Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
adfly plötzlich da und leitet navigation um, nur Adware?

adfly plötzlich da und leitet navigation um, nur Adware?


Plagegeister aller Art und deren Bekämpfung: adfly plötzlich da und leitet navigation um, nur Adware?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 07.02.2014, 00:01   #1
NoobDude
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


hab mir was eingefangen und werde es nicht los: Mag mir jemand helfen? Ich bin aber wirklich ein Noob, was sowas angeht.
hier dieser otl.text. Reicht das?

Code:
ATTFilter
OTL logfile created on: 06.02.2014 23:22:11 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\kleinbär\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,70 Gb Total Physical Memory | 3,83 Gb Available Physical Memory | 49,74% Memory free
15,40 Gb Paging File | 11,35 Gb Available in Paging File | 73,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282,95 Gb Total Space | 140,77 Gb Free Space | 49,75% Space Free | Partition Type: NTFS
Drive Q: | 13,67 Gb Total Space | 3,04 Gb Free Space | 22,23% Space Free | Partition Type: NTFS
 
Computer Name: KLEINBÄR-THINK | User Name: kleinbär | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014.02.06 23:20:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kleinbär\Desktop\OTL.exe
PRC - [2014.02.04 22:31:13 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
PRC - [2014.01.03 01:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014.01.03 01:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.12.21 00:17:46 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.12.17 11:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013.12.01 16:13:22 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013.08.15 07:07:55 | 000,257,136 | ---- | M] (Microsoft Corporation) -- C:\Users\Jens\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2013.05.21 05:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
PRC - [2013.05.09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.06 17:59:02 | 003,786,768 | ---- | M] (Research In Motion) -- C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe
PRC - [2013.05.06 17:59:02 | 000,929,296 | ---- | M] (Research In Motion) -- C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe
PRC - [2013.05.06 17:59:02 | 000,777,744 | ---- | M] (Research In Motion) -- C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe
PRC - [2013.04.30 12:54:50 | 002,433,552 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
PRC - [2013.04.26 09:47:20 | 000,661,008 | ---- | M] () -- C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
PRC - [2013.04.26 07:42:42 | 004,265,472 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
PRC - [2013.04.26 07:25:36 | 000,389,632 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
PRC - [2013.04.18 11:29:12 | 001,235,456 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
PRC - [2013.04.04 01:55:34 | 011,262,304 | ---- | M] (SugarSync, Inc.) -- C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
PRC - [2013.02.06 11:23:14 | 000,585,728 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
PRC - [2013.01.17 15:08:26 | 000,267,792 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2012.12.12 10:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2012.07.12 13:59:15 | 000,155,488 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
PRC - [2012.06.01 20:49:06 | 000,179,568 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
PRC - [2012.06.01 20:49:00 | 000,290,160 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2012.06.01 20:48:58 | 000,061,296 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2012.06.01 20:48:38 | 000,058,224 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2012.05.15 22:32:00 | 000,128,608 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
PRC - [2012.05.15 16:45:22 | 000,065,336 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
PRC - [2012.04.19 00:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
PRC - [2012.02.28 09:20:58 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.02.28 09:20:56 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.02.28 09:20:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.02.26 19:01:56 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.01.25 08:44:56 | 000,567,360 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2012.01.17 07:29:24 | 000,169,776 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
PRC - [2011.12.29 11:20:42 | 000,144,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2010.04.27 17:06:02 | 000,138,072 | ---- | M] () -- C:\Program Files (x86)\Join Air\UIExec.exe
PRC - [2010.04.27 16:57:32 | 000,247,152 | ---- | M] () -- C:\Program Files (x86)\Join Air\AssistantServices.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014.02.04 22:31:12 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2014.01.03 01:45:04 | 003,558,400 | ---- | M] () -- C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013.12.21 00:17:46 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.10.19 00:55:02 | 025,100,288 | ---- | M] () -- C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012.07.12 13:59:16 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
MOD - [2012.07.12 13:59:16 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
MOD - [2012.07.12 13:59:16 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
MOD - [2012.07.12 13:59:15 | 000,891,392 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
MOD - [2012.07.12 13:59:15 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
MOD - [2012.07.12 13:59:15 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
MOD - [2012.07.12 13:59:15 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
MOD - [2012.07.12 13:59:15 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
MOD - [2012.07.12 13:59:15 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
MOD - [2012.07.12 13:59:15 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
MOD - [2012.07.12 13:59:14 | 002,281,984 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
MOD - [2012.07.12 13:59:14 | 000,446,976 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
MOD - [2010.04.27 17:06:02 | 000,138,072 | ---- | M] () -- C:\Program Files (x86)\Join Air\UIExec.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.11.26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.06.01 20:49:06 | 000,179,568 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe -- (LENOVO.TVTVCAM)
SRV:64bit: - [2012.06.01 20:48:58 | 000,061,296 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:64bit: - [2012.06.01 20:48:38 | 000,058,224 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:64bit: - [2012.05.29 15:27:14 | 000,144,992 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV:64bit: - [2012.04.01 12:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2012.02.29 07:15:08 | 000,048,704 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2012.02.26 05:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012.02.26 05:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012.02.26 05:07:32 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012.02.26 05:07:26 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012.02.02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2011.12.29 11:20:42 | 000,144,960 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2011.12.28 22:48:24 | 000,049,480 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2011.07.12 08:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2011.07.12 08:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.04 22:31:13 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.21 00:17:46 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.17 11:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013.10.06 04:27:28 | 000,129,424 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe -- (NCO)
SRV - [2013.05.21 05:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe -- (NAV)
SRV - [2013.05.09 23:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.26 07:25:36 | 000,389,632 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe -- (RIM MDNS)
SRV - [2013.04.18 11:29:12 | 001,235,456 | ---- | M] (Research In Motion Limited) [Auto | Running] -- C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe -- (RIM Tunnel Service)
SRV - [2013.02.06 11:23:14 | 000,585,728 | ---- | M] (Research In Motion Limited) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe -- (BlackBerry Device Manager)
SRV - [2012.05.15 22:32:00 | 001,665,120 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE -- (PwmEWSvc)
SRV - [2012.05.15 22:32:00 | 001,662,560 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2012.05.15 22:32:00 | 000,320,576 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc)
SRV - [2012.04.19 00:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
SRV - [2012.03.28 16:06:22 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.02.28 09:20:58 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.02.28 09:20:56 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.02.28 09:20:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.01.17 07:29:24 | 000,169,776 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe -- (FastbootService)
SRV - [2010.04.27 16:57:32 | 000,247,152 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Join Air\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.09.27 20:23:26 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DE06000.01B\ccsetx64.sys -- (ccSet_NST)
DRV:64bit: - [2013.06.19 06:46:09 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.05.23 06:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1404000.028\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013.05.21 06:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1404000.028\symds64.sys -- (SymDS)
DRV:64bit: - [2013.05.16 06:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1404000.028\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.04.26 07:23:00 | 000,017,920 | ---- | M] (Research in Motion Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rimvndis6_AMD64.sys -- (rimvndis)
DRV:64bit: - [2013.04.25 01:43:56 | 000,433,752 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1404000.028\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.04.16 03:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1404000.028\ccsetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2013.03.05 02:40:08 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1404000.028\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013.03.05 02:21:35 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1404000.028\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.02.12 05:12:05 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:64bit: - [2013.01.17 13:51:08 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.01.03 12:50:48 | 000,078,336 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2012.12.10 14:48:02 | 000,044,544 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2012.05.30 05:42:10 | 000,569,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012.05.15 22:32:00 | 000,029,512 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DZHDD64.SYS -- (DzHDD64)
DRV:64bit: - [2012.05.15 22:32:00 | 000,019,784 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2012.04.19 17:36:26 | 000,035,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012.04.19 17:36:26 | 000,025,528 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2012.04.08 16:18:54 | 000,429,328 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.04.01 03:52:30 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2012.04.01 03:52:26 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2012.04.01 03:52:24 | 000,163,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2012.03.28 13:16:48 | 000,216,704 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877)
DRV:64bit: - [2012.03.26 16:07:06 | 000,033,344 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV:64bit: - [2012.03.19 08:32:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.05 12:29:42 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2012.03.05 12:29:40 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2012.02.29 07:14:48 | 000,042,312 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2012.02.26 19:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.02.26 19:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.02.26 19:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.02.20 12:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012.01.11 04:30:58 | 000,360,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2011.12.28 22:48:24 | 000,147,784 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2011.12.28 22:48:24 | 000,025,416 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2011.12.26 10:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2011.12.08 22:06:07 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.12.08 22:06:07 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.12.07 18:59:52 | 000,027,432 | ---- | M] (ThinkVantage Communications Utility) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvtvcamd.sys -- (tvtvcamd)
DRV:64bit: - [2011.12.05 20:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.09 17:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011.09.17 01:38:52 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011.05.30 18:21:40 | 000,013,128 | ---- | M] (Authentec Inc.) [Kernel | Auto | Running] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp)
DRV:64bit: - [2011.05.29 11:48:04 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C)
DRV:64bit: - [2011.05.25 17:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.01.05 11:31:34 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010.01.05 11:31:34 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010.01.05 11:31:34 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2010.01.05 11:31:34 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009.07.14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014.01.28 10:59:33 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\VirusDefs\20140206.003\ex64.sys -- (NAVEX15)
DRV - [2014.01.28 10:59:33 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\VirusDefs\20140206.003\eng64.sys -- (NAVENG)
DRV - [2014.01.21 21:08:49 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\IPSDefs\20140205.002\IDSviA64.sys -- (IDSVia64)
DRV - [2013.12.18 01:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\BASHDefs\20140121.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.11.22 20:36:01 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.11.22 20:36:01 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {F8D28F48-DF25-4B6E-BAAC-5B7FF809722B}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119649&babsrc=SP_ss&mntrId=f6c6769c000000000000843a4b481169
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE522
IE - HKCU\..\SearchScopes\{F8D28F48-DF25-4B6E-BAAC-5B7FF809722B}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&r=521
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "LEO Eng-Deu"
FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.startpage.com/"
FF - prefs.js..extensions.enabledAddons: optout%40google.com:1.5
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: info%40sharkcube.com:2.0
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.5.3%20-%201
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\kleinbär\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\kleinbär\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP1X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2013.01.17 05:16:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ [2014.01.19 00:13:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP2X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2013.01.17 05:16:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\IPSFF [2013.10.09 21:22:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.27 16:15:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.11.24 14:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kleinbär\AppData\Roaming\mozilla\Extensions
[2013.11.24 14:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kleinbär\AppData\Roaming\mozilla\Extensions\{5bbb0947-b422-4aa9-9ea0-3fd17742cbfb}
[2014.01.26 13:17:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kleinbär\AppData\Roaming\mozilla\Firefox\Profiles\ezn8qurb.default\extensions
[2013.08.28 08:15:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\kleinbär\AppData\Roaming\mozilla\Firefox\Profiles\ezn8qurb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.01.26 13:17:51 | 000,013,305 | ---- | M] () (No name found) -- C:\Users\kleinbär\AppData\Roaming\mozilla\firefox\profiles\ezn8qurb.default\extensions\info@sharkcube.com.xpi
[2013.10.29 22:10:18 | 000,320,988 | ---- | M] () (No name found) -- C:\Users\kleinbär\AppData\Roaming\mozilla\firefox\profiles\ezn8qurb.default\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi
[2013.07.04 21:39:33 | 000,008,363 | ---- | M] () (No name found) -- C:\Users\kleinbär\AppData\Roaming\mozilla\firefox\profiles\ezn8qurb.default\extensions\optout@google.com.xpi
[2013.03.05 21:29:44 | 000,001,294 | ---- | M] () -- C:\Users\kleinbär\AppData\Roaming\mozilla\firefox\profiles\ezn8qurb.default\searchplugins\delta.xml
[2013.07.04 21:30:30 | 000,010,530 | ---- | M] () -- C:\Users\kleinbär\AppData\Roaming\mozilla\firefox\profiles\ezn8qurb.default\searchplugins\duckduckgo.xml
[2014.02.06 21:07:55 | 000,001,839 | ---- | M] () -- C:\Users\kleinbär\AppData\Roaming\mozilla\firefox\profiles\ezn8qurb.default\searchplugins\ixquick-https---deutsch.xml
[2013.12.21 00:17:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.12.21 00:17:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.10.09 21:22:09 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\IPSFF
File not found (No name found) -- C:\USERS\KLEINBäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EZN8QURB.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\USERS\KLEINBäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EZN8QURB.DEFAULT\EXTENSIONS\INFO@SHARKCUBE.COM.XPI
File not found (No name found) -- C:\USERS\KLEINBäR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EZN8QURB.DEFAULT\EXTENSIONS\OPTOUT@GOOGLE.COM.XPI
[2013.03.05 21:29:31 | 000,006,484 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\kleinbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
CHR - plugin: Intel Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\
CHR - Extension: Adblock Plus = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Adblock Plus = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: Adblock Plus = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0\
CHR - Extension: Adblock Plus = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\
CHR - Extension: Adblock Plus = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: Adblock Plus = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Google-Suche = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: WGT Golf Challenge = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0\
CHR - Extension: ayaya's Bookmark Tree = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dneehabidhbfdiohdhbhjbbljobchgab\0.6.0_0\
CHR - Extension: Chuck Anderson = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp\3_0\
CHR - Extension: Chromium Scrapbook = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokffdfnlmampchciemmflgbckijpmlb\0.15.4_0\
CHR - Extension: Feedly - News, Blogs and Youtube = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\16.0.544_0\
CHR - Extension: Feedly - News, Blogs and Youtube = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\18.1_0\
CHR - Extension: Feedly - News, Blogs and Youtube = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\18.2_0\
CHR - Extension: bitly | \u2665  your bitmarks = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.89_0\
CHR - Extension: bitly | \u2665  your bitmarks = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.91_0\
CHR - Extension: bitly | \u2665  your bitmarks = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.94_0\
CHR - Extension: Right Click dict.leo.org = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickiggjghcdbbiokdpiinpmcgoldakoh\1.0.0.1_0\
CHR - Extension: Firebug Console = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\jodfpogckhbcjamkfgjeicoiphpligka\0.1.0.8_0\
CHR - Extension: Cargo Bridge = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.7_0\
CHR - Extension: DSL speedtest = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj\1.1_0\
CHR - Extension: Norton Identity Protection = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\
CHR - Extension: Ghostery = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.2_0\
CHR - Extension: Ghostery = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\
CHR - Extension: Ghostery = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.1.1_0\
CHR - Extension: Ghostery = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.1.2_0\
CHR - Extension: FastestFox \u2013 Schneller browsen = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.0.4_0\
CHR - Extension: FastestFox \u2013 Schneller browsen = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.2.2_0\
CHR - Extension: FastestFox \u2013 Schneller browsen = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.4_0\
CHR - Extension: FastestFox \u2013 Schneller browsen = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.5_0\
CHR - Extension: FastestFox \u2013 Schneller browsen = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.8_0\
CHR - Extension: Bundlr = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm\1.0.8_0\
CHR - Extension: Google Wallet = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Wallet = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Google Wallet = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Wallet = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Norton Identity Protection = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2013.4.0.10_0\
CHR - Extension: Norton Identity Protection = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.5.0.67_0\
CHR - Extension: Norton Identity Protection = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.5.1.4_0\
CHR - Extension: Norton Identity Protection = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.6.0.27_0\
CHR - Extension: Norton Identity Protection = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.6.2.3_0\
CHR - Extension: Google Mail = C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe (Lenovo)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
O4 - HKLM..\Run: [RIM PeerManager] C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\Join Air\UIExec.exe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [SugarSync] C:\Program Files (x86)\SugarSync\SugarSyncManager.exe (SugarSync, Inc.)
O4 - HKCU..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found
O4 - Startup: C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BEED434C-6096-4043-B759-0F0B48F18149}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.12.15 04:05:40 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{96ece6c6-6059-11e2-ad97-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{96ece6c6-6059-11e2-ad97-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2011.12.15 04:05:40 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.02.06 23:20:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\kleinbär\Desktop\OTL.exe
[2014.02.06 22:11:15 | 000,000,000 | ---D | C] -- C:\FRST
[2014.02.03 23:44:13 | 000,000,000 | ---D | C] -- C:\Users\kleinbär\Desktop\picsZ10
[2014.01.14 21:14:27 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014.01.14 21:14:27 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014.01.14 21:14:27 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014.01.09 22:02:21 | 000,000,000 | ---D | C] -- C:\Users\kleinbär\AppData\Local\ElevatedDiagnostics
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014.02.06 23:20:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kleinbär\Desktop\OTL.exe
[2014.02.06 23:18:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.06 23:09:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000UA.job
[2014.02.06 23:09:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000Core.job
[2014.02.06 22:31:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.02.06 22:09:50 | 000,000,000 | ---- | M] () -- C:\Users\kleinbär\defogger_reenable
[2014.02.06 22:02:08 | 000,001,151 | ---- | M] () -- C:\Users\kleinbär\Desktop\Continue Zip Opener Installation.lnk
[2014.02.06 21:39:27 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.06 21:01:58 | 000,034,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.06 21:01:58 | 000,034,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.06 20:53:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.06 20:53:52 | 1908,248,575 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.04 22:31:13 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.02.04 22:31:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.02.04 21:20:12 | 000,002,186 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.02.04 07:45:06 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.02.04 07:45:06 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.02.04 07:45:06 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.02.04 07:45:06 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.02.04 07:45:06 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.22 21:56:13 | 000,002,056 | ---- | M] () -- C:\Users\kleinbär\Desktop\Entfernen des Avira PC Cleaners.lnk
[2014.01.22 21:56:13 | 000,002,000 | ---- | M] () -- C:\Users\kleinbär\Desktop\Avira PC Cleaner.lnk
[2014.01.17 20:04:03 | 000,001,070 | ---- | M] () -- C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.01.17 20:03:51 | 000,001,044 | ---- | M] () -- C:\Users\kleinbär\Desktop\Dropbox.lnk
[2014.01.16 21:28:49 | 000,343,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.11 19:29:36 | 832,334,645 | ---- | M] () -- C:\Windows\MEMORY.DMP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.02.06 22:09:50 | 000,000,000 | ---- | C] () -- C:\Users\kleinbär\defogger_reenable
[2014.02.06 22:02:08 | 000,001,151 | ---- | C] () -- C:\Users\kleinbär\Desktop\Continue Zip Opener Installation.lnk
[2014.01.22 21:56:13 | 000,002,056 | ---- | C] () -- C:\Users\kleinbär\Desktop\Entfernen des Avira PC Cleaners.lnk
[2014.01.22 21:56:13 | 000,002,000 | ---- | C] () -- C:\Users\kleinbär\Desktop\Avira PC Cleaner.lnk
[2013.08.27 21:52:25 | 000,000,082 | ---- | C] () -- C:\Windows\odbc_merge.INI
[2013.02.09 22:43:27 | 000,007,601 | ---- | C] () -- C:\Users\kleinbär\AppData\Local\Resmon.ResmonCfg
[2013.02.06 09:45:21 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat
[2013.01.17 05:06:47 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2013.01.17 05:06:45 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2013.01.17 05:06:43 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.01.17 05:06:42 | 013,024,256 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
Danke schön im voraus!

Alt 07.02.2014, 07:08   #2
schrauber
/// the machine
/// TB-Ausbilder
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 07.02.2014, 14:49   #3
NoobDude
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


alles klar:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-02-2014
Ran by kleinbär (administrator) on KLEINBÄR-THINK on 06-02-2014 22:11:17
Running from C:\Users\kleinbär\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccsvchst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccsvchst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Join Air\UIExec.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccsvchst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Users\Jens\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\Jens\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Join Air\UIExec.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Common Files\Research in Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research in Motion\nginx\nginx.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\RIMDeviceManager\RIMDeviceManager.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916112 2012-04-08] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fastboot] - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-17] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [UIExec] - C:\Program Files (x86)\Join Air\UIExec.exe [138072 2010-04-27] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [RIM PeerManager] - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4265472 2013-04-26] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [SugarSync] - C:\Program Files (x86)\SugarSync\SugarSyncManager.exe [11262304 2013-04-04] (SugarSync, Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [Google Update] - C:\Users\kleinbär\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-20] (Google Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\MountPoints2: {96ece6c6-6059-11e2-ad97-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-3145524375-3569429777-1252793268-1003\...\Run: [openvpntray.EXE] - C:\Users\Jens\AppData\Roaming\Hotspot Shield\bin\openvpntray.EXE -nonadmin
HKU\S-1-5-21-3145524375-3569429777-1252793268-1003\...\Run: [BlackBerryLink.exe] - C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [3786768 2013-05-06] (Research In Motion)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1003\...\Run: [SkyDrive] - C:\Users\Jens\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-15] (Microsoft Corporation)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1003\...\MountPoints2: {76fc7b05-9a2d-11e2-8cef-3c970e6c558c} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\start.exe
HKU\S-1-5-21-3145524375-3569429777-1252793268-1003\...\MountPoints2: {96ece6c6-6059-11e2-ad97-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {F8D28F48-DF25-4B6E-BAAC-5B7FF809722B} URL = hxxp://www.bing.com/search?q={searchTerms}&r=521
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119649&babsrc=SP_ss&mntrId=f6c6769c000000000000843a4b481169
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE522
SearchScopes: HKCU - {F8D28F48-DF25-4B6E-BAAC-5B7FF809722B} URL = hxxp://www.bing.com/search?q={searchTerms}&r=521
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default
FF user.js: detected! => C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\user.js
FF DefaultSearchEngine: LEO Eng-Deu
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: https://www.startpage.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\kleinbär\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\kleinbär\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-28]
FF Extension: YouTube to MP3 - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\info@sharkcube.com.xpi [2013-06-08]
FF Extension: DuckDuckGo Plus - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2013-07-04]
FF Extension: Advertising Cookie Opt-out - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\optout@google.com.xpi [2013-07-04]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\IPSFF [2013-10-09]

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\kleinbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Angry Birds) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-03-20]
CHR Extension: (Google Docs) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-06]
CHR Extension: (Google Drive) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-06]
CHR Extension: (YouTube) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-06]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2013-03-20]
CHR Extension: (Adblock Plus) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-20]
CHR Extension: (Google-Suche) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-06]
CHR Extension: (WGT Golf Challenge) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2013-03-20]
CHR Extension: (ayaya's Bookmark Tree) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dneehabidhbfdiohdhbhjbbljobchgab [2013-03-20]
CHR Extension: (Chuck Anderson) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp [2013-03-20]
CHR Extension: (Chromium Scrapbook) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokffdfnlmampchciemmflgbckijpmlb [2013-03-20]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-03-20]
CHR Extension: (bitly | ♥  your bitmarks) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2013-03-20]
CHR Extension: (Right Click dict.leo.org) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickiggjghcdbbiokdpiinpmcgoldakoh [2013-03-20]
CHR Extension: (Firebug Console) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\jodfpogckhbcjamkfgjeicoiphpligka [2013-03-20]
CHR Extension: (Cargo Bridge) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2013-03-20]
CHR Extension: (DSL speedtest) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj [2013-03-20]
CHR Extension: (Norton Identity Protection) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-02-06]
CHR Extension: (Ghostery) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-03-20]
CHR Extension: (FastestFox – Schneller browsen) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-03-20]
CHR Extension: (Bundlr) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm [2013-03-20]
CHR Extension: (Google Wallet) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Norton Identity Protection) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2013-03-03]
CHR Extension: (Google Mail) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-06]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-16]

==================== Services (Whitelisted) =================

R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-02-06] (Research In Motion Limited)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-05-15] (Lenovo.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-17] (Lenovo)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-04-26] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1235456 2013-04-18] (Research In Motion Limited)
R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [247152 2010-04-27] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-17] (Windows (R) Win 7 DDK provider)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\IPSDefs\20140205.002\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\VirusDefs\20140206.003\ENG64.SYS [126040 2014-01-28] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\VirusDefs\20140206.003\EX64.SYS [2099288 2014-01-28] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-04-26] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-06 22:11 - 2014-02-06 22:11 - 00035193 _____ () C:\Users\kleinbär\Downloads\FRST.txt
2014-02-06 22:11 - 2014-02-06 22:11 - 00000000 ____D () C:\FRST
2014-02-06 22:10 - 2014-02-06 22:11 - 02079744 _____ (Farbar) C:\Users\kleinbär\Downloads\FRST64.exe
2014-02-06 22:09 - 2014-02-06 22:09 - 00000478 _____ () C:\Users\kleinbär\Downloads\defogger_disable.log
2014-02-06 22:09 - 2014-02-06 22:09 - 00000000 _____ () C:\Users\kleinbär\defogger_reenable
2014-02-06 22:07 - 2014-02-06 22:07 - 00050477 _____ () C:\Users\kleinbär\Downloads\Defogger.exe
2014-02-06 22:02 - 2014-02-06 22:02 - 00001151 _____ () C:\Users\kleinbär\Desktop\Continue Zip Opener Installation.lnk
2014-02-06 21:34 - 2014-02-06 21:34 - 00129330 _____ () C:\Users\kleinbär\Desktop\OTL.Txt
2014-02-06 21:32 - 2014-02-06 21:32 - 00078008 _____ () C:\Users\kleinbär\Downloads\Extras.Txt
2014-02-06 21:30 - 2014-02-06 21:30 - 00129330 _____ () C:\Users\kleinbär\Downloads\OTL.Txt
2014-02-06 21:16 - 2014-02-06 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Downloads\OTL.exe
2014-02-03 23:44 - 2014-02-03 23:44 - 00000000 ____D () C:\Users\kleinbär\Desktop\picsZ10
2014-02-03 10:02 - 2014-02-03 10:03 - 00000000 ____D () C:\Users\Jens\AppData\Local\{69B5664E-A2E8-4DA7-B424-9FA9B9EADF98}
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{4069A92F-B013-45AB-9B3D-6045DE67FC33}
2014-01-29 21:07 - 2014-01-29 21:07 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-22 21:56 - 2014-01-22 21:56 - 00002056 _____ () C:\Users\kleinbär\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-22 21:56 - 2014-01-22 21:56 - 00002000 _____ () C:\Users\kleinbär\Desktop\Avira PC Cleaner.lnk
2014-01-22 21:43 - 2014-01-22 21:43 - 02278856 _____ () C:\Users\kleinbär\Downloads\avira_pc_cleaner_de.exe
2014-01-22 08:18 - 2014-01-22 08:18 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\TS3Client
2014-01-22 07:57 - 2014-01-22 07:58 - 00276206 _____ () C:\Users\Jens\Downloads\140120_PlanungReturnPath_Quartal01.xlsx
2014-01-14 21:14 - 2013-11-27 02:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-14 21:14 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-14 21:14 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-13 20:33 - 2014-01-14 08:31 - 00000000 ___RD () C:\Users\Jens\Desktop\ProgrammaticPremium Solution
2014-01-11 19:29 - 2014-01-11 19:29 - 00283520 _____ () C:\Windows\Minidump\011114-24492-01.dmp
2014-01-11 14:40 - 2014-01-11 14:40 - 00000000 ____D () C:\Users\Jens\Documents\My Games
2014-01-11 14:39 - 2014-01-11 14:39 - 00000000 ____D () C:\Users\Jens\AppData\Local\WarThunder
2014-01-09 17:51 - 2014-01-10 09:22 - 00000000 ____D () C:\Users\Jens\Desktop\Asien
2014-01-09 07:29 - 2014-01-15 08:13 - 00000000 ____D () C:\Users\Jens\Desktop\captchadAkte

==================== One Month Modified Files and Folders =======

2014-02-06 22:11 - 2014-02-06 22:11 - 00035193 _____ () C:\Users\kleinbär\Downloads\FRST.txt
2014-02-06 22:11 - 2014-02-06 22:11 - 00000000 ____D () C:\FRST
2014-02-06 22:11 - 2014-02-06 22:10 - 02079744 _____ (Farbar) C:\Users\kleinbär\Downloads\FRST64.exe
2014-02-06 22:09 - 2014-02-06 22:09 - 00000478 _____ () C:\Users\kleinbär\Downloads\defogger_disable.log
2014-02-06 22:09 - 2014-02-06 22:09 - 00000000 _____ () C:\Users\kleinbär\defogger_reenable
2014-02-06 22:09 - 2013-04-13 00:30 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000UA.job
2014-02-06 22:09 - 2013-02-06 09:45 - 00000000 ____D () C:\Users\kleinbär
2014-02-06 22:07 - 2014-02-06 22:07 - 00050477 _____ () C:\Users\kleinbär\Downloads\Defogger.exe
2014-02-06 22:02 - 2014-02-06 22:02 - 00001151 _____ () C:\Users\kleinbär\Desktop\Continue Zip Opener Installation.lnk
2014-02-06 21:44 - 2013-09-06 10:31 - 00002292 _____ () C:\Users\Jens\Desktop\kot.txt
2014-02-06 21:40 - 2013-02-08 19:43 - 00000000 ___RD () C:\Users\Jens\Dropbox
2014-02-06 21:40 - 2013-02-08 19:41 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Dropbox
2014-02-06 21:39 - 2013-06-08 10:11 - 00000000 ___RD () C:\Users\Jens\SkyDrive
2014-02-06 21:39 - 2013-01-17 05:12 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 21:34 - 2014-02-06 21:34 - 00129330 _____ () C:\Users\kleinbär\Desktop\OTL.Txt
2014-02-06 21:32 - 2014-02-06 21:32 - 00078008 _____ () C:\Users\kleinbär\Downloads\Extras.Txt
2014-02-06 21:31 - 2013-08-11 14:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 21:30 - 2014-02-06 21:30 - 00129330 _____ () C:\Users\kleinbär\Downloads\OTL.Txt
2014-02-06 21:18 - 2013-01-17 05:12 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 21:16 - 2014-02-06 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Downloads\OTL.exe
2014-02-06 21:01 - 2013-01-17 04:59 - 01811710 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 21:01 - 2009-07-14 05:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 21:01 - 2009-07-14 05:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 21:00 - 2013-02-06 10:16 - 00000000 ___RD () C:\Users\kleinbär\Dropbox
2014-02-06 21:00 - 2013-02-06 10:13 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Dropbox
2014-02-06 20:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 20:54 - 2009-07-14 05:51 - 00132887 _____ () C:\Windows\setupact.log
2014-02-04 23:09 - 2013-04-13 00:30 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000Core.job
2014-02-04 22:31 - 2013-08-11 14:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 22:31 - 2013-02-09 22:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 22:31 - 2013-02-09 22:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 21:20 - 2013-11-16 22:15 - 00002186 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-04 07:45 - 2013-01-17 13:46 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-02-04 07:45 - 2013-01-17 13:46 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-02-04 07:45 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-03 23:53 - 2013-02-14 22:42 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\vlc
2014-02-03 23:44 - 2014-02-03 23:44 - 00000000 ____D () C:\Users\kleinbär\Desktop\picsZ10
2014-02-03 23:38 - 2013-04-06 10:29 - 00000000 ___RD () C:\Users\kleinbär\Podcasts
2014-02-03 10:03 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{69B5664E-A2E8-4DA7-B424-9FA9B9EADF98}
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{4069A92F-B013-45AB-9B3D-6045DE67FC33}
2014-01-31 08:43 - 2013-02-16 14:03 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\vlc
2014-01-31 07:45 - 2013-05-26 16:01 - 00000000 ____D () C:\Users\Jens\AppData\Local\CrashDumps
2014-01-29 21:07 - 2014-01-29 21:07 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-26 17:11 - 2013-03-01 23:23 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Mozilla
2014-01-24 18:28 - 2013-05-27 16:35 - 00000000 ____D () C:\Users\Jens Rasch\AppData\Roaming\Dropbox
2014-01-24 18:25 - 2013-05-27 16:39 - 00001050 _____ () C:\Users\Jens Rasch\Desktop\Dropbox.lnk
2014-01-24 18:25 - 2013-05-27 16:39 - 00000000 ___RD () C:\Users\Jens Rasch\Dropbox
2014-01-24 18:25 - 2013-05-27 16:36 - 00000000 ____D () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-24 18:25 - 2013-05-27 16:04 - 00000000 ___RD () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 18:19 - 2013-05-27 16:04 - 00086160 _____ () C:\Users\Jens Rasch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-24 18:19 - 2013-05-27 16:04 - 00001436 _____ () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 22:17 - 2013-03-19 21:09 - 00002237 _____ () C:\Users\kleinbär\Documents\kot.txt
2014-01-22 21:56 - 2014-01-22 21:56 - 00002056 _____ () C:\Users\kleinbär\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-22 21:56 - 2014-01-22 21:56 - 00002000 _____ () C:\Users\kleinbär\Desktop\Avira PC Cleaner.lnk
2014-01-22 21:43 - 2014-01-22 21:43 - 02278856 _____ () C:\Users\kleinbär\Downloads\avira_pc_cleaner_de.exe
2014-01-22 20:26 - 2010-11-21 04:47 - 00608702 _____ () C:\Windows\PFRO.log
2014-01-22 08:18 - 2014-01-22 08:18 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\TS3Client
2014-01-22 07:58 - 2014-01-22 07:57 - 00276206 _____ () C:\Users\Jens\Downloads\140120_PlanungReturnPath_Quartal01.xlsx
2014-01-22 07:42 - 2013-02-06 10:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 20:04 - 2013-02-06 09:54 - 00000000 ___RD () C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-17 20:03 - 2013-02-06 10:16 - 00001044 _____ () C:\Users\kleinbär\Desktop\Dropbox.lnk
2014-01-17 20:03 - 2013-02-06 10:13 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 21:28 - 2009-07-14 05:45 - 00343616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 21:00 - 2013-07-16 06:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 20:56 - 2013-02-17 00:29 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:13 - 2014-01-09 07:29 - 00000000 ____D () C:\Users\Jens\Desktop\captchadAkte
2014-01-14 08:31 - 2014-01-13 20:33 - 00000000 ___RD () C:\Users\Jens\Desktop\ProgrammaticPremium Solution
2014-01-11 19:29 - 2014-01-11 19:29 - 00283520 _____ () C:\Windows\Minidump\011114-24492-01.dmp
2014-01-11 19:29 - 2013-12-13 16:07 - 832334645 _____ () C:\Windows\MEMORY.DMP
2014-01-11 19:29 - 2013-12-13 16:07 - 00000000 ____D () C:\Windows\Minidump
2014-01-11 15:51 - 2013-07-09 23:26 - 00000000 ____D () C:\Program Files (x86)\War Thunder
2014-01-11 14:40 - 2014-01-11 14:40 - 00000000 ____D () C:\Users\Jens\Documents\My Games
2014-01-11 14:39 - 2014-01-11 14:39 - 00000000 ____D () C:\Users\Jens\AppData\Local\WarThunder
2014-01-11 14:39 - 2013-07-09 23:26 - 00000000 ____D () C:\ProgramData\WarThunder
2014-01-10 09:22 - 2014-01-09 17:51 - 00000000 ____D () C:\Users\Jens\Desktop\Asien
2014-01-09 07:40 - 2013-02-08 19:43 - 00001032 _____ () C:\Users\Jens\Desktop\Dropbox.lnk
2014-01-09 07:40 - 2013-02-08 19:41 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-09 07:40 - 2013-02-07 09:55 - 00000000 ___RD () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Some content of TEMP:
====================
C:\Users\Jens\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\Jens\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\Jens\AppData\Local\Temp\DesktopInstaller.exe
C:\Users\Jens\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\kleinbär\AppData\Local\Temp\AskSLib.dll
C:\Users\kleinbär\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe
C:\Users\kleinbär\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\kleinbär\AppData\Local\Temp\uninst1.exe
C:\Users\kleinbär\AppData\Local\Temp\vcredist_x86.exe
C:\Users\kleinbär\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\kleinbär\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-28 23:18

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

[/CODE]

und:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-02-2014
Ran by kleinbär at 2014-02-06 22:11:53
Running from C:\Users\kleinbär\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17 - Amazon Services LLC)
Anzeige am Bildschirm (Version: 6.72.00 - )
BlackBerry Link (x32 Version: 1.1.0.37 - Research in Motion Ltd.)
BlackBerry Link (x32 Version: 1.1.0.37 - Research in Motion Ltd.) Hidden
Create Recovery Media (x32 Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (Version: 1.00 - )
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.11 - Dolby Laboratories Inc)
Download Navigator (x32 Version: 3.3.0 - SEIKO EPSON CORPORATION)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
ElsterFormular (x32 Version: 14.3.11574 - Landesfinanzdirektion Thüringen)
Energie-Manager (x32 Version: 6.32 - )
EPSON Scan (x32 Version:  - Seiko Epson Corporation)
EPSON StandardBusinessPrinters Printer Uninstall (Version:  - SEIKO EPSON Corporation)
Evernote v. 4.2.3 (x32 Version: 4.2.3.15 - Evernote Corp.)
fCMS 5.1 (x32 Version:  - fCMS Development Team)
FolderIco 1.0 (Version:  - teorex)
Free Studio version 2013 (x32 Version: 6.1.1.430 - DVDVideoSoft Ltd.)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Talk Plugin (x32 Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Integrated Camera Driver Installer Package Ver.1.2.1.18 (x32 Version: 1.2.1.18 - RICOH)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10 - Intel)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (x32 Version:  - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2696 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (Version:  - )
Intel® PROSet/Wireless WiFi-Software (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Join Air (x32 Version: 1.0.0.2 - ZTE Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (Version: 1.11 - )
Lenovo Patch Utility (x32 Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Registration (x32 Version: 1.0.4 - Lenovo Inc.)
Lenovo SimpleTap (Version: 3.2.0004.00 - Lenovo Group Limited)
Lenovo Solution Center (Version: 2.1.003.00 - Lenovo Group Limited)
Lenovo User Guide (x32 Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (x32 Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (x32 Version: 3.1.0020.00 - Lenovo Group Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (Version: 3.1.0004.00 - Lenovo Group Limited)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (x32 Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Norton AntiVirus (x32 Version: 20.4.0.40 - Symantec Corporation)
Norton Identity Safe (x32 Version: 2014.6.0.27 - Symantec Corporation)
Notepad++ (x32 Version: 6.3.3 - Notepad++ Team)
Opera 12.16 (x32 Version: 12.16.1860 - Opera Software ASA)
PDF24 Creator 5.2.0 (x32 Version:  - PDF24.org)
PhotoFiltre 7 (HKCU Version:  - )
RapidBoot HDD Accelerator (x32 Version: 1.00.0802 - Lenovo)
RapidBoot Shield (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6617 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (x32 Version: 2.14.18.01 - RICOH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SugarSync Manager (x32 Version: 1.9.96.111090 - SugarSync, Inc.)
Taxpool-Buchhalter EÜR 7.10 (x32 Version: 7.10 - psynetic® Software)
TeamSpeak 3 Client (Version: 3.0.10 - TeamSpeak Systems GmbH)
TeamViewer 9 (x32 Version: 9.0.24951 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.5.1.2700 - Broadcom Corporation)
ThinkPad Power Management Driver (Version: 1.65.05.20 - )
ThinkPad UltraNav Driver (Version: 16.1.1.0 - )
ThinkVantage Communications Utility (Version: 3.0.34.0 - Lenovo)
ThinkVantage Fingerprint Software (Version: 5.9.6.7084 - Authentec Inc.)
ThinkVantage System für aktiven Festplattenschutz (Version: 1.76 - Lenovo)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
VIP Access (x32 Version: 2.0.5.13 - VeriSign)
VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)
War Thunder Launcher 1.0.1.252 (x32 Version:  - 2013 Gaijin Entertainment Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Intel (e1cexpress) Net  (01/11/2012 11.15.16.0) (Version: 01/11/2012 11.15.16.0 - Intel)
Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (04/06/2012 16.1.1.0) (Version: 04/06/2012 16.1.1.0 - Synaptics)
World of Tanks (x32 Version:  - Wargaming.net)
World of Warplanes (x32 Version:  - Wargaming.net)

==================== Restore Points  =========================

16-01-2014 19:55:14 Windows Update
22-01-2014 06:36:34 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0437FB01-564B-4ECC-B894-0023246AB861} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000Core => C:\Users\kleinbär\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-20] (Google Inc.)
Task: {0B5EBD55-AA31-4F94-84FD-A7A0EC54917B} - System32\Tasks\4793 => Wscript.exe C:\Users\KLEINB~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {0EA70096-898B-4CF7-95B0-AA4E9E8607F0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo)
Task: {19DB89A4-38E1-4AD8-8569-CF7262ABBCF2} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {1D19A758-09AD-4BE3-B148-ACE284E1E1B0} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {34FBA843-2EEF-4F5C-B7D7-F0579394E80B} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {36A58537-7420-409C-871D-2F6ECD7FCBEA} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {381C7E68-2B88-41EF-A09C-42D41A74E5E9} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-05-15] (Lenovo Group Limited)
Task: {4A7E076C-6CE4-42A4-A1AD-5817689031AF} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {7051554D-7209-40F9-9D7A-2FFD011AA95E} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for kleinbär-THINK.Jens => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo)
Task: {84DED814-CDDF-4D71-BCF6-8D1DAE0D7F50} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {91419585-C1B2-40EC-B315-BC184EA5AFFF} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for kleinbär-THINK.kleinbär => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo)
Task: {959E3FDC-AD11-4CCD-BA4D-EF9BE9DAB031} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-17] ()
Task: {9E9C8311-554D-4DFC-9345-7C26B151C0E5} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {A5839614-2393-4E3A-BAFF-17233143E77C} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2012-05-15] (Lenovo)
Task: {A7A74605-4D7C-4106-B7E7-C5B5D8C0ACD2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {ABBF7658-553F-4001-AA7F-F3AC953BDB53} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000UA => C:\Users\kleinbär\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-20] (Google Inc.)
Task: {B1FFB3ED-C653-4437-93C9-2A5B76448B4C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-17] (Google Inc.)
Task: {CDE6E784-19F5-4C17-8A2E-3F82420B4BE1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04] (Adobe Systems Incorporated)
Task: {EEA95FA2-555C-4FF3-9A49-9D1CD2D7DD5B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-17] (Google Inc.)
Task: {EFCD691B-F83D-4A58-80F9-7E4C413DE95F} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000Core.job => C:\Users\kleinbär\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000UA.job => C:\Users\kleinbär\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-01-17 05:09 - 2012-05-15 22:32 - 00103936 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2013-01-17 05:06 - 2012-03-19 07:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-01-17 05:11 - 2012-01-17 07:29 - 00030512 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2013-01-17 05:09 - 2011-08-02 04:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2013-01-17 05:09 - 2011-08-02 04:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2013-01-17 05:04 - 2012-02-21 04:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\libcef.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-01-17 05:13 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2013-12-21 00:17 - 2013-12-21 00:17 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-04 22:31 - 2014-02-04 22:31 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Jens\AppData\Roaming\Dropbox\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2014 08:54:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2014 08:54:18 AM) (Source: RIM MDNS) (User: )
Description: 484: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (02/05/2014 08:54:18 AM) (Source: RIM MDNS) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (02/05/2014 08:35:35 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31091

Error: (02/05/2014 08:35:35 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31091

Error: (02/05/2014 08:35:35 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2014 08:35:20 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15491

Error: (02/05/2014 08:35:20 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15491

Error: (02/05/2014 08:35:20 AM) (Source: RIM MDNS) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2014 07:30:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/06/2014 08:55:39 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (02/06/2014 08:54:39 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (02/06/2014 08:54:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Norton Identity Safe" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/06/2014 08:54:35 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Norton Identity Safe erreicht.

Error: (02/05/2014 07:30:59 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (02/05/2014 07:30:01 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (02/05/2014 07:29:59 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Norton Identity Safe" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/05/2014 07:29:59 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Norton Identity Safe erreicht.

Error: (02/04/2014 08:57:29 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (02/04/2014 08:56:29 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom


Microsoft Office Sessions:
=========================
Error: (02/06/2014 08:54:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2014 08:54:18 AM) (Source: RIM MDNS)(User: )
Description: 484: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (02/05/2014 08:54:18 AM) (Source: RIM MDNS)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (02/05/2014 08:35:35 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31091

Error: (02/05/2014 08:35:35 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31091

Error: (02/05/2014 08:35:35 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2014 08:35:20 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15491

Error: (02/05/2014 08:35:20 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15491

Error: (02/05/2014 08:35:20 AM) (Source: RIM MDNS)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2014 07:30:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-02-03 20:40:54.163
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-03 20:40:19.741
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-03 20:40:06.471
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-02 17:52:16.760
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-02 17:02:43.921
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-02 17:02:19.396
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-02 17:02:06.277
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-02 17:01:26.965
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-02 16:55:03.290
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-02 16:53:22.971
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 46%
Total physical RAM: 7887.8 MB
Available physical RAM: 4199.88 MB
Total Pagefile: 15773.77 MB
Available Pagefile: 11604.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:282.95 GB) (Free:140.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:3.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 96FD411C)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=283 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)

==================== End Of Log ============================
__________________
Alt 08.02.2014, 11:29   #4
schrauber
/// the machine
/// TB-Ausbilder
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.02.2014, 23:17   #5
NoobDude
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


boah, da wurde so einiges gefunden, erschreckend.
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Professional x64
Ran by kleinb„r on 08.02.2014 at 22:53:50,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3145524375-3569429777-1252793268-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F8D28F48-DF25-4B6E-BAAC-5B7FF809722B}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\kleinb„r\AppData\Roaming\mozilla\firefox\profiles\ezn8qurb.default\minidumps [56 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.02.2014 at 23:07:55,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
hier der FIRST log

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-02-2014
Ran by kleinbär (administrator) on KLEINBÄR-THINK on 08-02-2014 23:12:10
Running from C:\Users\kleinbär\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccsvchst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccsvchst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Dropbox, Inc.) C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Join Air\UIExec.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\nst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\nst.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916112 2012-04-08] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fastboot] - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-17] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [UIExec] - C:\Program Files (x86)\Join Air\UIExec.exe [138072 2010-04-27] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [RIM PeerManager] - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4265472 2013-04-26] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [SugarSync] - C:\Program Files (x86)\SugarSync\SugarSyncManager.exe [11262304 2013-04-04] (SugarSync, Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [Google Update] - C:\Users\kleinbär\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-20] (Google Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\MountPoints2: {96ece6c6-6059-11e2-ad97-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE522
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default
FF DefaultSearchEngine: LEO Eng-Deu
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: https://www.startpage.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\kleinbär\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\kleinbär\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-28]
FF Extension: YouTube to MP3 - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\info@sharkcube.com.xpi [2013-06-08]
FF Extension: DuckDuckGo Plus - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2013-07-04]
FF Extension: Advertising Cookie Opt-out - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\optout@google.com.xpi [2013-07-04]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\IPSFF [2013-10-09]

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\kleinbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Angry Birds) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-03-20]
CHR Extension: (Google Docs) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-06]
CHR Extension: (Google Drive) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-06]
CHR Extension: (YouTube) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-06]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2013-03-20]
CHR Extension: (Adblock Plus) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-20]
CHR Extension: (Google-Suche) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-06]
CHR Extension: (WGT Golf Challenge) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2013-03-20]
CHR Extension: (ayaya's Bookmark Tree) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dneehabidhbfdiohdhbhjbbljobchgab [2013-03-20]
CHR Extension: (Chuck Anderson) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp [2013-03-20]
CHR Extension: (Chromium Scrapbook) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokffdfnlmampchciemmflgbckijpmlb [2013-03-20]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-03-20]
CHR Extension: (bitly | ♥  your bitmarks) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2013-03-20]
CHR Extension: (Right Click dict.leo.org) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickiggjghcdbbiokdpiinpmcgoldakoh [2013-03-20]
CHR Extension: (Firebug Console) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\jodfpogckhbcjamkfgjeicoiphpligka [2013-03-20]
CHR Extension: (Cargo Bridge) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2013-03-20]
CHR Extension: (DSL speedtest) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj [2013-03-20]
CHR Extension: (Norton Identity Protection) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-02-06]
CHR Extension: (Ghostery) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-03-20]
CHR Extension: (FastestFox – Schneller browsen) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-03-20]
CHR Extension: (Bundlr) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm [2013-03-20]
CHR Extension: (Google Wallet) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Norton Identity Protection) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2013-03-03]
CHR Extension: (Google Mail) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-06]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-16]

==================== Services (Whitelisted) =================

R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-02-06] (Research In Motion Limited)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-05-15] (Lenovo.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-17] (Lenovo)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-04-26] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1235456 2013-04-18] (Research In Motion Limited)
R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [247152 2010-04-27] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-17] (Windows (R) Win 7 DDK provider)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\IPSDefs\20140207.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\VirusDefs\20140207.020\ENG64.SYS [126040 2014-01-28] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\VirusDefs\20140207.020\EX64.SYS [2099288 2014-01-28] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-04-26] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-08 23:07 - 2014-02-08 23:07 - 00001199 _____ () C:\Users\kleinbär\Desktop\JRT.txt
2014-02-08 22:55 - 2014-02-06 22:11 - 02079744 _____ (Farbar) C:\Users\kleinbär\Desktop\FRST64.exe
2014-02-08 22:53 - 2014-02-08 22:53 - 00000000 ____D () C:\Windows\ERUNT
2014-02-08 22:53 - 2014-02-08 22:52 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Desktop\JRT.exe
2014-02-08 22:52 - 2014-02-08 22:52 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Downloads\JRT.exe
2014-02-08 22:42 - 2014-02-08 22:36 - 01166132 _____ () C:\Users\kleinbär\Desktop\adwcleaner.exe
2014-02-08 22:37 - 2014-02-08 22:47 - 00000000 ____D () C:\AdwCleaner
2014-02-08 22:36 - 2014-02-08 22:36 - 01166132 _____ () C:\Users\kleinbär\Downloads\adwcleaner.exe
2014-02-08 22:17 - 2014-02-08 22:17 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00001124 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 22:16 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-08 22:15 - 2014-02-08 22:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kleinbär\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-07 00:38 - 2014-02-07 00:38 - 00911928 _____ () C:\Windows\Minidump\020714-29031-01.dmp
2014-02-06 23:29 - 2014-02-06 23:29 - 00132798 _____ () C:\Users\kleinbär\Desktop\OTL.Txt
2014-02-06 23:20 - 2014-02-06 23:20 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Desktop\OTL.exe
2014-02-06 22:42 - 2014-02-06 22:40 - 00000478 _____ () C:\Users\kleinbär\Desktop\defogger_disable.log
2014-02-06 22:41 - 2014-02-08 23:12 - 00031171 _____ () C:\Users\kleinbär\Desktop\FRST.txt
2014-02-06 22:41 - 2014-02-06 22:12 - 00030983 _____ () C:\Users\kleinbär\Desktop\Addition.txt
2014-02-06 22:35 - 2014-02-06 22:35 - 00026882 _____ () C:\Users\kleinbär\Desktop\Gmer.txt
2014-02-06 22:14 - 2014-02-06 22:14 - 00380416 _____ () C:\Users\kleinbär\Downloads\Gmer-19357.exe
2014-02-06 22:11 - 2014-02-08 23:12 - 00000000 ____D () C:\FRST
2014-02-06 22:11 - 2014-02-06 22:12 - 00049103 _____ () C:\Users\kleinbär\Downloads\FRST.txt
2014-02-06 22:11 - 2014-02-06 22:12 - 00030983 _____ () C:\Users\kleinbär\Downloads\Addition.txt
2014-02-06 22:10 - 2014-02-06 22:11 - 02079744 _____ (Farbar) C:\Users\kleinbär\Downloads\FRST64.exe
2014-02-06 22:09 - 2014-02-06 22:40 - 00000478 _____ () C:\Users\kleinbär\Downloads\defogger_disable.log
2014-02-06 22:09 - 2014-02-06 22:09 - 00000000 _____ () C:\Users\kleinbär\defogger_reenable
2014-02-06 22:07 - 2014-02-06 22:07 - 00050477 _____ () C:\Users\kleinbär\Downloads\Defogger.exe
2014-02-06 21:32 - 2014-02-06 21:32 - 00078008 _____ () C:\Users\kleinbär\Downloads\Extras.Txt
2014-02-06 21:30 - 2014-02-06 21:30 - 00129330 _____ () C:\Users\kleinbär\Downloads\OTL.Txt
2014-02-06 21:16 - 2014-02-06 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Downloads\OTL.exe
2014-02-03 23:44 - 2014-02-03 23:44 - 00000000 ____D () C:\Users\kleinbär\Desktop\picsZ10
2014-02-03 10:02 - 2014-02-03 10:03 - 00000000 ____D () C:\Users\Jens\AppData\Local\{69B5664E-A2E8-4DA7-B424-9FA9B9EADF98}
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{4069A92F-B013-45AB-9B3D-6045DE67FC33}
2014-01-29 21:07 - 2014-01-29 21:07 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-22 21:56 - 2014-01-22 21:56 - 00002056 _____ () C:\Users\kleinbär\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-22 21:56 - 2014-01-22 21:56 - 00002000 _____ () C:\Users\kleinbär\Desktop\Avira PC Cleaner.lnk
2014-01-22 21:43 - 2014-01-22 21:43 - 02278856 _____ () C:\Users\kleinbär\Downloads\avira_pc_cleaner_de.exe
2014-01-22 08:18 - 2014-01-22 08:18 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\TS3Client
2014-01-22 07:57 - 2014-01-22 07:58 - 00276206 _____ () C:\Users\Jens\Downloads\140120_PlanungReturnPath_Quartal01.xlsx
2014-01-14 21:14 - 2013-11-27 02:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-14 21:14 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-14 21:14 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-13 20:33 - 2014-01-14 08:31 - 00000000 ___RD () C:\Users\Jens\Desktop\ProgrammaticPremium Solution
2014-01-11 19:29 - 2014-01-11 19:29 - 00283520 _____ () C:\Windows\Minidump\011114-24492-01.dmp
2014-01-11 14:40 - 2014-01-11 14:40 - 00000000 ____D () C:\Users\Jens\Documents\My Games
2014-01-11 14:39 - 2014-01-11 14:39 - 00000000 ____D () C:\Users\Jens\AppData\Local\WarThunder
2014-01-09 17:51 - 2014-01-10 09:22 - 00000000 ____D () C:\Users\Jens\Desktop\Asien
2014-01-09 07:29 - 2014-01-15 08:13 - 00000000 ____D () C:\Users\Jens\Desktop\captchadAkte

==================== One Month Modified Files and Folders =======

2014-02-08 23:12 - 2014-02-06 22:41 - 00031171 _____ () C:\Users\kleinbär\Desktop\FRST.txt
2014-02-08 23:12 - 2014-02-06 22:11 - 00000000 ____D () C:\FRST
2014-02-08 23:09 - 2013-04-13 00:30 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000UA.job
2014-02-08 23:09 - 2013-04-13 00:30 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000Core.job
2014-02-08 23:07 - 2014-02-08 23:07 - 00001199 _____ () C:\Users\kleinbär\Desktop\JRT.txt
2014-02-08 22:56 - 2009-07-14 05:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-08 22:56 - 2009-07-14 05:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-08 22:53 - 2014-02-08 22:53 - 00000000 ____D () C:\Windows\ERUNT
2014-02-08 22:53 - 2013-01-17 04:59 - 01890326 _____ () C:\Windows\WindowsUpdate.log
2014-02-08 22:52 - 2014-02-08 22:53 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Desktop\JRT.exe
2014-02-08 22:52 - 2014-02-08 22:52 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Downloads\JRT.exe
2014-02-08 22:51 - 2013-02-06 10:13 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Dropbox
2014-02-08 22:50 - 2013-02-06 10:16 - 00000000 ___RD () C:\Users\kleinbär\Dropbox
2014-02-08 22:49 - 2013-01-17 05:12 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-08 22:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-08 22:48 - 2009-07-14 05:51 - 00133335 _____ () C:\Windows\setupact.log
2014-02-08 22:47 - 2014-02-08 22:37 - 00000000 ____D () C:\AdwCleaner
2014-02-08 22:36 - 2014-02-08 22:42 - 01166132 _____ () C:\Users\kleinbär\Desktop\adwcleaner.exe
2014-02-08 22:36 - 2014-02-08 22:36 - 01166132 _____ () C:\Users\kleinbär\Downloads\adwcleaner.exe
2014-02-08 22:36 - 2013-01-17 13:46 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-02-08 22:36 - 2013-01-17 13:46 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-02-08 22:36 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-08 22:31 - 2013-08-11 14:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-08 22:29 - 2010-11-21 04:47 - 00614450 _____ () C:\Windows\PFRO.log
2014-02-08 22:18 - 2013-01-17 05:12 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-08 22:17 - 2014-02-08 22:17 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00001124 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 22:15 - 2014-02-08 22:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kleinbär\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-08 21:12 - 2013-03-01 23:23 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Mozilla
2014-02-08 00:27 - 2013-06-08 10:11 - 00000000 ___RD () C:\Users\Jens\SkyDrive
2014-02-07 23:23 - 2013-02-08 19:43 - 00000000 ___RD () C:\Users\Jens\Dropbox
2014-02-07 23:23 - 2013-02-08 19:41 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Dropbox
2014-02-07 00:38 - 2014-02-07 00:38 - 00911928 _____ () C:\Windows\Minidump\020714-29031-01.dmp
2014-02-07 00:38 - 2013-12-13 16:07 - 973703321 _____ () C:\Windows\MEMORY.DMP
2014-02-07 00:38 - 2013-12-13 16:07 - 00000000 ____D () C:\Windows\Minidump
2014-02-06 23:29 - 2014-02-06 23:29 - 00132798 _____ () C:\Users\kleinbär\Desktop\OTL.Txt
2014-02-06 23:20 - 2014-02-06 23:20 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Desktop\OTL.exe
2014-02-06 22:40 - 2014-02-06 22:42 - 00000478 _____ () C:\Users\kleinbär\Desktop\defogger_disable.log
2014-02-06 22:40 - 2014-02-06 22:09 - 00000478 _____ () C:\Users\kleinbär\Downloads\defogger_disable.log
2014-02-06 22:35 - 2014-02-06 22:35 - 00026882 _____ () C:\Users\kleinbär\Desktop\Gmer.txt
2014-02-06 22:14 - 2014-02-06 22:14 - 00380416 _____ () C:\Users\kleinbär\Downloads\Gmer-19357.exe
2014-02-06 22:12 - 2014-02-06 22:41 - 00030983 _____ () C:\Users\kleinbär\Desktop\Addition.txt
2014-02-06 22:12 - 2014-02-06 22:11 - 00049103 _____ () C:\Users\kleinbär\Downloads\FRST.txt
2014-02-06 22:12 - 2014-02-06 22:11 - 00030983 _____ () C:\Users\kleinbär\Downloads\Addition.txt
2014-02-06 22:11 - 2014-02-08 22:55 - 02079744 _____ (Farbar) C:\Users\kleinbär\Desktop\FRST64.exe
2014-02-06 22:11 - 2014-02-06 22:10 - 02079744 _____ (Farbar) C:\Users\kleinbär\Downloads\FRST64.exe
2014-02-06 22:09 - 2014-02-06 22:09 - 00000000 _____ () C:\Users\kleinbär\defogger_reenable
2014-02-06 22:09 - 2013-02-06 09:45 - 00000000 ____D () C:\Users\kleinbär
2014-02-06 22:07 - 2014-02-06 22:07 - 00050477 _____ () C:\Users\kleinbär\Downloads\Defogger.exe
2014-02-06 21:44 - 2013-09-06 10:31 - 00002292 _____ () C:\Users\Jens\Desktop\kot.txt
2014-02-06 21:32 - 2014-02-06 21:32 - 00078008 _____ () C:\Users\kleinbär\Downloads\Extras.Txt
2014-02-06 21:30 - 2014-02-06 21:30 - 00129330 _____ () C:\Users\kleinbär\Downloads\OTL.Txt
2014-02-06 21:16 - 2014-02-06 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Downloads\OTL.exe
2014-02-04 22:31 - 2013-08-11 14:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 22:31 - 2013-02-09 22:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 22:31 - 2013-02-09 22:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 21:20 - 2013-11-16 22:15 - 00002186 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 23:53 - 2013-02-14 22:42 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\vlc
2014-02-03 23:44 - 2014-02-03 23:44 - 00000000 ____D () C:\Users\kleinbär\Desktop\picsZ10
2014-02-03 23:38 - 2013-04-06 10:29 - 00000000 ___RD () C:\Users\kleinbär\Podcasts
2014-02-03 10:03 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{69B5664E-A2E8-4DA7-B424-9FA9B9EADF98}
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{4069A92F-B013-45AB-9B3D-6045DE67FC33}
2014-01-31 08:43 - 2013-02-16 14:03 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\vlc
2014-01-31 07:45 - 2013-05-26 16:01 - 00000000 ____D () C:\Users\Jens\AppData\Local\CrashDumps
2014-01-29 21:07 - 2014-01-29 21:07 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-24 18:28 - 2013-05-27 16:35 - 00000000 ____D () C:\Users\Jens Rasch\AppData\Roaming\Dropbox
2014-01-24 18:25 - 2013-05-27 16:39 - 00001050 _____ () C:\Users\Jens Rasch\Desktop\Dropbox.lnk
2014-01-24 18:25 - 2013-05-27 16:39 - 00000000 ___RD () C:\Users\Jens Rasch\Dropbox
2014-01-24 18:25 - 2013-05-27 16:36 - 00000000 ____D () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-24 18:25 - 2013-05-27 16:04 - 00000000 ___RD () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 18:19 - 2013-05-27 16:04 - 00086160 _____ () C:\Users\Jens Rasch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-24 18:19 - 2013-05-27 16:04 - 00001436 _____ () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 22:17 - 2013-03-19 21:09 - 00002237 _____ () C:\Users\kleinbär\Documents\kot.txt
2014-01-22 21:56 - 2014-01-22 21:56 - 00002056 _____ () C:\Users\kleinbär\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-22 21:56 - 2014-01-22 21:56 - 00002000 _____ () C:\Users\kleinbär\Desktop\Avira PC Cleaner.lnk
2014-01-22 21:43 - 2014-01-22 21:43 - 02278856 _____ () C:\Users\kleinbär\Downloads\avira_pc_cleaner_de.exe
2014-01-22 08:18 - 2014-01-22 08:18 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\TS3Client
2014-01-22 07:58 - 2014-01-22 07:57 - 00276206 _____ () C:\Users\Jens\Downloads\140120_PlanungReturnPath_Quartal01.xlsx
2014-01-22 07:42 - 2013-02-06 10:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 20:04 - 2013-02-06 09:54 - 00000000 ___RD () C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-17 20:03 - 2013-02-06 10:16 - 00001044 _____ () C:\Users\kleinbär\Desktop\Dropbox.lnk
2014-01-17 20:03 - 2013-02-06 10:13 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 21:28 - 2009-07-14 05:45 - 00343616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 21:00 - 2013-07-16 06:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 20:56 - 2013-02-17 00:29 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:13 - 2014-01-09 07:29 - 00000000 ____D () C:\Users\Jens\Desktop\captchadAkte
2014-01-14 08:31 - 2014-01-13 20:33 - 00000000 ___RD () C:\Users\Jens\Desktop\ProgrammaticPremium Solution
2014-01-11 19:29 - 2014-01-11 19:29 - 00283520 _____ () C:\Windows\Minidump\011114-24492-01.dmp
2014-01-11 15:51 - 2013-07-09 23:26 - 00000000 ____D () C:\Program Files (x86)\War Thunder
2014-01-11 14:40 - 2014-01-11 14:40 - 00000000 ____D () C:\Users\Jens\Documents\My Games
2014-01-11 14:39 - 2014-01-11 14:39 - 00000000 ____D () C:\Users\Jens\AppData\Local\WarThunder
2014-01-11 14:39 - 2013-07-09 23:26 - 00000000 ____D () C:\ProgramData\WarThunder
2014-01-10 09:22 - 2014-01-09 17:51 - 00000000 ____D () C:\Users\Jens\Desktop\Asien
2014-01-09 07:40 - 2013-02-08 19:43 - 00001032 _____ () C:\Users\Jens\Desktop\Dropbox.lnk
2014-01-09 07:40 - 2013-02-08 19:41 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-09 07:40 - 2013-02-07 09:55 - 00000000 ___RD () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Some content of TEMP:
====================
C:\Users\Jens\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\Jens\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\Jens\AppData\Local\Temp\DesktopInstaller.exe
C:\Users\Jens\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\kleinbär\AppData\Local\Temp\AskSLib.dll
C:\Users\kleinbär\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\kleinbär\AppData\Local\Temp\Quarantine.exe
C:\Users\kleinbär\AppData\Local\Temp\uninst1.exe
C:\Users\kleinbär\AppData\Local\Temp\vcredist_x86.exe
C:\Users\kleinbär\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\kleinbär\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-28 23:18

==================== End Of Log ============================
--- --- ---

--- --- ---



DANKE Schrauber!


Alt 09.02.2014, 17:03   #6
schrauber
/// the machine
/// TB-Ausbilder
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


da fehlen noch Logs
__________________
--> adfly plötzlich da und leitet navigation um, nur Adware?

Alt 10.02.2014, 22:32   #7
NoobDude
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


Tagchen Schrauber , oben ist doch der neue FRST Log.

Leider muss ich berichten, dass dieses lästige adfly wieder da ist. Übrigens nur bei Firefox.

also das ist doch merkwürdig. Ich kann mit Firefox keinen Login für meine Fritzbox durchführen. Gebe Code ein und es passiert nix. Bei Chrome geht das.

Genauso wenig kann ich beim Firefox hier in Eurem Board einen Code über # eingeben...oder was posten. Keine Ahnung, ob es da überhaupt einen Zusammenhang gibt. Euer Board gibt zB. die Fehlermeldung aus, dass man nicht weniger als 3 Zeichen eingeben kann, gleichwohl ich ein ganzes Sermon wie das FRST log eingegeben habe..

also adfly sporadisch wieder da. Eingabe-Probleme. Alles nur bei Firefox

neues FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014
Ran by kleinbär (administrator) on KLEINBÄR-THINK on 10-02-2014 22:12:02
Running from C:\Users\kleinbär\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Dropbox, Inc.) C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Join Air\UIExec.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo) C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Users\kleinbär\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\kleinbär\AppData\Local\Google\Update\GoogleUpdate.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916112 2012-04-08] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fastboot] - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-17] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [UIExec] - C:\Program Files (x86)\Join Air\UIExec.exe [138072 2010-04-27] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [RIM PeerManager] - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4265472 2013-04-26] (Research In Motion Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [SugarSync] - C:\Program Files (x86)\SugarSync\SugarSyncManager.exe [11262304 2013-04-04] (SugarSync, Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [Google Update] - C:\Users\kleinbär\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-20] (Google Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\MountPoints2: {96ece6c6-6059-11e2-ad97-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE522
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default
FF DefaultSearchEngine: LEO Eng-Deu
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: https://www.startpage.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\kleinbär\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\kleinbär\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-28]
FF Extension: YouTube to MP3 - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\info@sharkcube.com.xpi [2013-06-08]
FF Extension: DuckDuckGo Plus - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2013-07-04]
FF Extension: Advertising Cookie Opt-out - C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\Extensions\optout@google.com.xpi [2013-07-04]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\IPSFF [2013-10-09]

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\kleinbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Angry Birds) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-03-20]
CHR Extension: (Google Docs) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-06]
CHR Extension: (Google Drive) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-06]
CHR Extension: (YouTube) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-06]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2013-03-20]
CHR Extension: (Adblock Plus) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-20]
CHR Extension: (Google-Suche) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-06]
CHR Extension: (WGT Golf Challenge) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2013-03-20]
CHR Extension: (ayaya's Bookmark Tree) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dneehabidhbfdiohdhbhjbbljobchgab [2013-03-20]
CHR Extension: (Chuck Anderson) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp [2013-03-20]
CHR Extension: (Chromium Scrapbook) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokffdfnlmampchciemmflgbckijpmlb [2013-03-20]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-03-20]
CHR Extension: (bitly | ♥  your bitmarks) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2013-03-20]
CHR Extension: (Right Click dict.leo.org) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickiggjghcdbbiokdpiinpmcgoldakoh [2013-03-20]
CHR Extension: (Firebug Console) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\jodfpogckhbcjamkfgjeicoiphpligka [2013-03-20]
CHR Extension: (Cargo Bridge) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2013-03-20]
CHR Extension: (DSL speedtest) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj [2013-03-20]
CHR Extension: (Norton Identity Protection) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-02-06]
CHR Extension: (Ghostery) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-03-20]
CHR Extension: (FastestFox – Schneller browsen) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-03-20]
CHR Extension: (Bundlr) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm [2013-03-20]
CHR Extension: (Google Wallet) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Norton Identity Protection) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2013-03-03]
CHR Extension: (Google Mail) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-06]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-02-08]

==================== Services (Whitelisted) =================

R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-02-06] (Research In Motion Limited)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-05-15] (Lenovo.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-17] (Lenovo)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-04-26] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1235456 2013-04-18] (Research In Motion Limited)
R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [247152 2010-04-27] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-17] (Windows (R) Win 7 DDK provider)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\IPSDefs\20140207.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\VirusDefs\20140209.004\ENG64.SYS [126040 2014-01-28] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\VirusDefs\20140209.004\EX64.SYS [2099288 2014-01-28] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-04-26] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-10 22:12 - 2014-02-10 22:12 - 00030343 _____ () C:\Users\kleinbär\Desktop\FRST.txt
2014-02-10 22:11 - 2014-02-10 22:11 - 00000000 ____D () C:\Users\kleinbär\Desktop\FRST-OlderVersion
2014-02-09 22:07 - 2014-02-09 22:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-08 22:55 - 2014-02-10 22:11 - 02150400 _____ (Farbar) C:\Users\kleinbär\Desktop\FRST64.exe
2014-02-08 22:53 - 2014-02-08 22:53 - 00000000 ____D () C:\Windows\ERUNT
2014-02-08 22:53 - 2014-02-08 22:52 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Desktop\JRT.exe
2014-02-08 22:52 - 2014-02-08 22:52 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Downloads\JRT.exe
2014-02-08 22:42 - 2014-02-08 22:36 - 01166132 _____ () C:\Users\kleinbär\Desktop\adwcleaner.exe
2014-02-08 22:37 - 2014-02-08 22:47 - 00000000 ____D () C:\AdwCleaner
2014-02-08 22:36 - 2014-02-08 22:36 - 01166132 _____ () C:\Users\kleinbär\Downloads\adwcleaner.exe
2014-02-08 22:17 - 2014-02-08 22:17 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00001124 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 22:16 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-08 22:15 - 2014-02-08 22:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kleinbär\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-07 00:38 - 2014-02-07 00:38 - 00911928 _____ () C:\Windows\Minidump\020714-29031-01.dmp
2014-02-06 23:20 - 2014-02-06 23:20 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Desktop\OTL.exe
2014-02-06 22:14 - 2014-02-06 22:14 - 00380416 _____ () C:\Users\kleinbär\Downloads\Gmer-19357.exe
2014-02-06 22:11 - 2014-02-10 22:12 - 00000000 ____D () C:\FRST
2014-02-06 22:11 - 2014-02-06 22:12 - 00049103 _____ () C:\Users\kleinbär\Downloads\FRST.txt
2014-02-06 22:11 - 2014-02-06 22:12 - 00030983 _____ () C:\Users\kleinbär\Downloads\Addition.txt
2014-02-06 22:10 - 2014-02-06 22:11 - 02079744 _____ (Farbar) C:\Users\kleinbär\Downloads\FRST64.exe
2014-02-06 22:09 - 2014-02-06 22:40 - 00000478 _____ () C:\Users\kleinbär\Downloads\defogger_disable.log
2014-02-06 22:09 - 2014-02-06 22:09 - 00000000 _____ () C:\Users\kleinbär\defogger_reenable
2014-02-06 22:07 - 2014-02-06 22:07 - 00050477 _____ () C:\Users\kleinbär\Downloads\Defogger.exe
2014-02-06 21:32 - 2014-02-06 21:32 - 00078008 _____ () C:\Users\kleinbär\Downloads\Extras.Txt
2014-02-06 21:30 - 2014-02-06 21:30 - 00129330 _____ () C:\Users\kleinbär\Downloads\OTL.Txt
2014-02-06 21:16 - 2014-02-06 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Downloads\OTL.exe
2014-02-03 23:44 - 2014-02-03 23:44 - 00000000 ____D () C:\Users\kleinbär\Desktop\picsZ10
2014-02-03 10:02 - 2014-02-03 10:03 - 00000000 ____D () C:\Users\Jens\AppData\Local\{69B5664E-A2E8-4DA7-B424-9FA9B9EADF98}
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{4069A92F-B013-45AB-9B3D-6045DE67FC33}
2014-01-29 21:07 - 2014-01-29 21:07 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-22 21:43 - 2014-01-22 21:43 - 02278856 _____ () C:\Users\kleinbär\Downloads\avira_pc_cleaner_de.exe
2014-01-22 08:18 - 2014-01-22 08:18 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\TS3Client
2014-01-22 07:57 - 2014-01-22 07:58 - 00276206 _____ () C:\Users\Jens\Downloads\140120_PlanungReturnPath_Quartal01.xlsx
2014-01-14 21:14 - 2013-11-27 02:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-14 21:14 - 2013-11-27 02:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-14 21:14 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-14 21:14 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-13 20:33 - 2014-01-14 08:31 - 00000000 ___RD () C:\Users\Jens\Desktop\ProgrammaticPremium Solution
2014-01-11 19:29 - 2014-01-11 19:29 - 00283520 _____ () C:\Windows\Minidump\011114-24492-01.dmp
2014-01-11 14:40 - 2014-01-11 14:40 - 00000000 ____D () C:\Users\Jens\Documents\My Games
2014-01-11 14:39 - 2014-01-11 14:39 - 00000000 ____D () C:\Users\Jens\AppData\Local\WarThunder

==================== One Month Modified Files and Folders =======

2014-02-10 22:12 - 2014-02-10 22:12 - 00030343 _____ () C:\Users\kleinbär\Desktop\FRST.txt
2014-02-10 22:12 - 2014-02-06 22:11 - 00000000 ____D () C:\FRST
2014-02-10 22:11 - 2014-02-10 22:11 - 00000000 ____D () C:\Users\kleinbär\Desktop\FRST-OlderVersion
2014-02-10 22:11 - 2014-02-08 22:55 - 02150400 _____ (Farbar) C:\Users\kleinbär\Desktop\FRST64.exe
2014-02-10 22:10 - 2009-07-14 05:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-10 22:10 - 2009-07-14 05:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-10 22:09 - 2013-04-13 00:30 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000UA.job
2014-02-10 22:09 - 2013-01-17 13:46 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-02-10 22:09 - 2013-01-17 13:46 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-02-10 22:09 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-10 22:05 - 2013-02-06 10:13 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Dropbox
2014-02-10 22:04 - 2013-02-06 10:16 - 00000000 ___RD () C:\Users\kleinbär\Dropbox
2014-02-10 22:02 - 2013-02-09 12:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-10 22:02 - 2013-01-17 05:12 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 22:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-10 22:02 - 2009-07-14 05:51 - 00133559 _____ () C:\Windows\setupact.log
2014-02-09 23:49 - 2013-01-17 04:59 - 01945641 _____ () C:\Windows\WindowsUpdate.log
2014-02-09 23:31 - 2013-08-11 14:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-09 23:18 - 2013-01-17 05:12 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-09 23:09 - 2013-04-13 00:30 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000Core.job
2014-02-09 22:43 - 2013-03-19 21:09 - 00002230 _____ () C:\Users\kleinbär\Documents\kot.txt
2014-02-09 22:07 - 2014-02-09 22:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-09 14:49 - 2010-11-21 04:47 - 00615436 _____ () C:\Windows\PFRO.log
2014-02-08 22:53 - 2014-02-08 22:53 - 00000000 ____D () C:\Windows\ERUNT
2014-02-08 22:52 - 2014-02-08 22:53 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Desktop\JRT.exe
2014-02-08 22:52 - 2014-02-08 22:52 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Downloads\JRT.exe
2014-02-08 22:47 - 2014-02-08 22:37 - 00000000 ____D () C:\AdwCleaner
2014-02-08 22:36 - 2014-02-08 22:42 - 01166132 _____ () C:\Users\kleinbär\Desktop\adwcleaner.exe
2014-02-08 22:36 - 2014-02-08 22:36 - 01166132 _____ () C:\Users\kleinbär\Downloads\adwcleaner.exe
2014-02-08 22:17 - 2014-02-08 22:17 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00001124 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 22:15 - 2014-02-08 22:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kleinbär\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-08 21:12 - 2013-03-01 23:23 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Mozilla
2014-02-08 00:27 - 2013-06-08 10:11 - 00000000 ___RD () C:\Users\Jens\SkyDrive
2014-02-07 23:23 - 2013-02-08 19:43 - 00000000 ___RD () C:\Users\Jens\Dropbox
2014-02-07 23:23 - 2013-02-08 19:41 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Dropbox
2014-02-07 00:38 - 2014-02-07 00:38 - 00911928 _____ () C:\Windows\Minidump\020714-29031-01.dmp
2014-02-07 00:38 - 2013-12-13 16:07 - 973703321 _____ () C:\Windows\MEMORY.DMP
2014-02-07 00:38 - 2013-12-13 16:07 - 00000000 ____D () C:\Windows\Minidump
2014-02-06 23:20 - 2014-02-06 23:20 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Desktop\OTL.exe
2014-02-06 22:40 - 2014-02-06 22:09 - 00000478 _____ () C:\Users\kleinbär\Downloads\defogger_disable.log
2014-02-06 22:14 - 2014-02-06 22:14 - 00380416 _____ () C:\Users\kleinbär\Downloads\Gmer-19357.exe
2014-02-06 22:12 - 2014-02-06 22:11 - 00049103 _____ () C:\Users\kleinbär\Downloads\FRST.txt
2014-02-06 22:12 - 2014-02-06 22:11 - 00030983 _____ () C:\Users\kleinbär\Downloads\Addition.txt
2014-02-06 22:11 - 2014-02-06 22:10 - 02079744 _____ (Farbar) C:\Users\kleinbär\Downloads\FRST64.exe
2014-02-06 22:09 - 2014-02-06 22:09 - 00000000 _____ () C:\Users\kleinbär\defogger_reenable
2014-02-06 22:09 - 2013-02-06 09:45 - 00000000 ____D () C:\Users\kleinbär
2014-02-06 22:07 - 2014-02-06 22:07 - 00050477 _____ () C:\Users\kleinbär\Downloads\Defogger.exe
2014-02-06 21:44 - 2013-09-06 10:31 - 00002292 _____ () C:\Users\Jens\Desktop\kot.txt
2014-02-06 21:32 - 2014-02-06 21:32 - 00078008 _____ () C:\Users\kleinbär\Downloads\Extras.Txt
2014-02-06 21:30 - 2014-02-06 21:30 - 00129330 _____ () C:\Users\kleinbär\Downloads\OTL.Txt
2014-02-06 21:16 - 2014-02-06 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Downloads\OTL.exe
2014-02-04 22:31 - 2013-08-11 14:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 22:31 - 2013-02-09 22:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 22:31 - 2013-02-09 22:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 21:20 - 2013-11-16 22:15 - 00002186 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 23:53 - 2013-02-14 22:42 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\vlc
2014-02-03 23:44 - 2014-02-03 23:44 - 00000000 ____D () C:\Users\kleinbär\Desktop\picsZ10
2014-02-03 23:38 - 2013-04-06 10:29 - 00000000 ___RD () C:\Users\kleinbär\Podcasts
2014-02-03 10:03 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{69B5664E-A2E8-4DA7-B424-9FA9B9EADF98}
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{4069A92F-B013-45AB-9B3D-6045DE67FC33}
2014-01-31 08:43 - 2013-02-16 14:03 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\vlc
2014-01-31 07:45 - 2013-05-26 16:01 - 00000000 ____D () C:\Users\Jens\AppData\Local\CrashDumps
2014-01-29 21:07 - 2014-01-29 21:07 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-24 18:28 - 2013-05-27 16:35 - 00000000 ____D () C:\Users\Jens Rasch\AppData\Roaming\Dropbox
2014-01-24 18:25 - 2013-05-27 16:39 - 00001050 _____ () C:\Users\Jens Rasch\Desktop\Dropbox.lnk
2014-01-24 18:25 - 2013-05-27 16:39 - 00000000 ___RD () C:\Users\Jens Rasch\Dropbox
2014-01-24 18:25 - 2013-05-27 16:36 - 00000000 ____D () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-24 18:25 - 2013-05-27 16:04 - 00000000 ___RD () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 18:19 - 2013-05-27 16:04 - 00086160 _____ () C:\Users\Jens Rasch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-24 18:19 - 2013-05-27 16:04 - 00001436 _____ () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 21:43 - 2014-01-22 21:43 - 02278856 _____ () C:\Users\kleinbär\Downloads\avira_pc_cleaner_de.exe
2014-01-22 08:18 - 2014-01-22 08:18 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\TS3Client
2014-01-22 07:58 - 2014-01-22 07:57 - 00276206 _____ () C:\Users\Jens\Downloads\140120_PlanungReturnPath_Quartal01.xlsx
2014-01-22 07:42 - 2013-02-06 10:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 20:04 - 2013-02-06 09:54 - 00000000 ___RD () C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-17 20:03 - 2013-02-06 10:16 - 00001044 _____ () C:\Users\kleinbär\Desktop\Dropbox.lnk
2014-01-17 20:03 - 2013-02-06 10:13 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 21:28 - 2009-07-14 05:45 - 00343616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 21:00 - 2013-07-16 06:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 20:56 - 2013-02-17 00:29 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 08:13 - 2014-01-09 07:29 - 00000000 ____D () C:\Users\Jens\Desktop\captchadAkte
2014-01-14 08:31 - 2014-01-13 20:33 - 00000000 ___RD () C:\Users\Jens\Desktop\ProgrammaticPremium Solution
2014-01-11 19:29 - 2014-01-11 19:29 - 00283520 _____ () C:\Windows\Minidump\011114-24492-01.dmp
2014-01-11 15:51 - 2013-07-09 23:26 - 00000000 ____D () C:\Program Files (x86)\War Thunder
2014-01-11 14:40 - 2014-01-11 14:40 - 00000000 ____D () C:\Users\Jens\Documents\My Games
2014-01-11 14:39 - 2014-01-11 14:39 - 00000000 ____D () C:\Users\Jens\AppData\Local\WarThunder
2014-01-11 14:39 - 2013-07-09 23:26 - 00000000 ____D () C:\ProgramData\WarThunder

Some content of TEMP:
====================
C:\Users\Jens\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\Jens\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\Jens\AppData\Local\Temp\DesktopInstaller.exe
C:\Users\Jens\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\kleinbär\AppData\Local\Temp\AskSLib.dll
C:\Users\kleinbär\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\kleinbär\AppData\Local\Temp\Quarantine.exe
C:\Users\kleinbär\AppData\Local\Temp\uninst1.exe
C:\Users\kleinbär\AppData\Local\Temp\vcredist_x86.exe
C:\Users\kleinbär\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\kleinbär\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-28 23:18

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Zitat:
Zitat von schrauber Beitrag anzeigen
da fehlen noch Logs
oh shit

Alt 11.02.2014, 18:02   #8
schrauber
/// the machine
/// TB-Ausbilder
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


Malwarebytes und AdwCleaner log fehlen immer noch.....
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.02.2014, 21:28   #9
NoobDude
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


Zitat:
Zitat von schrauber Beitrag anzeigen
Malwarebytes und AdwCleaner log fehlen immer noch.....
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.10.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
kleinbär :: KLEINBÄR-THINK [Administrator]

11.02.2014 21:17:35
mbam-log-2014-02-11 (21-17-35).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 268627
Laufzeit: 8 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 11/02/2014 um 21:12:07
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : kleinbär - KLEINBÄR-THINK
# Gestartet von : C:\Users\kleinbär\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v27.0 (de)

[ Datei : C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\ezn8qurb.default\prefs.js ]


[ Datei : C:\Users\Jens\AppData\Roaming\Mozilla\Firefox\Profiles\mytglh6n.default\prefs.js ]


[ Datei : C:\Users\Jens Rasch\AppData\Roaming\Mozilla\Firefox\Profiles\dmchzlfn.default\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ Datei : C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5226 octets] - [08/02/2014 22:44:20]
AdwCleaner[R1].txt - [1355 octets] - [11/02/2014 21:10:31]
AdwCleaner[S0].txt - [5063 octets] - [08/02/2014 22:47:25]
AdwCleaner[S1].txt - [1276 octets] - [11/02/2014 21:12:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1336 octets] ##########

Alt 12.02.2014, 18:18   #10
schrauber
/// the machine
/// TB-Ausbilder
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.02.2014, 23:23   #11
NoobDude
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


Hm, Danke!

zum Thema Firefox zurücksetzen, das hatte ich ja auch schon so versucht. Nur: Wieso sollte ich einen neu installierten Firefox zurücksetzen?

nicht denken? Einfach machen?

Alt 13.02.2014, 22:20   #12
schrauber
/// the machine
/// TB-Ausbilder
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


Zitat:
Nur: Wieso sollte ich einen neu installierten Firefox zurücksetzen?
Diese Frage habe ich mir auch gestellt, aber es ist tatsächlich so. Eine Neuinstallation entsorgt nicht alles. Erst das Zusammenspiel beider Sachen bringt nen 100% sauberen FF
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.02.2014, 22:28   #13
NoobDude
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


puhh. erstmal der eset scanner. Fast 4 h hat der gerödelt.
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2717237e997f0a40b1e54405979d907b
# engine=17093
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-16 09:00:14
# local_time=2014-02-16 10:00:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3590 16777213 100 87 17226971 211602600 0 0
# compatibility_mode=5893 16776574 100 94 19151524 144214264 0 0
# scanned=223890
# found=3
# cleaned=0
# scan_time=13779
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=49AE9A9BCCBFBE22EE4DA0559CFB601188A1BC11 ft=1 fh=a58dc6ebe1984146 vn="multiple threats" ac=I fn="C:\Users\kleinbär\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8LLL6V0D\yontoosetup[1].exe"
sh=63D8A233223061D42538AD5F8A1552A86C0420CA ft=1 fh=0b75d8cb754ba137 vn="multiple threats" ac=I fn="C:\Users\kleinbär\AppData\Local\Temp\Doma\google-chrome_109\software\Yontoo.exe"
security check:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Norton AntiVirus   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Adobe Flash Player 11.9.900.170  
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Mozilla Firefox (27.0.1) 
 Mozilla Thunderbird (17.0.6) 
 Google Chrome 32.0.1700.102  
 Google Chrome 32.0.1700.107  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Norton AntiVirus Engine 20.4.0.40 ccSvcHst.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by kleinbär (administrator) on KLEINBÄR-THINK on 16-02-2014 22:22:20
Running from C:\Users\kleinbär\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Dropbox, Inc.) C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Join Air\UIExec.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Lenovo) C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wargaming.net) C:\Games\World_of_Tanks\WorldOfTanks.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916112 2012-04-08] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fastboot] - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-17] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [UIExec] - C:\Program Files (x86)\Join Air\UIExec.exe [138072 2010-04-27] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [RIM PeerManager] - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4265472 2013-04-26] (Research In Motion Limited)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\Run: [Google Update] - C:\Users\kleinbär\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-20] (Google Inc.)
HKU\S-1-5-21-3145524375-3569429777-1252793268-1000\...\MountPoints2: {96ece6c6-6059-11e2-ad97-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kleinbär\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Lenovo laptops - ThinkPads & IdeaPad
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE522
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\kleinbär\AppData\Roaming\Mozilla\Firefox\Profiles\nke1vfs8.default-1392546357075
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\kleinbär\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\kleinbär\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\kleinbär\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\kleinbär\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\IPSFF [2013-10-09]

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\kleinbr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Angry Birds) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-03-20]
CHR Extension: (Google Docs) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-06]
CHR Extension: (Google Drive) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-06]
CHR Extension: (YouTube) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-06]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2013-03-20]
CHR Extension: (Adblock Plus) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-20]
CHR Extension: (Google-Suche) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-06]
CHR Extension: (WGT Golf Challenge) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2013-03-20]
CHR Extension: (ayaya's Bookmark Tree) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\dneehabidhbfdiohdhbhjbbljobchgab [2013-03-20]
CHR Extension: (Chuck Anderson) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp [2013-03-20]
CHR Extension: (Chromium Scrapbook) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\gokffdfnlmampchciemmflgbckijpmlb [2013-03-20]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-03-20]
CHR Extension: (bitly | ♥  your bitmarks) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2013-03-20]
CHR Extension: (Right Click dict.leo.org) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickiggjghcdbbiokdpiinpmcgoldakoh [2013-03-20]
CHR Extension: (Firebug Console) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\jodfpogckhbcjamkfgjeicoiphpligka [2013-03-20]
CHR Extension: (Cargo Bridge) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2013-03-20]
CHR Extension: (DSL speedtest) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj [2013-03-20]
CHR Extension: (Norton Identity Protection) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-02-06]
CHR Extension: (Ghostery) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-03-20]
CHR Extension: (FastestFox – Schneller browsen) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-03-20]
CHR Extension: (Bundlr) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm [2013-03-20]
CHR Extension: (Google Wallet) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Norton Identity Protection) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2013-03-03]
CHR Extension: (Google Mail) - C:\Users\kleinbär\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-06]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-02-08]

==================== Services (Whitelisted) =================

R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-02-06] (Research In Motion Limited)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2012-05-15] (Lenovo.)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-17] (Lenovo)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-04-26] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1235456 2013-04-18] (Research In Motion Limited)
R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [247152 2010-04-27] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-19] (Symantec Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-22] (Symantec Corporation)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-17] (Windows (R) Win 7 DDK provider)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\IPSDefs\20140214.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\VirusDefs\20140215.007\ENG64.SYS [126040 2014-02-15] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.1.22\Definitions\VirusDefs\20140215.007\EX64.SYS [2099288 2014-02-15] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-04-26] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-16 22:11 - 2014-02-16 22:10 - 00987425 _____ () C:\Users\kleinbär\Desktop\SecurityCheck.exe
2014-02-16 22:10 - 2014-02-16 22:10 - 00987425 _____ () C:\Users\kleinbär\Downloads\SecurityCheck.exe
2014-02-16 11:27 - 2014-02-16 11:27 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-16 11:26 - 2014-02-16 11:27 - 02347384 _____ (ESET) C:\Users\kleinbär\Downloads\esetsmartinstaller_enu (1).exe
2014-02-15 23:41 - 2014-02-15 23:41 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-15 23:41 - 2014-02-15 23:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 23:39 - 2014-02-15 23:39 - 00283256 _____ (Mozilla) C:\Users\kleinbär\Downloads\Firefox Setup Stub 27.0.1 (1).exe
2014-02-15 23:28 - 2014-02-16 09:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 23:27 - 2014-02-15 23:27 - 00283256 _____ (Mozilla) C:\Users\kleinbär\Downloads\Firefox Setup Stub 27.0.1.exe
2014-02-15 20:08 - 2014-02-15 20:08 - 00001279 _____ () C:\Users\kleinbär\Desktop\Revo Uninstaller.lnk
2014-02-15 20:08 - 2014-02-15 20:08 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-02-15 20:07 - 2014-02-15 20:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\kleinbär\Downloads\revosetup95.exe
2014-02-15 20:07 - 2014-02-15 20:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\kleinbär\Downloads\revosetup95 (1).exe
2014-02-14 07:31 - 2014-02-14 07:31 - 00022528 ____H () C:\Users\Jens\Desktop\~WRL2193.tmp
2014-02-12 23:35 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 23:35 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 23:34 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 23:34 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 23:34 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 23:34 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 23:34 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 23:34 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 23:34 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 23:34 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 23:34 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 23:34 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 23:34 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 23:34 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 23:34 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 23:34 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 23:34 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 23:34 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 23:34 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 23:34 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 23:34 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 23:34 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 23:34 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 23:34 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 23:34 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 23:34 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 23:34 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 23:34 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 23:34 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 23:34 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 23:34 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 23:34 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 23:34 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 23:34 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 23:34 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 23:34 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 23:34 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 23:34 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 23:34 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 23:34 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 23:34 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 23:32 - 2014-02-12 23:32 - 02347384 _____ (ESET) C:\Users\kleinbär\Downloads\esetsmartinstaller_enu.exe
2014-02-12 23:27 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 23:27 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 23:27 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 23:27 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 23:27 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 23:27 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 23:27 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 23:27 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 23:27 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 23:27 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 23:27 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 23:27 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 23:27 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 23:27 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 23:27 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 23:27 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 23:27 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 23:27 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 23:27 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 23:27 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 23:27 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 23:27 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 23:27 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 23:27 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 23:26 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 23:26 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 23:26 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 23:26 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 22:29 - 2014-02-11 22:29 - 00000000 ____D () C:\Users\Jens\Desktop\Alte Firefox-Daten
2014-02-11 21:09 - 2014-02-11 21:08 - 01166132 _____ () C:\Users\Jens\Desktop\adwcleaner.exe
2014-02-11 21:08 - 2014-02-11 21:08 - 01166132 _____ () C:\Users\Jens\Downloads\adwcleaner.exe
2014-02-11 21:00 - 2014-02-11 21:00 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Malwarebytes
2014-02-10 22:12 - 2014-02-16 22:22 - 00029517 _____ () C:\Users\kleinbär\Desktop\FRST.txt
2014-02-10 22:11 - 2014-02-16 22:22 - 00000000 ____D () C:\Users\kleinbär\Desktop\FRST-OlderVersion
2014-02-08 22:55 - 2014-02-16 22:22 - 02152448 _____ (Farbar) C:\Users\kleinbär\Desktop\FRST64.exe
2014-02-08 22:53 - 2014-02-08 22:53 - 00000000 ____D () C:\Windows\ERUNT
2014-02-08 22:53 - 2014-02-08 22:52 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Desktop\JRT.exe
2014-02-08 22:52 - 2014-02-08 22:52 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Downloads\JRT.exe
2014-02-08 22:42 - 2014-02-08 22:36 - 01166132 _____ () C:\Users\kleinbär\Desktop\adwcleaner.exe
2014-02-08 22:37 - 2014-02-11 21:12 - 00000000 ____D () C:\AdwCleaner
2014-02-08 22:36 - 2014-02-08 22:36 - 01166132 _____ () C:\Users\kleinbär\Downloads\adwcleaner.exe
2014-02-08 22:17 - 2014-02-08 22:17 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00001124 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 22:16 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-08 22:15 - 2014-02-08 22:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kleinbär\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-07 00:38 - 2014-02-07 00:38 - 00911928 _____ () C:\Windows\Minidump\020714-29031-01.dmp
2014-02-06 23:20 - 2014-02-06 23:20 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Desktop\OTL.exe
2014-02-06 22:14 - 2014-02-06 22:14 - 00380416 _____ () C:\Users\kleinbär\Downloads\Gmer-19357.exe
2014-02-06 22:11 - 2014-02-16 22:22 - 00000000 ____D () C:\FRST
2014-02-06 22:11 - 2014-02-06 22:12 - 00049103 _____ () C:\Users\kleinbär\Downloads\FRST.txt
2014-02-06 22:11 - 2014-02-06 22:12 - 00030983 _____ () C:\Users\kleinbär\Downloads\Addition.txt
2014-02-06 22:10 - 2014-02-06 22:11 - 02079744 _____ (Farbar) C:\Users\kleinbär\Downloads\FRST64.exe
2014-02-06 22:09 - 2014-02-06 22:40 - 00000478 _____ () C:\Users\kleinbär\Downloads\defogger_disable.log
2014-02-06 22:09 - 2014-02-06 22:09 - 00000000 _____ () C:\Users\kleinbär\defogger_reenable
2014-02-06 22:07 - 2014-02-06 22:07 - 00050477 _____ () C:\Users\kleinbär\Downloads\Defogger.exe
2014-02-06 21:32 - 2014-02-06 21:32 - 00078008 _____ () C:\Users\kleinbär\Downloads\Extras.Txt
2014-02-06 21:30 - 2014-02-06 21:30 - 00129330 _____ () C:\Users\kleinbär\Downloads\OTL.Txt
2014-02-06 21:16 - 2014-02-06 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Downloads\OTL.exe
2014-02-03 23:44 - 2014-02-03 23:44 - 00000000 ____D () C:\Users\kleinbär\Desktop\picsZ10
2014-02-03 10:02 - 2014-02-03 10:03 - 00000000 ____D () C:\Users\Jens\AppData\Local\{69B5664E-A2E8-4DA7-B424-9FA9B9EADF98}
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{4069A92F-B013-45AB-9B3D-6045DE67FC33}
2014-01-29 21:07 - 2014-01-29 21:07 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-22 21:43 - 2014-01-22 21:43 - 02278856 _____ () C:\Users\kleinbär\Downloads\avira_pc_cleaner_de.exe
2014-01-22 08:18 - 2014-01-22 08:18 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\TS3Client
2014-01-22 07:57 - 2014-01-22 07:58 - 00276206 _____ () C:\Users\Jens\Downloads\140120_PlanungReturnPath_Quartal01.xlsx

==================== One Month Modified Files and Folders =======

2014-02-16 22:22 - 2014-02-10 22:12 - 00029517 _____ () C:\Users\kleinbär\Desktop\FRST.txt
2014-02-16 22:22 - 2014-02-10 22:11 - 00000000 ____D () C:\Users\kleinbär\Desktop\FRST-OlderVersion
2014-02-16 22:22 - 2014-02-08 22:55 - 02152448 _____ (Farbar) C:\Users\kleinbär\Desktop\FRST64.exe
2014-02-16 22:22 - 2014-02-06 22:11 - 00000000 ____D () C:\FRST
2014-02-16 22:16 - 2013-04-13 00:30 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000UA.job
2014-02-16 22:10 - 2014-02-16 22:11 - 00987425 _____ () C:\Users\kleinbär\Desktop\SecurityCheck.exe
2014-02-16 22:10 - 2014-02-16 22:10 - 00987425 _____ () C:\Users\kleinbär\Downloads\SecurityCheck.exe
2014-02-16 21:31 - 2013-08-11 14:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-16 21:23 - 2013-01-17 05:12 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-16 20:48 - 2013-01-17 04:59 - 01896629 _____ () C:\Windows\WindowsUpdate.log
2014-02-16 17:53 - 2013-02-06 09:45 - 00000000 ____D () C:\Users\kleinbär
2014-02-16 14:23 - 2013-01-17 05:12 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-16 14:16 - 2013-04-13 00:30 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000Core.job
2014-02-16 11:27 - 2014-02-16 11:27 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-16 11:27 - 2014-02-16 11:26 - 02347384 _____ (ESET) C:\Users\kleinbär\Downloads\esetsmartinstaller_enu (1).exe
2014-02-16 11:08 - 2009-07-14 05:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-16 11:08 - 2009-07-14 05:45 - 00034208 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-16 11:07 - 2013-01-17 13:46 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-02-16 11:07 - 2013-01-17 13:46 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-02-16 11:07 - 2009-07-14 06:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-16 11:04 - 2013-02-06 10:13 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Dropbox
2014-02-16 11:03 - 2013-02-06 10:16 - 00000000 ___RD () C:\Users\kleinbär\Dropbox
2014-02-16 11:01 - 2010-11-21 04:47 - 00624740 _____ () C:\Windows\PFRO.log
2014-02-16 11:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-16 11:01 - 2009-07-14 05:51 - 00134511 _____ () C:\Windows\setupact.log
2014-02-16 10:26 - 2013-03-19 21:09 - 00002163 _____ () C:\Users\kleinbär\Documents\kot.txt
2014-02-16 09:47 - 2014-02-15 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 23:41 - 2014-02-15 23:41 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-15 23:41 - 2014-02-15 23:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 23:41 - 2013-03-01 23:23 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Mozilla
2014-02-15 23:39 - 2014-02-15 23:39 - 00283256 _____ (Mozilla) C:\Users\kleinbär\Downloads\Firefox Setup Stub 27.0.1 (1).exe
2014-02-15 23:27 - 2014-02-15 23:27 - 00283256 _____ (Mozilla) C:\Users\kleinbär\Downloads\Firefox Setup Stub 27.0.1.exe
2014-02-15 20:16 - 2013-07-09 21:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-15 20:08 - 2014-02-15 20:08 - 00001279 _____ () C:\Users\kleinbär\Desktop\Revo Uninstaller.lnk
2014-02-15 20:08 - 2014-02-15 20:08 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-02-15 20:07 - 2014-02-15 20:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\kleinbär\Downloads\revosetup95.exe
2014-02-15 20:07 - 2014-02-15 20:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\kleinbär\Downloads\revosetup95 (1).exe
2014-02-15 14:18 - 2013-01-17 05:12 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 14:18 - 2013-01-17 05:12 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 14:11 - 2013-04-13 00:30 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000UA
2014-02-15 14:11 - 2013-04-13 00:30 - 00003712 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3145524375-3569429777-1252793268-1000Core
2014-02-15 10:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-14 09:10 - 2013-06-08 10:11 - 00000000 ___RD () C:\Users\Jens\SkyDrive
2014-02-14 09:09 - 2013-02-08 19:41 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Dropbox
2014-02-14 09:08 - 2013-02-08 19:43 - 00000000 ___RD () C:\Users\Jens\Dropbox
2014-02-14 07:31 - 2014-02-14 07:31 - 00022528 ____H () C:\Users\Jens\Desktop\~WRL2193.tmp
2014-02-12 23:53 - 2013-02-06 10:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 23:32 - 2014-02-12 23:32 - 02347384 _____ (ESET) C:\Users\kleinbär\Downloads\esetsmartinstaller_enu.exe
2014-02-11 22:29 - 2014-02-11 22:29 - 00000000 ____D () C:\Users\Jens\Desktop\Alte Firefox-Daten
2014-02-11 21:12 - 2014-02-08 22:37 - 00000000 ____D () C:\AdwCleaner
2014-02-11 21:08 - 2014-02-11 21:09 - 01166132 _____ () C:\Users\Jens\Desktop\adwcleaner.exe
2014-02-11 21:08 - 2014-02-11 21:08 - 01166132 _____ () C:\Users\Jens\Downloads\adwcleaner.exe
2014-02-11 21:00 - 2014-02-11 21:00 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Malwarebytes
2014-02-08 22:53 - 2014-02-08 22:53 - 00000000 ____D () C:\Windows\ERUNT
2014-02-08 22:52 - 2014-02-08 22:53 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Desktop\JRT.exe
2014-02-08 22:52 - 2014-02-08 22:52 - 01037530 _____ (Thisisu) C:\Users\kleinbär\Downloads\JRT.exe
2014-02-08 22:36 - 2014-02-08 22:42 - 01166132 _____ () C:\Users\kleinbär\Desktop\adwcleaner.exe
2014-02-08 22:36 - 2014-02-08 22:36 - 01166132 _____ () C:\Users\kleinbär\Downloads\adwcleaner.exe
2014-02-08 22:17 - 2014-02-08 22:17 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00001124 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-08 22:16 - 2014-02-08 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 22:15 - 2014-02-08 22:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kleinbär\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-07 00:38 - 2014-02-07 00:38 - 00911928 _____ () C:\Windows\Minidump\020714-29031-01.dmp
2014-02-07 00:38 - 2013-12-13 16:07 - 973703321 _____ () C:\Windows\MEMORY.DMP
2014-02-07 00:38 - 2013-12-13 16:07 - 00000000 ____D () C:\Windows\Minidump
2014-02-06 23:20 - 2014-02-06 23:20 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Desktop\OTL.exe
2014-02-06 22:40 - 2014-02-06 22:09 - 00000478 _____ () C:\Users\kleinbär\Downloads\defogger_disable.log
2014-02-06 22:14 - 2014-02-06 22:14 - 00380416 _____ () C:\Users\kleinbär\Downloads\Gmer-19357.exe
2014-02-06 22:12 - 2014-02-06 22:11 - 00049103 _____ () C:\Users\kleinbär\Downloads\FRST.txt
2014-02-06 22:12 - 2014-02-06 22:11 - 00030983 _____ () C:\Users\kleinbär\Downloads\Addition.txt
2014-02-06 22:11 - 2014-02-06 22:10 - 02079744 _____ (Farbar) C:\Users\kleinbär\Downloads\FRST64.exe
2014-02-06 22:09 - 2014-02-06 22:09 - 00000000 _____ () C:\Users\kleinbär\defogger_reenable
2014-02-06 22:07 - 2014-02-06 22:07 - 00050477 _____ () C:\Users\kleinbär\Downloads\Defogger.exe
2014-02-06 21:44 - 2013-09-06 10:31 - 00002292 _____ () C:\Users\Jens\Desktop\kot.txt
2014-02-06 21:32 - 2014-02-06 21:32 - 00078008 _____ () C:\Users\kleinbär\Downloads\Extras.Txt
2014-02-06 21:30 - 2014-02-06 21:30 - 00129330 _____ () C:\Users\kleinbär\Downloads\OTL.Txt
2014-02-06 21:16 - 2014-02-06 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\kleinbär\Downloads\OTL.exe
2014-02-06 13:16 - 2014-02-12 23:34 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 23:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 23:34 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 23:34 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 23:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 23:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 23:34 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 23:34 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 23:34 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 23:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 23:34 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 23:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 23:34 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 23:34 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 23:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 23:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 23:34 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 23:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 23:34 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 23:34 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 23:34 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 23:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 23:34 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 23:34 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 23:34 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 23:34 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 23:34 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 23:34 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 23:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 23:34 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 23:34 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 23:34 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 23:34 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 23:34 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 23:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 23:34 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 23:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 23:34 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 23:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 22:31 - 2013-08-11 14:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-04 22:31 - 2013-02-09 22:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 22:31 - 2013-02-09 22:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 21:20 - 2013-11-16 22:15 - 00002186 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 23:53 - 2013-02-14 22:42 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\vlc
2014-02-03 23:44 - 2014-02-03 23:44 - 00000000 ____D () C:\Users\kleinbär\Desktop\picsZ10
2014-02-03 23:38 - 2013-04-06 10:29 - 00000000 ___RD () C:\Users\kleinbär\Podcasts
2014-02-03 10:03 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{69B5664E-A2E8-4DA7-B424-9FA9B9EADF98}
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\Windows Live Writer
2014-02-03 10:02 - 2014-02-03 10:02 - 00000000 ____D () C:\Users\Jens\AppData\Local\{4069A92F-B013-45AB-9B3D-6045DE67FC33}
2014-01-31 08:43 - 2013-02-16 14:03 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\vlc
2014-01-31 07:45 - 2013-05-26 16:01 - 00000000 ____D () C:\Users\Jens\AppData\Local\CrashDumps
2014-01-29 21:07 - 2014-01-29 21:07 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2014-01-24 18:28 - 2013-05-27 16:35 - 00000000 ____D () C:\Users\Jens Rasch\AppData\Roaming\Dropbox
2014-01-24 18:25 - 2013-05-27 16:39 - 00001050 _____ () C:\Users\Jens Rasch\Desktop\Dropbox.lnk
2014-01-24 18:25 - 2013-05-27 16:39 - 00000000 ___RD () C:\Users\Jens Rasch\Dropbox
2014-01-24 18:25 - 2013-05-27 16:36 - 00000000 ____D () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-24 18:25 - 2013-05-27 16:04 - 00000000 ___RD () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 18:19 - 2013-05-27 16:04 - 00086160 _____ () C:\Users\Jens Rasch\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-24 18:19 - 2013-05-27 16:04 - 00001436 _____ () C:\Users\Jens Rasch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 21:43 - 2014-01-22 21:43 - 02278856 _____ () C:\Users\kleinbär\Downloads\avira_pc_cleaner_de.exe
2014-01-22 08:18 - 2014-01-22 08:18 - 00000000 ____D () C:\Users\Jens\AppData\Roaming\TS3Client
2014-01-22 07:58 - 2014-01-22 07:57 - 00276206 _____ () C:\Users\Jens\Downloads\140120_PlanungReturnPath_Quartal01.xlsx
2014-01-17 20:04 - 2013-02-06 09:54 - 00000000 ___RD () C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-17 20:03 - 2013-02-06 10:16 - 00001044 _____ () C:\Users\kleinbär\Desktop\Dropbox.lnk
2014-01-17 20:03 - 2013-02-06 10:13 - 00000000 ____D () C:\Users\kleinbär\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Some content of TEMP:
====================
C:\Users\Jens\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\Jens\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\Jens\AppData\Local\Temp\DesktopInstaller.exe
C:\Users\Jens\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\kleinbär\AppData\Local\Temp\AskSLib.dll
C:\Users\kleinbär\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\kleinbär\AppData\Local\Temp\Quarantine.exe
C:\Users\kleinbär\AppData\Local\Temp\uninst1.exe
C:\Users\kleinbär\AppData\Local\Temp\vcredist_x86.exe
C:\Users\kleinbär\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\kleinbär\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-15 10:29

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Jetzt hab ich noch ne Frage:
Der eset scanner hat ja noch drei sachen gefunden, diese wurden ja nicht gelöscht. Ich meine das:
Code:
ATTFilter
found=3
# cleaned=0
# scan_time=13779
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=49AE9A9BCCBFBE22EE4DA0559CFB601188A1BC11 ft=1 fh=a58dc6ebe1984146 vn="multiple threats" ac=I fn="C:\Users\kleinbär\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8LLL6V0D\yontoosetup[1].exe"
sh=63D8A233223061D42538AD5F8A1552A86C0420CA ft=1 fh=0b75d8cb754ba137 vn="multiple threats" ac=I fn="C:\Users\kleinbär\AppData\Local\Temp\Doma\google-chrome_109\software\Yontoo.exe"
wie werde ich das noch los?
Daaanke im voraus!

Alt 17.02.2014, 14:31   #14
schrauber
/// the machine
/// TB-Ausbilder
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


2 sind in den Temps, löschen wir jetzt. Eines ist schon in Quarantäne.


Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Adobe updaten.


Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.02.2014, 21:32   #15
NoobDude
 
adfly plötzlich da und leitet navigation um, nur Adware? - Standard

adfly plötzlich da und leitet navigation um, nur Adware?


Jou, sauber. Kannst mich runternehmen. Alles supi!
Danke!

Antwort
Seite 1 von 2 1 2

Themen zu adfly plötzlich da und leitet navigation um, nur Adware?
adfly, adobe, adware, adware?, antivirus, autorun, avira, bho, chromium, continue, defender, dsl, entfernen, explorer, firefox, flash player, format, google, logfile, mozilla, nginx, pdf, pwmtr64v.dll, realtek, registry, rundll, scan, software, speedtest, symantec, tunnel, umleitung auf andere seiten, usb, windows


« BDS/Hupigon.Gen sowie TR/Mediyes.Gen6 | Spyware in Quarantene. »


Ähnliche Themen: adfly plötzlich da und leitet navigation um, nur Adware?


  1. Adware.Gen7 - Adware/Cherished.oia - Adware/InstallCore.Gen9 - TR/Trash.Gen bei Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (13)
  2. Adfly Seiten öffnen sich von selber
    Plagegeister aller Art und deren Bekämpfung - 04.09.2014 (6)
  3. eBay-Fake eMail mit ZIP Anhang gespeichert, Windows 7- Avira: Enthält Erkennungsmuster der Adware ADWARE/Adware.Gen
    Log-Analyse und Auswertung - 29.08.2014 (17)
  4. Junkware / Adware Problem - Firefox leitet Suchanfragen um - Ungebetene Popups
    Plagegeister aller Art und deren Bekämpfung - 14.07.2014 (3)
  5. Windows 8.1 Adware leitet um und lässt sich nicht entfernen
    Log-Analyse und Auswertung - 12.07.2014 (24)
  6. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  7. Unter Win8.1 über Firefox popt immer wieder adfly Seite auf.
    Plagegeister aller Art und deren Bekämpfung - 25.02.2014 (9)
  8. Firefox leitet auf AdFly Seite weiter und nimmt Links nicht mehr an
    Plagegeister aller Art und deren Bekämpfung - 31.01.2014 (16)
  9. CPU-Auslastung 100% durch sychost.exe -> sehr lahmer PC (->plötzlich) - "ADWARE/Adppeeps.A" gefunden
    Log-Analyse und Auswertung - 14.11.2013 (1)
  10. Nach Neustart:Weisser Bildschirm mit Nachricht: Die Navigation zur Webseite wurde abgebrochen.
    Log-Analyse und Auswertung - 25.10.2013 (32)
  11. PC plötzlich langsam - Adware?
    Plagegeister aller Art und deren Bekämpfung - 30.08.2013 (9)
  12. Nach Neustart nur weißer Bildschirm mit der Nachricht "Die Navigation zu der Webseite wurde abgebrochen
    Plagegeister aller Art und deren Bekämpfung - 10.04.2013 (15)
  13. Die Navigation zur Website wurde abgebrochen
    Plagegeister aller Art und deren Bekämpfung - 10.10.2012 (7)
  14. Navigation zur Website wurde abgebrochen - nach Neustart geht nichts mehr
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (4)
  15. Virus? Die Navigation zur Webeite wurde abgebrochen.
    Plagegeister aller Art und deren Bekämpfung - 11.09.2012 (1)
  16. PC von Adware.Agent.ZGen, Adware.ClickPotato, Adware.ShopperReports, Adware.Hotbar, Adwa angegriffen
    Mülltonne - 30.06.2011 (0)
  17. iexplore.exe + IE Startet plötzlich + FF leitet bei googel Suche um + AV geht nicht
    Plagegeister aller Art und deren Bekämpfung - 19.01.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema adfly plötzlich da und leitet navigation um, nur Adware? - hab mir was eingefangen und werde es nicht los: Mag mir jemand helfen? Ich bin aber wirklich ein Noob, was sowas angeht. hier dieser otl.text. Reicht das? Code: Alles auswählen - adfly plötzlich da und leitet navigation um, nur Adware?...
Archiv
Du betrachtest: adfly plötzlich da und leitet navigation um, nur Adware? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131