2008-08-14] (SiSoftware)
R2 SpeedDiskService; C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [1037672 2010-11-30] (Symantec Corporation)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20131218.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20140109.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140110.002\ENG64.SYS [126040 2014-01-09] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140110.002\EX64.SYS [2099288 2014-01-09] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
S3 SymDSMon; C:\Windows\system32\drivers\SymDSMon.sys [191232 2010-11-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 SYMSpeedDisk; C:\Windows\system32\drivers\SymSpeedDisk.sys [163384 2010-11-30] (Symantec Corporation)
S3 SYMSpeedDisk; C:\Windows\SysWow64\drivers\SymSpeedDisk.sys [108800 2010-11-30] (Symantec Corporation)
R3 cpuz132; \??\C:\Users\JRG~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
S3 SYMFW; \SystemRoot\System32\Drivers\NISx64\1008000.029\SYMFW.SYS [x]
S3 SYMNDISV; \SystemRoot\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-10 16:34 - 2014-01-10 16:34 - 01932166 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64(1).exe
2014-01-10 16:23 - 2014-01-10 16:23 - 01233962 _____ C:\Users\Jörg\Downloads\adwcleaner(1).exe
2014-01-09 22:09 - 2014-01-10 16:35 - 00023024 _____ C:\Users\Jörg\Downloads\FRST.txt
2014-01-09 22:09 - 2014-01-09 22:10 - 00041407 _____ C:\Users\Jörg\Downloads\Addition.txt
2014-01-09 22:08 - 2014-01-09 22:08 - 01931770 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64.exe
2014-01-09 22:08 - 2014-01-09 22:08 - 00000000 ____D C:\FRST
2014-01-09 21:46 - 2014-01-09 21:46 - 00018713 _____ C:\Users\Jörg\Documents\JRT.txt
2014-01-09 21:44 - 2014-01-09 21:44 - 00018713 _____ C:\Users\Jörg\Desktop\JRT.txt
2014-01-09 21:39 - 2014-01-09 21:39 - 00000000 ____D C:\Windows\ERUNT
2014-01-09 21:38 - 2014-01-09 21:38 - 01037068 _____ (Thisisu) C:\Users\Jörg\Downloads\JRT.exe
2014-01-09 19:32 - 2014-01-10 16:26 - 00000000 ____D C:\AdwCleaner
2014-01-09 19:31 - 2014-01-09 19:32 - 01233962 _____ C:\Users\Jörg\Downloads\adwcleaner.exe
2014-01-09 19:30 - 2014-01-09 19:30 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller(1).exe
2014-01-09 19:29 - 2014-01-09 19:29 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller.exe
2014-01-08 16:07 - 2014-01-08 16:07 - 00055445 _____ C:\Windows\SysWOW64\CCCInstall_201401081607103522.log
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\ProgramData\ATI
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2014-01-08 16:03 - 2014-01-08 16:03 - 00000000 ____D C:\Program Files\AMD
2014-01-08 15:57 - 2014-01-08 16:02 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-08 15:49 - 2014-01-08 15:50 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Jörg\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe
2014-01-08 15:47 - 2014-01-08 15:48 - 253557288 _____ (AMD Inc.) C:\Users\Jörg\Downloads\amd_catalyst_13.11_betav9.5.exe
2013-12-30 18:27 - 2013-12-30 18:27 - 00915368 _____ (Oracle Corporation) C:\Users\Jörg\Downloads\jxpiinstall.exe
2013-12-13 17:46 - 2013-12-13 17:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-13 01:09 - 2013-12-13 01:09 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 18:19 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 18:19 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 18:19 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 18:19 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 18:19 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 18:19 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 18:19 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 18:19 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 18:19 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 18:19 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 18:19 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 18:19 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 18:19 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 18:19 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 18:19 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 18:19 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 18:19 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 18:19 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 18:19 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 18:19 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 18:19 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 18:19 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 18:19 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 18:19 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 18:19 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 18:19 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 18:19 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 18:19 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 18:19 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 18:19 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 18:19 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 14:33 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 14:33 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 14:33 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 14:33 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 14:33 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 14:33 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 14:33 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 14:33 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 14:33 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 14:33 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 14:33 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 14:33 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 14:33 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 14:33 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 14:33 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

==================== One Month Modified Files and Folders =======

2014-01-10 16:36 - 2014-01-09 22:09 - 00023024 _____ C:\Users\Jörg\Downloads\FRST.txt
2014-01-10 16:36 - 2011-06-26 14:20 - 00000000 ____D C:\Users\Jörg\AppData\Local\PMB Files
2014-01-10 16:34 - 2014-01-10 16:34 - 01932166 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64(1).exe
2014-01-10 16:30 - 2010-09-29 12:48 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\GameTracker
2014-01-10 16:29 - 2013-10-17 11:16 - 00000342 _____ C:\Windows\Tasks\rbmonitor.job
2014-01-10 16:29 - 2011-07-26 12:59 - 00000436 _____ C:\Windows\Tasks\PCCT - MAGIX AG.job
2014-01-10 16:29 - 2010-05-07 21:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 16:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 16:28 - 2009-07-14 05:51 - 00130849 _____ C:\Windows\setupact.log
2014-01-10 16:26 - 2014-01-09 19:32 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:26 - 2010-01-22 15:36 - 01730015 _____ C:\Windows\WindowsUpdate.log
2014-01-10 16:23 - 2014-01-10 16:23 - 01233962 _____ C:\Users\Jörg\Downloads\adwcleaner(1).exe
2014-01-10 16:09 - 2012-04-02 12:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 16:09 - 2010-05-07 21:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 16:08 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 16:08 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 15:59 - 2011-05-05 20:33 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\Vidalia
2014-01-10 15:58 - 2009-12-04 11:47 - 00368254 _____ C:\Windows\PFRO.log
2014-01-09 23:20 - 2011-05-05 20:33 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\Tor
2014-01-09 22:10 - 2014-01-09 22:09 - 00041407 _____ C:\Users\Jörg\Downloads\Addition.txt
2014-01-09 22:08 - 2014-01-09 22:08 - 01931770 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64.exe
2014-01-09 22:08 - 2014-01-09 22:08 - 00000000 ____D C:\FRST
2014-01-09 21:46 - 2014-01-09 21:46 - 00018713 _____ C:\Users\Jörg\Documents\JRT.txt
2014-01-09 21:44 - 2014-01-09 21:44 - 00018713 _____ C:\Users\Jörg\Desktop\JRT.txt
2014-01-09 21:39 - 2014-01-09 21:39 - 00000000 ____D C:\Windows\ERUNT
2014-01-09 21:38 - 2014-01-09 21:38 - 01037068 _____ (Thisisu) C:\Users\Jörg\Downloads\JRT.exe
2014-01-09 19:32 - 2014-01-09 19:31 - 01233962 _____ C:\Users\Jörg\Downloads\adwcleaner.exe
2014-01-09 19:30 - 2014-01-09 19:30 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller(1).exe
2014-01-09 19:29 - 2014-01-09 19:29 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller.exe
2014-01-09 16:20 - 2011-11-10 18:07 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-09 16:20 - 2010-01-05 12:10 - 00699416 _____ C:\Windows\system32\perfh007.dat
2014-01-09 16:20 - 2010-01-05 12:10 - 00149556 _____ C:\Windows\system32\perfc007.dat
2014-01-09 16:20 - 2009-07-14 06:13 - 01593956 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-08 16:07 - 2014-01-08 16:07 - 00055445 _____ C:\Windows\SysWOW64\CCCInstall_201401081607103522.log
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\ProgramData\ATI
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2014-01-08 16:07 - 2012-03-25 12:25 - 00000000 ____D C:\ProgramData\AMD
2014-01-08 16:07 - 2010-05-07 21:29 - 00000000 ____D C:\Users\Jörg\AppData\Local\Google
2014-01-08 16:06 - 2011-10-27 12:07 - 00000000 ____D C:\Users\Jörg\AppData\Local\CrashDumps
2014-01-08 16:06 - 2011-10-19 14:07 - 00000000 ____D C:\Program Files\ATI Technologies
2014-01-08 16:03 - 2014-01-08 16:03 - 00000000 ____D C:\Program Files\AMD
2014-01-08 16:02 - 2014-01-08 15:57 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-08 15:50 - 2014-01-08 15:49 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Jörg\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe
2014-01-08 15:48 - 2014-01-08 15:47 - 253557288 _____ (AMD Inc.) C:\Users\Jörg\Downloads\amd_catalyst_13.11_betav9.5.exe
2014-01-07 14:00 - 2010-05-07 21:29 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\Adobe
2014-01-07 13:13 - 2011-07-11 17:19 - 00000000 ____D C:\Users\Jörg\Documents\B E W E R B U N G E N; Z E U G N I S S E
2013-12-30 18:27 - 2013-12-30 18:27 - 00915368 _____ (Oracle Corporation) C:\Users\Jörg\Downloads\jxpiinstall.exe
2013-12-28 18:12 - 2010-05-07 21:11 - 00000000 ____D C:\Users\Jörg
2013-12-28 18:11 - 2009-07-14 03:34 - 85458944 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 20185088 _____ C:\Windows\system32\config\SYSTEM.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 00020480 _____ C:\Windows\system32\config\SECURITY.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 00020480 _____ C:\Windows\system32\config\SAM.bak
2013-12-25 19:03 - 2013-11-20 13:22 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\HpUpdate
2013-12-15 21:05 - 2013-08-14 17:39 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 21:02 - 2010-05-16 14:07 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 16:41 - 2010-05-23 13:28 - 00000000 ____D C:\Users\Jörg\Documents\E I N K O M M E N S T E U E R
2013-12-15 15:52 - 2012-04-26 13:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-13 17:46 - 2013-12-13 17:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-13 01:09 - 2013-12-13 01:09 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-13 01:09 - 2012-04-02 12:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-13 01:09 - 2012-04-02 12:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-13 01:09 - 2011-05-20 09:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-12 21:58 - 2011-02-28 14:52 - 00000000 ____D C:\Users\Jörg\AppData\Local\Microsoft Games
2013-12-12 15:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-11 20:23 - 2009-07-14 05:45 - 00436472 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 18:20 - 2009-12-04 11:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 15:10 - 2009-12-04 11:38 - 00000000 ____D C:\Program Files (x86)\Google

Some content of TEMP:
====================
C:\Users\Jörg\AppData\Local\Temp\Quarantine.exe
C:\Users\Jörg\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Jörg\AppData\Local\Temp\SymcPCCUInstaller.exe
C:\Users\Jörg\AppData\Local\Temp\_is83CF.exe
C:\Users\Jörg\AppData\Local\Temp\_is95F8.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2010-11-06 17:45

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 11.01.2014, 13:04

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Kapitän · 11.01.2014, 16:45

Eine Frage: Der Scan mit dem Eset Smartinstaller dauert ja eine "Ewigkeit". Kann man das nicht Abkürzen??? Außerdem ist mein Rechner überhaupt in dieser Zeit des Scans mit deaktiviertem Anti-Virus-Programm und deaktivierter Firewall geschützt?

schrauber · 12.01.2014, 08:31

Firewall kannste an lassen. Sonst nix Surfen in der Zeit dann passt das schon

Kapitän · 13.01.2014, 10:40

Ich habe bereits am 09.01.14 eine halbe Stunde ohne aktivierter Firewall diesen Eset-Scan durchgeführt. Habe dann aber abgebrochen, weil es mir zu lange ging.
1. Frage: Hat in dieser Zeit jemand Unbefugtes zutritt zu meinen gespeicherten Daten gehabt?
2. Frage: Kann das Eset-Programm den Scan nicht schneller durchführen bzw. gibt es Alternativen zum Eset-Programm?

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=5e6a3b8f5796c642825e727dbf793f12
# engine=16622
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-13 08:16:50
# local_time=2014-01-13 09:16:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 91 2814910 152226394 0 0
# compatibility_mode=5893 16776574 66 85 16059937 141230860 0 0
# scanned=242732
# found=19
# cleaned=0
# scan_time=56662
sh=BD62B505062FF636AA163EDD221AAC433C58AB02 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Jörg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\3796408c-1a04be40"
sh=272EF0247E5C9CA37E55324FAF57DB91AC1F9073 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Jörg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\4de072d3-1993d787"
sh=EE6BCFD5B13586D0AE4BEECBD04CC1DAC5ED9D2D ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Jörg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\75a83617-581ab422"
sh=B422622CDB3659893D294D0174D157B5C9B4178D ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Jörg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\62d68321-43ac2386"
sh=936CA56DB0C7BDC0D49C9C246225159251910EAF ft=0 fh=0000000000000000 vn="probably a variant of Java/Exploit.CVE-2012-0507.FA trojan" ac=I fn="C:\Users\Jörg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\69119fa3-119fd734"
sh=864F0352DA215D5460BE661BF871077D2ECDEB03 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.NFN trojan" ac=I fn="C:\Users\Jörg\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\4590053b-41190126"
sh=29F01E33AAB578A2400A46D4AEFEFED918E8E0ED ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus" ac=I fn="D:\JÖRG-PC\Backup Set 2011-07-10 190002\Backup Files 2011-07-10 190002\Backup files 6.zip"
sh=F33229D874DABDA8C4D01ED964C91DFEC2044681 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="D:\JÖRG-PC\Backup Set 2012-02-06 134204\Backup Files 2012-03-04 190003\Backup files 6.zip"
sh=527044844AF230710AA9739B089B3D4C9673102F ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="D:\JÖRG-PC\Backup Set 2012-06-03 190005\Backup Files 2012-06-03 190005\Backup files 10.zip"
sh=7AFCE5625843322E7604316979CDE330AEBE29B0 ft=0 fh=0000000000000000 vn="JS/Agent.NEJ trojan" ac=I fn="D:\JÖRG-PC\Backup Set 2012-06-03 190005\Backup Files 2012-07-08 190003\Backup files 1.zip"
sh=97DC8E6228ECE067ECFE6184E6A1BDB6B6A3A499 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="D:\JÖRG-PC\Backup Set 2012-10-02 144103\Backup Files 2012-10-02 144103\Backup files 15.zip"
sh=4527CC6948044FF8D8B585634F3E39A61143FA6F ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.NFN trojan" ac=I fn="D:\JÖRG-PC\Backup Set 2012-10-02 144103\Backup Files 2012-12-09 190003\Backup files 6.zip"
sh=8E008AC47124007D4DD292E3DE8C14244A4DA3AF ft=0 fh=0000000000000000 vn="JS/TrojanClicker.Agent.NDW.Gen trojan" ac=I fn="D:\JÖRG-PC\Backup Set 2012-10-02 144103\Backup Files 2013-01-13 223413\Backup files 1.zip"
sh=D0E6E8E72B9A0C36A588B553112B95A6B0F7F9D5 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.NFN trojan" ac=I fn="D:\JÖRG-PC\Backup Set 2012-10-02 144103\Backup Files 2013-01-27 204027\Backup files 5.zip"
sh=F5F162591D77DB2889BE8DFD36F3A971AE0278CE ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2013-0422.CD trojan" ac=I fn="D:\JÖRG-PC\Backup Set 2012-10-02 144103\Backup Files 2013-02-24 190006\Backup files 2.zip"
sh=B0F524021803B812240BFCE041C9CCA31ECBB14C ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="D:\JÖRG-PC\Backup Set 2012-10-02 144103\Backup Files 2013-03-25 101802\Backup files 3.zip"
sh=BBC4F833DC83596CF839A4864EA53B188ADE3854 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="D:\JÖRG-PC\Backup Set 2013-04-01 145121\Backup Files 2013-04-01 145121\Backup files 13.zip"
sh=8A111176BF2A7557C4F99356DCB496A40497423A ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2013-0422.CD trojan" ac=I fn="D:\JÖRG-PC\Backup Set 2013-04-01 145121\Backup Files 2013-04-21 190004\Backup files 2.zip"
sh=15F35AB24C1C4621D434DA1638328EDEA70A19F6 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="D:\JÖRG-PC\Backup Set 2013-04-01 145121\Backup Files 2013-06-17 101145\Backup files 1.zip"

Results of screen317's Security Check version 0.99.78
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (3.0.0.9016)
Malwarebytes Anti-Malware Version 1.75.0.1300
JavaFX 2.1.1
Java 7 Update 45
Adobe Flash Player 11.9.900.170
Adobe Reader XI
Mozilla Firefox (26.0)
Mozilla Thunderbird (17.0.8)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-01-2014 01
Ran by Jörg (administrator) on JÖRG-PC on 13-01-2014 10:41:25
Running from C:\Users\Jörg\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
( ) C:\Windows\System32\lxczcoms.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Acer) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe
(Uniblue Systems Limited) C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
() C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GTLite.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
(klickTel GmbH) C:\Program Files (x86)\Digitale Rückwärtssuche\Digitale Rückwärtssuche auf CD-ROM\KMON.EXE
() C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark 1200 Series\LXCZbmon.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(North Star com.) C:\Program Files (x86)\Northstar\Photo Frame\Photo Frame.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Vidalia Bundle\Polipo\polipo.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Farbar) C:\Users\Jörg\Downloads\FRST64(2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [ISW] - "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
HKLM\...\Run: [lxczbmgr.exe] - C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe [74672 2007-02-08] (Lexmark International, Inc.)
HKLM\...\Run: [Ocs_SM] - C:\Users\Jörg\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [FaxCenterServer] - C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe [295856 2007-02-08] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [GamingMouse] - C:\Program Files (x86)\Drakonia Configurator\hid.exe [246784 2012-06-07] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKCU\...\Run: [GameTracker] - C:\Program Files (x86)\GameTracker\GTLite.exe [4018984 2010-09-02] (ClanServers Hosting LLC)
HKCU\...\Run: [Software Suite SE] - C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe [2353184 2009-07-28] (Acer Incorporated)
HKCU\...\Run: [InversMonitor] - C:\Program Files (x86)\Digitale Rückwärtssuche\Digitale Rückwärtssuche auf CD-ROM\KMON.EXE [7263232 2008-05-13] (klickTel GmbH)
HKCU\...\Run: [Vidalia] - C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe [5636136 2010-11-19] ()
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3077528 2011-06-26] ()
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-25] (AMD)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [162336 2009-07-22] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe [162336 2009-07-22] ()
Startup: C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = iGoogle Redirect
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&k=0
SearchScopes: HKCU - {41458688-D4F1-4536-ADFE-70281F588BDE} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {4246FEF4-F8AE-4CF3-AB2E-9DB4D59BA2C8} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5B1CC2CE-8545-4EB6-A962-410D468E7BF8} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5B27E59B-CCD3-4C1B-92E1-FD56C9C3DCC0} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE378
SearchScopes: HKCU - {67A4CE77-D3ED-4B82-81E0-31DB6BC12B35} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D696537&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&k=0
SearchScopes: HKCU - {798F67B9-B037-4639-BA5A-BF1C25749CA2} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=c7e55e05-0106-41bd-a233-ba207147df88&pid=freewarede&mode=bounce&k=0
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -  No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62

FireFox:
========
FF ProfilePath: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: WEB.DE Suche
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://web.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: SQLite Manager - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2013-09-11]
FF Extension: WEB.DE MailCheck - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\f7t3fg5x.Standard-Benutzer\Extensions\toolbar@web.de.xpi [2013-02-03]
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox

==================== Services (Whitelisted) =================

R2 DiskDoctorService; C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [1029480 2010-11-30] (Symantec Corporation)
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 lxcz_device; C:\Windows\system32\lxczcoms.exe [566192 2007-02-08] ( )
R2 lxcz_device; C:\Windows\SysWOW64\lxczcoms.exe [537520 2007-02-08] ( )
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe [186368 2010-11-12] (MAGIX AG)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S3 OberonGameConsoleService; C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe [44312 2009-08-29] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-01-12] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\RpcAgentSrv.exe [93848 2008-08-14] (SiSoftware)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SpeedDiskService; C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [1037672 2010-11-30] (Symantec Corporation)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20131218.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20140110.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140112.020\ENG64.SYS [126040 2014-01-09] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140112.020\EX64.SYS [2099288 2014-01-09] (Symantec Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
S3 SymDSMon; C:\Windows\system32\drivers\SymDSMon.sys [191232 2010-11-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 SYMSpeedDisk; C:\Windows\system32\drivers\SymSpeedDisk.sys [163384 2010-11-30] (Symantec Corporation)
S3 SYMSpeedDisk; C:\Windows\SysWOW64\drivers\SymSpeedDisk.sys [108800 2010-11-30] (Symantec Corporation)
R3 cpuz132; \??\C:\Users\JRG~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
S3 SYMFW; \SystemRoot\System32\Drivers\NISx64\1008000.029\SYMFW.SYS [x]
S3 SYMNDISV; \SystemRoot\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-13 10:40 - 2014-01-13 10:40 - 02075648 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64(2).exe
2014-01-13 10:34 - 2014-01-13 10:34 - 00987410 _____ C:\Users\Jörg\Downloads\SecurityCheck.exe
2014-01-13 02:21 - 2014-01-13 02:21 - 00002456 _____ C:\{5A2473AB-F50C-43C6-B294-DEB4B249F7D6}
2014-01-13 01:23 - 2014-01-13 01:23 - 00002168 _____ C:\{98D1ADE1-C05E-4674-BAD1-78E5305E22C6}
2014-01-12 23:48 - 2014-01-12 23:48 - 00002176 _____ C:\{36A740C1-F065-43C1-97A1-1146869C9F45}
2014-01-12 17:25 - 2014-01-12 17:27 - 02347384 _____ (ESET) C:\Users\Jörg\Downloads\esetsmartinstaller_enu.exe
2014-01-11 20:06 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-11 20:06 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-11 20:06 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-01-11 20:06 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-01-11 20:03 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-01-11 20:03 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-01-11 20:03 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-01-11 20:03 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-01-11 20:03 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-01-11 20:03 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-01-11 20:03 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-01-11 20:03 - 2012-06-02 15:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-01-10 22:05 - 2014-01-10 22:05 - 00000000 ____D C:\Users\Jörg\AppData\Local\Secunia PSI
2014-01-10 22:05 - 2014-01-10 22:05 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-10 22:04 - 2014-01-10 22:04 - 05329480 _____ (Secunia) C:\Users\Jörg\Downloads\PSISetup_3.0.0.9016.exe
2014-01-10 20:30 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-10 20:30 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-10 20:30 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-10 20:30 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-10 20:30 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-01-10 20:30 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-01-10 20:30 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-10 20:30 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-01-10 20:30 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-01-10 20:30 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-01-10 20:30 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-01-10 20:30 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-10 20:30 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-10 20:30 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-10 20:30 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-10 20:30 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-01-10 20:30 - 2013-03-19 06:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-01-10 20:30 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-01-10 20:30 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-01-10 20:30 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-01-10 20:30 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-01-10 20:30 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-01-10 20:30 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-01-10 20:30 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-01-10 20:30 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-01-10 20:30 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-01-10 20:30 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-01-10 20:30 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-01-10 20:30 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-01-10 20:30 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-01-10 20:30 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-01-10 20:30 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-01-10 20:30 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-01-10 20:30 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-01-10 20:30 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-01-10 20:30 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-01-10 20:30 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-01-10 20:30 - 2012-11-22 06:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-01-10 20:30 - 2012-11-22 05:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-01-10 20:30 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-01-10 20:30 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-01-10 20:30 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-01-10 20:30 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-01-10 20:30 - 2012-10-03 18:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-01-10 20:30 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-01-10 20:30 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-01-10 20:30 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-01-10 20:30 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-01-10 20:30 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-01-10 20:30 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-01-10 20:30 - 2012-10-03 17:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-01-10 20:30 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-01-10 20:30 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-01-10 20:30 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-01-10 20:30 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-01-10 20:30 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-01-10 20:30 - 2012-05-01 06:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-01-10 20:30 - 2012-04-07 13:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-01-10 20:30 - 2012-04-07 12:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-01-10 20:30 - 2012-01-13 08:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-01-10 20:29 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-01-10 20:29 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-01-10 20:29 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-01-10 20:29 - 2013-04-17 08:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-01-10 20:29 - 2013-04-17 07:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-01-10 20:29 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-01-10 20:29 - 2012-11-30 00:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2014-01-10 20:29 - 2012-11-30 00:15 - 00420064 _____ C:\Windows\system32\locale.nls
2014-01-10 20:29 - 2012-05-05 09:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-01-10 20:29 - 2012-05-05 08:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-01-10 16:34 - 2014-01-10 16:34 - 01932166 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64(1).exe
2014-01-10 16:23 - 2014-01-10 16:23 - 01233962 _____ C:\Users\Jörg\Downloads\adwcleaner(1).exe
2014-01-09 22:09 - 2014-01-13 10:41 - 00024148 _____ C:\Users\Jörg\Downloads\FRST.txt
2014-01-09 22:09 - 2014-01-09 22:10 - 00041407 _____ C:\Users\Jörg\Downloads\Addition.txt
2014-01-09 22:08 - 2014-01-09 22:08 - 01931770 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64.exe
2014-01-09 22:08 - 2014-01-09 22:08 - 00000000 ____D C:\FRST
2014-01-09 21:46 - 2014-01-09 21:46 - 00018713 _____ C:\Users\Jörg\Documents\JRT.txt
2014-01-09 21:44 - 2014-01-09 21:44 - 00018713 _____ C:\Users\Jörg\Desktop\JRT.txt
2014-01-09 21:39 - 2014-01-09 21:39 - 00000000 ____D C:\Windows\ERUNT
2014-01-09 21:38 - 2014-01-09 21:38 - 01037068 _____ (Thisisu) C:\Users\Jörg\Downloads\JRT.exe
2014-01-09 19:32 - 2014-01-10 16:26 - 00000000 ____D C:\AdwCleaner
2014-01-09 19:31 - 2014-01-09 19:32 - 01233962 _____ C:\Users\Jörg\Downloads\adwcleaner.exe
2014-01-09 19:30 - 2014-01-09 19:30 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller(1).exe
2014-01-09 19:29 - 2014-01-09 19:29 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller.exe
2014-01-08 16:07 - 2014-01-08 16:07 - 00055445 _____ C:\Windows\SysWOW64\CCCInstall_201401081607103522.log
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\ProgramData\ATI
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2014-01-08 16:03 - 2014-01-08 16:03 - 00000000 ____D C:\Program Files\AMD
2014-01-08 15:57 - 2014-01-08 16:02 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-08 15:49 - 2014-01-08 15:50 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Jörg\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe
2014-01-08 15:47 - 2014-01-08 15:48 - 253557288 _____ (AMD Inc.) C:\Users\Jörg\Downloads\amd_catalyst_13.11_betav9.5.exe
2013-12-30 18:27 - 2013-12-30 18:27 - 00915368 _____ (Oracle Corporation) C:\Users\Jörg\Downloads\jxpiinstall.exe

==================== One Month Modified Files and Folders =======

2014-01-13 10:41 - 2014-01-09 22:09 - 00024148 _____ C:\Users\Jörg\Downloads\FRST.txt
2014-01-13 10:40 - 2014-01-13 10:40 - 02075648 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64(2).exe
2014-01-13 10:34 - 2014-01-13 10:34 - 00987410 _____ C:\Users\Jörg\Downloads\SecurityCheck.exe
2014-01-13 10:09 - 2012-04-02 12:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-13 10:09 - 2010-05-07 21:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-13 10:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-13 03:00 - 2010-01-22 15:36 - 01528410 _____ C:\Windows\WindowsUpdate.log
2014-01-13 02:21 - 2014-01-13 02:21 - 00002456 _____ C:\{5A2473AB-F50C-43C6-B294-DEB4B249F7D6}
2014-01-13 01:23 - 2014-01-13 01:23 - 00002168 _____ C:\{98D1ADE1-C05E-4674-BAD1-78E5305E22C6}
2014-01-12 23:48 - 2014-01-12 23:48 - 00002176 _____ C:\{36A740C1-F065-43C1-97A1-1146869C9F45}
2014-01-12 20:10 - 2010-05-07 21:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-12 17:55 - 2010-01-05 12:10 - 00699416 _____ C:\Windows\system32\perfh007.dat
2014-01-12 17:55 - 2010-01-05 12:10 - 00149556 _____ C:\Windows\system32\perfc007.dat
2014-01-12 17:55 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-12 17:42 - 2011-06-26 14:20 - 00000000 ____D C:\Users\Jörg\AppData\Local\PMB Files
2014-01-12 17:27 - 2014-01-12 17:25 - 02347384 _____ (ESET) C:\Users\Jörg\Downloads\esetsmartinstaller_enu.exe
2014-01-12 17:17 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-12 17:17 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-12 17:14 - 2010-05-07 21:11 - 00114080 _____ C:\Users\Jörg\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-12 17:12 - 2013-10-17 11:16 - 00000342 _____ C:\Windows\Tasks\rbmonitor.job
2014-01-12 17:12 - 2011-07-26 12:59 - 00000436 _____ C:\Windows\Tasks\PCCT - MAGIX AG.job
2014-01-12 17:12 - 2011-05-05 20:33 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\Vidalia
2014-01-12 17:12 - 2010-09-29 12:48 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\GameTracker
2014-01-12 17:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-12 17:11 - 2009-07-14 05:51 - 00131129 _____ C:\Windows\setupact.log
2014-01-12 17:11 - 2009-07-14 05:45 - 00436472 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-11 19:57 - 2012-01-26 20:09 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-11 19:57 - 2012-01-25 16:24 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-11 19:57 - 2012-01-25 16:24 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-11 00:36 - 2009-12-04 11:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-11 00:33 - 2011-11-10 18:07 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-10 22:16 - 2010-05-07 21:29 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\Adobe
2014-01-10 22:05 - 2014-01-10 22:05 - 00000000 ____D C:\Users\Jörg\AppData\Local\Secunia PSI
2014-01-10 22:05 - 2014-01-10 22:05 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-10 22:04 - 2014-01-10 22:04 - 05329480 _____ (Secunia) C:\Users\Jörg\Downloads\PSISetup_3.0.0.9016.exe
2014-01-10 16:34 - 2014-01-10 16:34 - 01932166 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64(1).exe
2014-01-10 16:26 - 2014-01-09 19:32 - 00000000 ____D C:\AdwCleaner
2014-01-10 16:23 - 2014-01-10 16:23 - 01233962 _____ C:\Users\Jörg\Downloads\adwcleaner(1).exe
2014-01-10 15:58 - 2009-12-04 11:47 - 00368254 _____ C:\Windows\PFRO.log
2014-01-09 23:20 - 2011-05-05 20:33 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\Tor
2014-01-09 22:10 - 2014-01-09 22:09 - 00041407 _____ C:\Users\Jörg\Downloads\Addition.txt
2014-01-09 22:08 - 2014-01-09 22:08 - 01931770 _____ (Farbar) C:\Users\Jörg\Downloads\FRST64.exe
2014-01-09 22:08 - 2014-01-09 22:08 - 00000000 ____D C:\FRST
2014-01-09 21:46 - 2014-01-09 21:46 - 00018713 _____ C:\Users\Jörg\Documents\JRT.txt
2014-01-09 21:44 - 2014-01-09 21:44 - 00018713 _____ C:\Users\Jörg\Desktop\JRT.txt
2014-01-09 21:39 - 2014-01-09 21:39 - 00000000 ____D C:\Windows\ERUNT
2014-01-09 21:38 - 2014-01-09 21:38 - 01037068 _____ (Thisisu) C:\Users\Jörg\Downloads\JRT.exe
2014-01-09 19:32 - 2014-01-09 19:31 - 01233962 _____ C:\Users\Jörg\Downloads\adwcleaner.exe
2014-01-09 19:30 - 2014-01-09 19:30 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller(1).exe
2014-01-09 19:29 - 2014-01-09 19:29 - 00464381 ____N C:\Users\Jörg\Downloads\SpyHunterKiller.exe
2014-01-08 16:07 - 2014-01-08 16:07 - 00055445 _____ C:\Windows\SysWOW64\CCCInstall_201401081607103522.log
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\ProgramData\ATI
2014-01-08 16:07 - 2014-01-08 16:07 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2014-01-08 16:07 - 2012-03-25 12:25 - 00000000 ____D C:\ProgramData\AMD
2014-01-08 16:07 - 2010-05-07 21:29 - 00000000 ____D C:\Users\Jörg\AppData\Local\Google
2014-01-08 16:06 - 2011-10-27 12:07 - 00000000 ____D C:\Users\Jörg\AppData\Local\CrashDumps
2014-01-08 16:06 - 2011-10-19 14:07 - 00000000 ____D C:\Program Files\ATI Technologies
2014-01-08 16:03 - 2014-01-08 16:03 - 00000000 ____D C:\Program Files\AMD
2014-01-08 16:02 - 2014-01-08 15:57 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-08 15:50 - 2014-01-08 15:49 - 212753896 _____ (Advanced Micro Devices, Inc.) C:\Users\Jörg\Downloads\13-12_win7_win8_64_dd_ccc_whql.exe
2014-01-08 15:48 - 2014-01-08 15:47 - 253557288 _____ (AMD Inc.) C:\Users\Jörg\Downloads\amd_catalyst_13.11_betav9.5.exe
2014-01-07 13:13 - 2011-07-11 17:19 - 00000000 ____D C:\Users\Jörg\Documents\B E W E R B U N G E N; Z E U G N I S S E
2013-12-30 18:27 - 2013-12-30 18:27 - 00915368 _____ (Oracle Corporation) C:\Users\Jörg\Downloads\jxpiinstall.exe
2013-12-28 18:12 - 2010-05-07 21:11 - 00000000 ____D C:\Users\Jörg
2013-12-28 18:11 - 2009-07-14 03:34 - 85458944 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 20185088 _____ C:\Windows\system32\config\SYSTEM.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 00020480 _____ C:\Windows\system32\config\SECURITY.bak
2013-12-28 18:11 - 2009-07-14 03:34 - 00020480 _____ C:\Windows\system32\config\SAM.bak
2013-12-25 19:03 - 2013-11-20 13:22 - 00000000 ____D C:\Users\Jörg\AppData\Roaming\HpUpdate
2013-12-15 21:05 - 2013-08-14 17:39 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 21:02 - 2010-05-16 14:07 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 16:41 - 2010-05-23 13:28 - 00000000 ____D C:\Users\Jörg\Documents\E I N K O M M E N S T E U E R
2013-12-15 15:52 - 2012-04-26 13:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\Jörg\AppData\Local\Temp\Quarantine.exe
C:\Users\Jörg\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Jörg\AppData\Local\Temp\SymcPCCUInstaller.exe
C:\Users\Jörg\AppData\Local\Temp\_is83CF.exe
C:\Users\Jörg\AppData\Local\Temp\_is95F8.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-13 09:47

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 14.01.2014, 09:13

Zitat:

1. Frage: Hat in dieser Zeit jemand Unbefugtes zutritt zu meinen gespeicherten Daten gehabt?
2. Frage: Kann das Eset-Programm den Scan nicht schneller durchführen bzw. gibt es Alternativen zum Eset-Programm?

der Speed hängt von der zu scannenden Datenmenge ab. Man kann auch einen anderne Onlinescanner nutzen, nen Zeitgewinn wird es dadurch nicht geben. Es geht dabei darum noch einmal einen Kontrollscan von aussen zu haben, der Bereiche abklopft die unsere Tools nicht antasten.

Wie Du jetzt zb siehst ist dein backup auf D für die Tonne.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Kapitän · 14.01.2014, 14:22

# DelFix v10.6 - Datei am 14/01/2014 um 14:01:51 erstellt
# Aktualisiert am 11/11/2013 von Xplode
# Benutzer : Jörg - JÖRG-PC
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Aktiviere die Benutzerkontensteuerung ... OK

~ Entferne die Bereinigungsprogramme ...

Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\Jörg\Desktop\JRT.txt
Gelöscht : C:\Users\Jörg\Downloads\Addition.txt
Gelöscht : C:\Users\Jörg\Downloads\adwcleaner(1).exe
Gelöscht : C:\Users\Jörg\Downloads\adwcleaner.exe
Gelöscht : C:\Users\Jörg\Downloads\esetsmartinstaller_enu.exe
Gelöscht : C:\Users\Jörg\Downloads\FRST.txt
Gelöscht : C:\Users\Jörg\Downloads\FRST64(1).exe
Gelöscht : C:\Users\Jörg\Downloads\FRST64(2).exe
Gelöscht : C:\Users\Jörg\Downloads\FRST64.exe
Gelöscht : C:\Users\Jörg\Downloads\JRT.exe
Gelöscht : C:\Users\Jörg\Downloads\SecurityCheck.exe
Gelöscht : C:\Users\Jörg\Downloads\TFC.exe
Gelöscht : HKLM\SOFTWARE\OldTimer Tools
Gelöscht : HKLM\SOFTWARE\AdwCleaner

~ Erstelle ein Backup der Registrierungsdatenbank ... OK

~ Lösche die Wiederherstellungspunkte ...

Gelöscht : RP #394 [Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 | 01/08/2014 14:57:05]
Gelöscht : RP #395 [Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 | 01/08/2014 15:02:11]
Gelöscht : RP #396 [Windows Update | 01/09/2014 15:07:42]
Gelöscht : RP #397 [Windows Update | 01/10/2014 23:20:13]
Gelöscht : RP #398 [Windows Update | 01/11/2014 19:01:43]
Gelöscht : RP #399 [Windows-Sicherung | 01/12/2014 18:01:30]

Ein neuer Wiederherstellungspunkt wurde erstellt !

~ Stelle die Systemeinstellungen wieder her ... OK

########## - EOF - ##########

Hier nochmal der Editor von Delfix bzw. das Erbebnis davon

Ich hätte noch Anmerkungen bzw. Fragen:
Leider konnte ich SecurityCheck und TFC NICHT auf meinem Desktop speichern, sondern beide Programme erschienen nur auf meinem Desktop als "Ausführungsprogramm" jedoch nicht in Form eines Buttons, den man anklicken kann. Was ist zu tun?

Und das Eset-Logfile besagt ja, dass 19 "Threats" gefunden wurden, diese aber nicht gelöscht wurden. Mit 19 "Threats" meinte das Eset-Logfile sicher Dateien mit Malware die ich mal angeklickt habe, die jedoch nicht zu einer Verunreinigung meines Systems geführt haben, oder?

Zum Schluss natürlich VIELEN DANK für die Hilfe!

Viele Grüße,

Kapitän

PS.:
Die Bill Castner-Seite konnte nicht aufgerufen werden. Es erschien: "Page not found".

schrauber · 15.01.2014, 09:34

Zitat:

Leider konnte ich SecurityCheck und TFC NICHT auf meinem Desktop speichern, sondern beide Programme erschienen nur auf meinem Desktop als "Ausführungsprogramm" jedoch nicht in Form eines Buttons, den man anklicken kann. Was ist zu tun?

Lösche die temporären Dateien mit CCleaner oder so.

Zitat:

Und das Eset-Logfile besagt ja, dass 19 "Threats" gefunden wurden, diese aber nicht gelöscht wurden. Mit 19 "Threats" meinte das Eset-Logfile sicher Dateien mit Malware die ich mal angeklickt habe, die jedoch nicht zu einer Verunreinigung meines Systems geführt haben, oder?

das waren 19 Funde, 19 Dateien die seuche sind. Wenn Du die temps leerst wie oben angebeben und dein Backup Audf D löschst sind die aber weg

Kapitän · 15.01.2014, 15:08

Ich muss nochmals nachfragen:
Was muss ich konkret machen um die 19 "Threats" zu beseitigen? Habe doch DelFix "drüberlaufen lassen".

Nochmals ein

schrauber · 16.01.2014, 09:01

Temporäre Dateien löschen und das backup auf D

Kapitän · 18.01.2014, 14:04

Temporäre Dateien habe ich jetzt mit CCleaner gelöscht, aber das backup auf D, weiß ich nicht ob das gelöscht wurde. Wie kann man das löschen bzw. wie kann man es kontrollieren ob es gelöscht wurde?

12.01.2014, 08:31	#8
schrauber /// the machine /// TB-Ausbilder	Probleme mit PUP.Optional.Iminent.A Firewall kannste an lassen. Sonst nix Surfen in der Zeit dann passt das schon __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

16.01.2014, 09:01	#14
schrauber /// the machine /// TB-Ausbilder	Probleme mit PUP.Optional.Iminent.A Temporäre Dateien löschen und das backup auf D __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Probleme mit PUP.Optional.Iminent.A

Plagegeister aller Art und deren Bekämpfung: Probleme mit PUP.Optional.Iminent.A