| |
| |||||||
Log-Analyse und Auswertung: Schreiben im Internet unmöglichWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
26.01.2014, 14:48
| #16 |
 |  Schreiben im Internet unmöglich ein bekannter hat mir zu einem ´Windows-reparatur-tool´ geraten. Würde das noch was bringen, denn ein Virus oder so wird es nicht mehr sein, oder? Was hältst du davon? Oder ganz neu aufsetzen? lg |
|
27.01.2014, 09:30
| #17 |
| /// the machine /// TB-Ausbilder    | Schreiben im Internet unmöglich Ich würd BTVStack neu installieren.
__________________Downloade dir bitte Windows Repair (All In One) von hier.
__________________ |
|
27.01.2014, 18:00
| #18 |
| | Schreiben im Internet unmöglich hallo,
__________________hab windows repair ausgeführt, es ergab aber keine änderung .. btv.stack-fehler ist noch da. zu welchem programm gehört das? bluetooth oder so? dann deinstalliere ich das ganze programm. seit windows repair ist laptop total langsam. wie kann ich das wieder runterlöschen? finde es unter programmen nicht. was ist mit den anderen programmen, die wir installiert haben in den letzten tagen. wie lösche ich die runter? lg |
|
28.01.2014, 12:40
| #19 |
| /// the machine /// TB-Ausbilder | Schreiben im Internet unmöglich Bluetooth und Skype am Besten deinstallieren, dann neu installieren. Reboote den Rechner bitte mal mehrfach, und poste dann ein frisches FRST log. Ich schau nochmal drüber, dann räumen wir auf 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.01.2014, 21:16
| #20 |
| | Schreiben im Internet unmöglich nach reboot das frst FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Sigrid (administrator) on SIGRID-HP on 28-01-2014 20:27:48
Running from C:\Users\Sigrid\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MfeEpePcMonitor] - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1424896 2012-11-14] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2996792 2011-07-15] (Hewlett-Packard Company)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-19] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IKARUS-GuardX] - C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe [5016824 2011-11-07] (IKARUS Security Software GmbH)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-27] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKCU\...\Run: [HP Photosmart 5510 series (NET) #2] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
Lsa: [Notification Packages] DPPassFilter scecli
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.google.at
FF NetworkProxy: "autoconfig_url", "hxxp://internetschutz.aon.at/webschutz/webschutz.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-06]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-03-09]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-22]
CHR Extension: (Google Drive) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-22]
CHR Extension: (YouTube) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-22]
CHR Extension: (Google-Suche) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-22]
CHR Extension: (Google Wallet) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
CHR Extension: (Google Mail) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-22]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-19] (Qualcomm Atheros Commnucations)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company)
R2 GuardX; C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe [1531280 2011-11-07] (IKARUS Security Software GmbH)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-19] (Atheros)
S2 SelfUpdateService; "C:\Program Files (x86)\Freetec\SystemStore\SelfUpdate.exe" -displayname "Self Update Service" -servicename "SelfUpdateService" [x]
==================== Drivers (Whitelisted) ====================
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-19] (Qualcomm Atheros)
S1 cdrbsdrv; C:\Windows\SysWow64\Drivers\cdrbsdrv.sys [32256 2005-05-10] (B.H.A Corporation)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 NTGUARD; C:\Program Files (x86)\A1 Internetschutz\bin\ntguard_x64.sys [36816 2011-11-07] (IKARUS Security Software GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
S3 ssceserd; C:\Windows\System32\DRIVERS\ssceserd.sys [129024 2010-12-21] (MCCI Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-28 19:00 - 2014-01-28 19:00 - 00262144 _____ C:\windows\Minidump\012814-85862-01.dmp
2014-01-27 11:06 - 2014-01-27 17:17 - 00181064 _____ (Sysinternals) C:\windows\PSEXESVC.EXE
2014-01-27 11:00 - 2014-01-27 11:00 - 00000207 _____ C:\windows\tweaking.com-regbackup-SIGRID-HP-Microsoft-Windows-7-Professional-(64-bit).dat
2014-01-27 10:59 - 2014-01-27 10:59 - 00000000 ____D C:\RegBackup
2014-01-27 10:12 - 2014-01-27 10:12 - 00000000 ____D C:\Users\Sigrid\Downloads\tweaking.com_windows_repair_aio
2014-01-27 10:12 - 2014-01-27 10:12 - 00000000 ____D C:\Users\Sigrid\Desktop\Tweaking.com - Windows Repair
2014-01-27 10:00 - 2014-01-27 10:00 - 00000000 ____D C:\Users\Sigrid\Documents\tweaking.com_windows_repair_aio-3
2014-01-27 09:56 - 2014-01-27 09:56 - 02903255 _____ C:\Users\Sigrid\Downloads\tweaking.com_windows_repair_aio.zip
2014-01-27 09:54 - 2014-01-27 09:54 - 00000000 ____D C:\Users\Sigrid\Documents\tweaking.com_windows_repair_aio-2
2014-01-27 09:29 - 2014-01-27 09:29 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Macromedia
2014-01-27 09:27 - 2014-01-27 09:27 - 00001107 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\ProgramData\Mozilla
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-27 08:53 - 2014-01-27 08:53 - 00262144 _____ C:\windows\Minidump\012714-26566-01.dmp
2014-01-26 15:03 - 2014-01-26 15:03 - 00262144 _____ C:\windows\Minidump\012614-24351-01.dmp
2014-01-26 14:13 - 2014-01-26 14:13 - 00262144 _____ C:\windows\Minidump\012614-25584-01.dmp
2014-01-24 22:45 - 2014-01-24 22:46 - 17738632 _____ (Adobe Systems Incorporated) C:\Users\Sigrid\Downloads\flashplayer_12_ax_debug.exe
2014-01-24 22:39 - 2014-01-24 22:39 - 00262144 _____ C:\windows\Minidump\012414-25552-01.dmp
2014-01-24 21:26 - 2014-01-24 21:26 - 00262144 _____ C:\windows\Minidump\012414-50185-01.dmp
2014-01-24 21:18 - 2014-01-28 19:00 - 599999195 _____ C:\windows\MEMORY.DMP
2014-01-24 21:18 - 2014-01-24 21:18 - 00262144 _____ C:\windows\Minidump\012414-31090-01.dmp
2014-01-24 16:04 - 2014-01-24 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sigrid\Downloads\revosetup95.exe
2014-01-24 16:04 - 2014-01-24 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sigrid\Downloads\revosetup95 (1).exe
2014-01-24 16:04 - 2014-01-24 16:04 - 00001224 _____ C:\Users\Sigrid\Desktop\Revo Uninstaller.lnk
2014-01-24 16:04 - 2014-01-24 16:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2014-01-24 16:02 - 2014-01-24 16:02 - 00008653 _____ C:\Users\Sigrid\Desktop\bookmarks_24.01.14.html
2014-01-23 21:13 - 2014-01-23 21:13 - 00000000 ____D C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-22 15:35 - 2014-01-22 15:36 - 10339208 _____ (Adobe Systems, Inc.) C:\Users\Sigrid\Downloads\flashplayer_12_sa.exe
2014-01-21 21:25 - 2014-01-21 21:25 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (3).exe
2014-01-21 21:03 - 2014-01-21 21:03 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (2).exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Downloads\SecurityCheck.exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Desktop\SecurityCheck.exe
2014-01-21 16:18 - 2014-01-21 16:18 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (1).exe
2014-01-21 15:54 - 2014-01-21 15:55 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu.exe
2014-01-20 23:41 - 2014-01-20 23:41 - 00000000 ____D C:\Users\Sigrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-20 18:14 - 2014-01-20 18:14 - 00002904 _____ C:\Users\Sigrid\Desktop\JRT.txt
2014-01-20 18:09 - 2014-01-20 18:09 - 00000000 ____D C:\windows\ERUNT
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Downloads\JRT.exe
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Desktop\JRT.exe
2014-01-20 17:52 - 2014-01-20 18:00 - 00000000 ____D C:\AdwCleaner
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Downloads\adwcleaner.exe
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Desktop\adwcleaner.exe
2014-01-20 15:19 - 2014-01-28 20:26 - 00000000 ____D C:\Users\Sigrid\Desktop\FRST-OlderVersion
2014-01-19 16:17 - 2014-01-19 16:17 - 00029562 _____ C:\Users\Sigrid\Desktop\ComboFix.txt
2014-01-19 16:04 - 2014-01-27 17:19 - 00002984 _____ C:\windows\PFRO.log
2014-01-19 15:51 - 2014-01-19 16:17 - 00000000 ____D C:\Qoobox
2014-01-19 15:51 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2014-01-19 15:51 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2014-01-19 15:51 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2014-01-19 15:45 - 2014-01-19 15:45 - 05167985 ____R (Swearware) C:\Users\Sigrid\Desktop\ComboFix.exe
2014-01-19 15:44 - 2014-01-19 15:45 - 05167985 _____ (Swearware) C:\Users\Sigrid\Downloads\ComboFix.exe
2014-01-19 09:11 - 2014-01-19 09:12 - 00033941 _____ C:\Users\Sigrid\Desktop\Addition.txt
2014-01-19 09:09 - 2014-01-28 20:27 - 00020086 _____ C:\Users\Sigrid\Desktop\FRST.txt
2014-01-19 09:08 - 2014-01-28 20:26 - 00000000 ____D C:\FRST
2014-01-18 23:33 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 23:33 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-01-18 23:33 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-01-18 23:33 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-01-18 23:32 - 2014-01-18 23:33 - 00005327 _____ C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 17:15 - 2014-01-18 17:15 - 00002177 _____ C:\Users\Sigrid\Desktop\HP Support Assistant.lnk
2014-01-18 17:09 - 2014-01-18 17:09 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 15:42 - 2014-01-18 15:42 - 00090936 _____ C:\Users\Sigrid\Documents\A1 Internetschutz_support_18012014_1541.zip
2014-01-18 15:42 - 2014-01-18 15:42 - 00090647 _____ C:\Users\Sigrid\Desktop\A1 Internetschutz_support_18012014_1542.zip
2014-01-18 15:33 - 2014-01-18 15:33 - 00008438 _____ C:\Users\Sigrid\Desktop\Gmer.txt
2014-01-18 15:19 - 2014-01-18 15:19 - 00370610 _____ C:\Users\Sigrid\Desktop\gmer_2.1.19323.zip
2014-01-18 15:17 - 2014-01-18 15:17 - 02076160 _____ (Farbar) C:\Users\Sigrid\Downloads\FRST64.exe
2014-01-18 15:12 - 2014-01-28 20:26 - 02079232 _____ (Farbar) C:\Users\Sigrid\Desktop\FRST64.exe
2014-01-18 15:04 - 2014-01-18 15:04 - 00000474 _____ C:\Users\Sigrid\Desktop\defogger_disable.log
2014-01-18 14:54 - 2014-01-18 14:54 - 00000474 _____ C:\Users\Sigrid\Downloads\defogger_disable.log
2014-01-18 14:47 - 2014-01-18 14:47 - 00050477 _____ C:\Users\Sigrid\Desktop\Defogger.exe
2014-01-18 11:30 - 2014-01-18 11:30 - 00322771 _____ C:\Users\Sigrid\AppData\Local\census.cache
2014-01-18 11:29 - 2014-01-18 11:29 - 00118007 _____ C:\Users\Sigrid\AppData\Local\ars.cache
2014-01-18 11:04 - 2014-01-18 11:04 - 00000036 _____ C:\Users\Sigrid\AppData\Local\housecall.guid.cache
2014-01-18 11:03 - 2014-01-18 11:04 - 02405664 _____ (Trend Micro Inc.) C:\Users\Sigrid\Downloads\HousecallLauncher64.exe
2014-01-15 14:08 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 14:08 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 14:08 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-14 06:23 - 2014-01-14 06:23 - 00022918 _____ C:\Users\Herzogs\Downloads\Zusammenfassung laufende Buchungen.xlsx
2014-01-13 09:11 - 2014-01-13 09:11 - 00470043 _____ C:\Users\Sigrid\Downloads\Karte von Israel zur Zeit Jesu.zip
2014-01-13 08:19 - 2014-01-13 08:19 - 03381378 _____ C:\Users\Sigrid\Downloads\Israel-Video-small.wmv
2014-01-12 01:00 - 2014-01-28 19:01 - 00002072 _____ C:\windows\setupact.log
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\windows\setuperr.log
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\windows\SysWOW64\GPhotos.scr
2013-12-31 00:20 - 2013-12-31 00:23 - 00000000 ____D C:\586c01a190c1e01a40
2013-12-29 21:21 - 2013-12-29 21:21 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-29 21:21 - 2013-12-29 21:21 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 21:21 - 2013-12-29 21:21 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 21:20 - 2013-12-29 21:21 - 03571656 _____ (Piriform Ltd) C:\Users\Sigrid\Downloads\ccsetup409_slim.exe
2013-12-29 21:14 - 2013-12-29 21:15 - 00000000 ____D C:\195853154a7dc3fe94fd
2013-12-29 21:11 - 2014-01-24 21:24 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
2014-01-28 20:28 - 2014-01-19 09:09 - 00020086 _____ C:\Users\Sigrid\Desktop\FRST.txt
2014-01-28 20:26 - 2014-01-20 15:19 - 00000000 ____D C:\Users\Sigrid\Desktop\FRST-OlderVersion
2014-01-28 20:26 - 2014-01-19 09:08 - 00000000 ____D C:\FRST
2014-01-28 20:26 - 2014-01-18 15:12 - 02079232 _____ (Farbar) C:\Users\Sigrid\Desktop\FRST64.exe
2014-01-28 20:24 - 2013-01-29 13:38 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 20:24 - 2012-11-30 17:57 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA.job
2014-01-28 20:24 - 2012-03-28 05:59 - 00001128 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA.job
2014-01-28 19:06 - 2011-05-03 19:08 - 00691246 _____ C:\windows\system32\perfh007.dat
2014-01-28 19:06 - 2011-05-03 19:08 - 00147306 _____ C:\windows\system32\perfc007.dat
2014-01-28 19:06 - 2009-07-14 06:13 - 01629372 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-28 19:06 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-28 19:06 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-28 19:01 - 2014-01-12 01:00 - 00002072 _____ C:\windows\setupact.log
2014-01-28 19:01 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-28 19:00 - 2014-01-28 19:00 - 00262144 _____ C:\windows\Minidump\012814-85862-01.dmp
2014-01-28 19:00 - 2014-01-24 21:18 - 599999195 _____ C:\windows\MEMORY.DMP
2014-01-28 19:00 - 2012-04-07 16:27 - 00000000 ____D C:\windows\Minidump
2014-01-28 18:15 - 2011-12-17 09:44 - 01149023 _____ C:\windows\WindowsUpdate.log
2014-01-28 18:04 - 2013-07-12 23:34 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2014-01-28 18:03 - 2011-10-01 20:34 - 00000000 ____D C:\Users\Sigrid\Documents\AASigrid-PRIVAT
2014-01-27 22:10 - 2012-03-28 05:59 - 00001076 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core.job
2014-01-27 22:08 - 2012-11-30 17:57 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core.job
2014-01-27 20:13 - 2013-01-09 20:16 - 00000000 ____D C:\Users\Sigrid\Documents\A_RU
2014-01-27 17:19 - 2014-01-19 16:04 - 00002984 _____ C:\windows\PFRO.log
2014-01-27 17:17 - 2014-01-27 11:06 - 00181064 _____ (Sysinternals) C:\windows\PSEXESVC.EXE
2014-01-27 17:16 - 2009-07-14 03:34 - 00000514 _____ C:\windows\win.ini
2014-01-27 11:00 - 2014-01-27 11:00 - 00000207 _____ C:\windows\tweaking.com-regbackup-SIGRID-HP-Microsoft-Windows-7-Professional-(64-bit).dat
2014-01-27 10:59 - 2014-01-27 10:59 - 00000000 ____D C:\RegBackup
2014-01-27 10:12 - 2014-01-27 10:12 - 00000000 ____D C:\Users\Sigrid\Downloads\tweaking.com_windows_repair_aio
2014-01-27 10:12 - 2014-01-27 10:12 - 00000000 ____D C:\Users\Sigrid\Desktop\Tweaking.com - Windows Repair
2014-01-27 10:00 - 2014-01-27 10:00 - 00000000 ____D C:\Users\Sigrid\Documents\tweaking.com_windows_repair_aio-3
2014-01-27 09:56 - 2014-01-27 09:56 - 02903255 _____ C:\Users\Sigrid\Downloads\tweaking.com_windows_repair_aio.zip
2014-01-27 09:54 - 2014-01-27 09:54 - 00000000 ____D C:\Users\Sigrid\Documents\tweaking.com_windows_repair_aio-2
2014-01-27 09:29 - 2014-01-27 09:29 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Macromedia
2014-01-27 09:27 - 2014-01-27 09:27 - 00001107 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\ProgramData\Mozilla
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-27 09:27 - 2011-09-18 19:47 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Mozilla
2014-01-27 08:53 - 2014-01-27 08:53 - 00262144 _____ C:\windows\Minidump\012714-26566-01.dmp
2014-01-26 17:16 - 2011-12-30 20:09 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForSigrid
2014-01-26 17:16 - 2011-12-30 20:09 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForSigrid.job
2014-01-26 15:03 - 2014-01-26 15:03 - 00262144 _____ C:\windows\Minidump\012614-24351-01.dmp
2014-01-26 14:13 - 2014-01-26 14:13 - 00262144 _____ C:\windows\Minidump\012614-25584-01.dmp
2014-01-24 22:47 - 2013-01-29 13:37 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-01-24 22:47 - 2011-09-18 21:07 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-24 22:46 - 2014-01-24 22:45 - 17738632 _____ (Adobe Systems Incorporated) C:\Users\Sigrid\Downloads\flashplayer_12_ax_debug.exe
2014-01-24 22:39 - 2014-01-24 22:39 - 00262144 _____ C:\windows\Minidump\012414-25552-01.dmp
2014-01-24 21:44 - 2013-01-23 22:23 - 00000000 ____D C:\Users\Sigrid\Documents\AA_Firmung
2014-01-24 21:26 - 2014-01-24 21:26 - 00262144 _____ C:\windows\Minidump\012414-50185-01.dmp
2014-01-24 21:24 - 2013-12-29 21:11 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Adobe
2014-01-24 21:24 - 2013-01-29 13:38 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-01-24 21:18 - 2014-01-24 21:18 - 00262144 _____ C:\windows\Minidump\012414-31090-01.dmp
2014-01-24 16:33 - 2011-10-12 14:36 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-24 16:21 - 2012-03-27 13:31 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Deployment
2014-01-24 16:21 - 2012-03-27 13:31 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Apps\2.0
2014-01-24 16:04 - 2014-01-24 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sigrid\Downloads\revosetup95.exe
2014-01-24 16:04 - 2014-01-24 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sigrid\Downloads\revosetup95 (1).exe
2014-01-24 16:04 - 2014-01-24 16:04 - 00001224 _____ C:\Users\Sigrid\Desktop\Revo Uninstaller.lnk
2014-01-24 16:04 - 2014-01-24 16:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2014-01-24 16:02 - 2014-01-24 16:02 - 00008653 _____ C:\Users\Sigrid\Desktop\bookmarks_24.01.14.html
2014-01-23 21:29 - 2012-06-25 19:30 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Windows Live
2014-01-23 21:13 - 2014-01-23 21:13 - 00000000 ____D C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-22 15:36 - 2014-01-22 15:35 - 10339208 _____ (Adobe Systems, Inc.) C:\Users\Sigrid\Downloads\flashplayer_12_sa.exe
2014-01-21 21:25 - 2014-01-21 21:25 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (3).exe
2014-01-21 21:03 - 2014-01-21 21:03 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (2).exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Downloads\SecurityCheck.exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Desktop\SecurityCheck.exe
2014-01-21 16:18 - 2014-01-21 16:18 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (1).exe
2014-01-21 15:55 - 2014-01-21 15:54 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu.exe
2014-01-20 23:41 - 2014-01-20 23:41 - 00000000 ____D C:\Users\Sigrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-20 18:14 - 2014-01-20 18:14 - 00002904 _____ C:\Users\Sigrid\Desktop\JRT.txt
2014-01-20 18:09 - 2014-01-20 18:09 - 00000000 ____D C:\windows\ERUNT
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Downloads\JRT.exe
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Desktop\JRT.exe
2014-01-20 18:00 - 2014-01-20 17:52 - 00000000 ____D C:\AdwCleaner
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Downloads\adwcleaner.exe
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Desktop\adwcleaner.exe
2014-01-19 16:29 - 2012-10-28 22:25 - 00000000 ____D C:\Users\Sigrid\Desktop\Allerheiligen
2014-01-19 16:26 - 2011-05-03 18:49 - 01653526 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2014-01-19 16:17 - 2014-01-19 16:17 - 00029562 _____ C:\Users\Sigrid\Desktop\ComboFix.txt
2014-01-19 16:17 - 2014-01-19 15:51 - 00000000 ____D C:\Qoobox
2014-01-19 16:14 - 2011-09-18 23:24 - 00000000 ___RD C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 16:06 - 2009-07-14 03:34 - 00000252 _____ C:\windows\system.ini
2014-01-19 16:04 - 2009-07-14 03:34 - 96206848 _____ C:\windows\system32\config\SOFTWARE.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 24117248 _____ C:\windows\system32\config\SYSTEM.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00737280 _____ C:\windows\system32\config\DEFAULT.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00106496 _____ C:\windows\system32\config\SAM.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00024576 _____ C:\windows\system32\config\SECURITY.bak
2014-01-19 16:03 - 2013-02-11 10:46 - 00000000 ____D C:\windows\erdnt
2014-01-19 15:45 - 2014-01-19 15:45 - 05167985 ____R (Swearware) C:\Users\Sigrid\Desktop\ComboFix.exe
2014-01-19 15:45 - 2014-01-19 15:44 - 05167985 _____ (Swearware) C:\Users\Sigrid\Downloads\ComboFix.exe
2014-01-19 09:12 - 2014-01-19 09:11 - 00033941 _____ C:\Users\Sigrid\Desktop\Addition.txt
2014-01-18 23:33 - 2014-01-18 23:32 - 00005327 _____ C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 23:33 - 2013-10-21 09:10 - 00000000 ____D C:\ProgramData\Oracle
2014-01-18 23:33 - 2011-09-17 21:06 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-18 21:13 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2014-01-18 17:15 - 2014-01-18 17:15 - 00002177 _____ C:\Users\Sigrid\Desktop\HP Support Assistant.lnk
2014-01-18 17:15 - 2011-05-03 19:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-18 17:15 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2014-01-18 17:11 - 2011-05-03 19:12 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2014-01-18 17:10 - 2011-05-03 18:43 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-18 17:09 - 2014-01-18 17:09 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 17:07 - 2011-05-03 18:43 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2014-01-18 17:06 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2014-01-18 15:42 - 2014-01-18 15:42 - 00090936 _____ C:\Users\Sigrid\Documents\A1 Internetschutz_support_18012014_1541.zip
2014-01-18 15:42 - 2014-01-18 15:42 - 00090647 _____ C:\Users\Sigrid\Desktop\A1 Internetschutz_support_18012014_1542.zip
2014-01-18 15:33 - 2014-01-18 15:33 - 00008438 _____ C:\Users\Sigrid\Desktop\Gmer.txt
2014-01-18 15:19 - 2014-01-18 15:19 - 00370610 _____ C:\Users\Sigrid\Desktop\gmer_2.1.19323.zip
2014-01-18 15:17 - 2014-01-18 15:17 - 02076160 _____ (Farbar) C:\Users\Sigrid\Downloads\FRST64.exe
2014-01-18 15:04 - 2014-01-18 15:04 - 00000474 _____ C:\Users\Sigrid\Desktop\defogger_disable.log
2014-01-18 14:54 - 2014-01-18 14:54 - 00000474 _____ C:\Users\Sigrid\Downloads\defogger_disable.log
2014-01-18 14:47 - 2014-01-18 14:47 - 00050477 _____ C:\Users\Sigrid\Desktop\Defogger.exe
2014-01-18 11:30 - 2014-01-18 11:30 - 00322771 _____ C:\Users\Sigrid\AppData\Local\census.cache
2014-01-18 11:29 - 2014-01-18 11:29 - 00118007 _____ C:\Users\Sigrid\AppData\Local\ars.cache
2014-01-18 11:04 - 2014-01-18 11:04 - 00000036 _____ C:\Users\Sigrid\AppData\Local\housecall.guid.cache
2014-01-18 11:04 - 2014-01-18 11:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Sigrid\Downloads\HousecallLauncher64.exe
2014-01-18 10:33 - 2012-10-13 17:26 - 00002328 _____ C:\Users\Herzogs\Desktop\Google Chrome.lnk
2014-01-17 15:53 - 2011-10-08 00:07 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2014-01-17 15:52 - 2011-10-28 19:15 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-16 22:38 - 2011-09-27 16:28 - 00000432 _____ C:\windows\BRWMARK.INI
2014-01-16 20:48 - 2009-07-14 05:45 - 00440144 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-16 01:02 - 2011-09-27 16:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 00:59 - 2013-08-16 10:37 - 00000000 ____D C:\windows\system32\MRT
2014-01-16 00:57 - 2011-10-21 17:38 - 86054176 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-15 21:37 - 2011-09-22 19:50 - 00000000 ____D C:\Users\Sigrid\Documents\AA_Marco_Luca
2014-01-14 06:23 - 2014-01-14 06:23 - 00022918 _____ C:\Users\Herzogs\Downloads\Zusammenfassung laufende Buchungen.xlsx
2014-01-13 09:11 - 2014-01-13 09:11 - 00470043 _____ C:\Users\Sigrid\Downloads\Karte von Israel zur Zeit Jesu.zip
2014-01-13 08:19 - 2014-01-13 08:19 - 03381378 _____ C:\Users\Sigrid\Downloads\Israel-Video-small.wmv
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\windows\setuperr.log
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\windows\SysWOW64\GPhotos.scr
2014-01-02 11:02 - 2011-12-02 06:37 - 00003194 _____ C:\windows\System32\Tasks\HPCeeScheduleForHerzogs
2014-01-02 11:02 - 2011-12-02 06:37 - 00000340 _____ C:\windows\Tasks\HPCeeScheduleForHerzogs.job
2014-01-01 12:41 - 2009-07-14 06:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-12-31 00:23 - 2013-12-31 00:20 - 00000000 ____D C:\586c01a190c1e01a40
2013-12-29 23:43 - 2011-10-06 08:31 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForSIGRID-HP$
2013-12-29 23:43 - 2011-10-06 08:31 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForSIGRID-HP$.job
2013-12-29 22:40 - 2009-07-27 16:04 - 00000000 ____D C:\windows\Panther
2013-12-29 21:21 - 2013-12-29 21:21 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-29 21:21 - 2013-12-29 21:21 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 21:21 - 2013-12-29 21:21 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 21:21 - 2013-12-29 21:20 - 03571656 _____ (Piriform Ltd) C:\Users\Sigrid\Downloads\ccsetup409_slim.exe
2013-12-29 21:15 - 2013-12-29 21:14 - 00000000 ____D C:\195853154a7dc3fe94fd
Some content of TEMP:
====================
C:\Users\Sigrid\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 09:41
==================== End Of Log ============================
--- --- --- Hallo, habe das mehrfach rebooten überlesen... jetzt ein neuer frst FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Sigrid (administrator) on SIGRID-HP on 28-01-2014 21:06:16
Running from C:\Users\Sigrid\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPUsageTrack.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MfeEpePcMonitor] - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1424896 2012-11-14] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2996792 2011-07-15] (Hewlett-Packard Company)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-19] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IKARUS-GuardX] - C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe [5016824 2011-11-07] (IKARUS Security Software GmbH)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-27] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKCU\...\Run: [HP Photosmart 5510 series (NET) #2] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\Herzogs\...\Run: [OM_Monitor] - C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe
HKU\Herzogs\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\Herzogs\...\Run: [Google Update] - C:\Users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-28] (Google Inc.)
HKU\Herzogs\...\Run: [Exetender] - "C:\Program Files (x86)\FantastiGames\GPlayer.exe" /runonstartup
HKU\Herzogs\...\Run: [KiesHelper] - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
HKU\Herzogs\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\Herzogs\...\Run: [HP Photosmart 5510 series (NET) #2] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
Lsa: [Notification Packages] DPPassFilter scecli
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.google.at
FF NetworkProxy: "autoconfig_url", "hxxp://internetschutz.aon.at/webschutz/webschutz.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-06]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-03-09]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-22]
CHR Extension: (Google Drive) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-22]
CHR Extension: (YouTube) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-22]
CHR Extension: (Google-Suche) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-22]
CHR Extension: (Google Wallet) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
CHR Extension: (Google Mail) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-22]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-19] (Qualcomm Atheros Commnucations)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company)
R2 GuardX; C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe [1531280 2011-11-07] (IKARUS Security Software GmbH)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-19] (Atheros)
S2 SelfUpdateService; "C:\Program Files (x86)\Freetec\SystemStore\SelfUpdate.exe" -displayname "Self Update Service" -servicename "SelfUpdateService" [x]
==================== Drivers (Whitelisted) ====================
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-19] (Qualcomm Atheros)
S1 cdrbsdrv; C:\Windows\SysWow64\Drivers\cdrbsdrv.sys [32256 2005-05-10] (B.H.A Corporation)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 NTGUARD; C:\Program Files (x86)\A1 Internetschutz\bin\ntguard_x64.sys [36816 2011-11-07] (IKARUS Security Software GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
S3 ssceserd; C:\Windows\System32\DRIVERS\ssceserd.sys [129024 2010-12-21] (MCCI Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-28 19:00 - 2014-01-28 19:00 - 00262144 _____ C:\windows\Minidump\012814-85862-01.dmp
2014-01-27 11:06 - 2014-01-27 17:17 - 00181064 _____ (Sysinternals) C:\windows\PSEXESVC.EXE
2014-01-27 11:00 - 2014-01-27 11:00 - 00000207 _____ C:\windows\tweaking.com-regbackup-SIGRID-HP-Microsoft-Windows-7-Professional-(64-bit).dat
2014-01-27 10:59 - 2014-01-27 10:59 - 00000000 ____D C:\RegBackup
2014-01-27 10:12 - 2014-01-27 10:12 - 00000000 ____D C:\Users\Sigrid\Downloads\tweaking.com_windows_repair_aio
2014-01-27 10:12 - 2014-01-27 10:12 - 00000000 ____D C:\Users\Sigrid\Desktop\Tweaking.com - Windows Repair
2014-01-27 10:00 - 2014-01-27 10:00 - 00000000 ____D C:\Users\Sigrid\Documents\tweaking.com_windows_repair_aio-3
2014-01-27 09:56 - 2014-01-27 09:56 - 02903255 _____ C:\Users\Sigrid\Downloads\tweaking.com_windows_repair_aio.zip
2014-01-27 09:54 - 2014-01-27 09:54 - 00000000 ____D C:\Users\Sigrid\Documents\tweaking.com_windows_repair_aio-2
2014-01-27 09:29 - 2014-01-27 09:29 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Macromedia
2014-01-27 09:27 - 2014-01-27 09:27 - 00001107 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\ProgramData\Mozilla
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-27 08:53 - 2014-01-27 08:53 - 00262144 _____ C:\windows\Minidump\012714-26566-01.dmp
2014-01-26 15:03 - 2014-01-26 15:03 - 00262144 _____ C:\windows\Minidump\012614-24351-01.dmp
2014-01-26 14:13 - 2014-01-26 14:13 - 00262144 _____ C:\windows\Minidump\012614-25584-01.dmp
2014-01-24 22:45 - 2014-01-24 22:46 - 17738632 _____ (Adobe Systems Incorporated) C:\Users\Sigrid\Downloads\flashplayer_12_ax_debug.exe
2014-01-24 22:39 - 2014-01-24 22:39 - 00262144 _____ C:\windows\Minidump\012414-25552-01.dmp
2014-01-24 21:26 - 2014-01-24 21:26 - 00262144 _____ C:\windows\Minidump\012414-50185-01.dmp
2014-01-24 21:18 - 2014-01-28 19:00 - 599999195 _____ C:\windows\MEMORY.DMP
2014-01-24 21:18 - 2014-01-24 21:18 - 00262144 _____ C:\windows\Minidump\012414-31090-01.dmp
2014-01-24 16:04 - 2014-01-24 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sigrid\Downloads\revosetup95.exe
2014-01-24 16:04 - 2014-01-24 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sigrid\Downloads\revosetup95 (1).exe
2014-01-24 16:04 - 2014-01-24 16:04 - 00001224 _____ C:\Users\Sigrid\Desktop\Revo Uninstaller.lnk
2014-01-24 16:04 - 2014-01-24 16:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2014-01-24 16:02 - 2014-01-24 16:02 - 00008653 _____ C:\Users\Sigrid\Desktop\bookmarks_24.01.14.html
2014-01-23 21:13 - 2014-01-23 21:13 - 00000000 ____D C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-22 15:35 - 2014-01-22 15:36 - 10339208 _____ (Adobe Systems, Inc.) C:\Users\Sigrid\Downloads\flashplayer_12_sa.exe
2014-01-21 21:25 - 2014-01-21 21:25 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (3).exe
2014-01-21 21:03 - 2014-01-21 21:03 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (2).exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Downloads\SecurityCheck.exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Desktop\SecurityCheck.exe
2014-01-21 16:18 - 2014-01-21 16:18 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (1).exe
2014-01-21 15:54 - 2014-01-21 15:55 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu.exe
2014-01-20 23:41 - 2014-01-20 23:41 - 00000000 ____D C:\Users\Sigrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-20 18:14 - 2014-01-20 18:14 - 00002904 _____ C:\Users\Sigrid\Desktop\JRT.txt
2014-01-20 18:09 - 2014-01-20 18:09 - 00000000 ____D C:\windows\ERUNT
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Downloads\JRT.exe
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Desktop\JRT.exe
2014-01-20 17:52 - 2014-01-20 18:00 - 00000000 ____D C:\AdwCleaner
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Downloads\adwcleaner.exe
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Desktop\adwcleaner.exe
2014-01-20 15:19 - 2014-01-28 20:26 - 00000000 ____D C:\Users\Sigrid\Desktop\FRST-OlderVersion
2014-01-19 16:17 - 2014-01-19 16:17 - 00029562 _____ C:\Users\Sigrid\Desktop\ComboFix.txt
2014-01-19 16:04 - 2014-01-27 17:19 - 00002984 _____ C:\windows\PFRO.log
2014-01-19 15:51 - 2014-01-19 16:17 - 00000000 ____D C:\Qoobox
2014-01-19 15:51 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2014-01-19 15:51 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2014-01-19 15:51 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2014-01-19 15:45 - 2014-01-19 15:45 - 05167985 ____R (Swearware) C:\Users\Sigrid\Desktop\ComboFix.exe
2014-01-19 15:44 - 2014-01-19 15:45 - 05167985 _____ (Swearware) C:\Users\Sigrid\Downloads\ComboFix.exe
2014-01-19 09:11 - 2014-01-19 09:12 - 00033941 _____ C:\Users\Sigrid\Desktop\Addition.txt
2014-01-19 09:09 - 2014-01-28 21:06 - 00018914 _____ C:\Users\Sigrid\Desktop\FRST.txt
2014-01-19 09:08 - 2014-01-28 20:26 - 00000000 ____D C:\FRST
2014-01-18 23:33 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 23:33 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-01-18 23:33 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-01-18 23:33 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-01-18 23:32 - 2014-01-18 23:33 - 00005327 _____ C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 17:15 - 2014-01-18 17:15 - 00002177 _____ C:\Users\Sigrid\Desktop\HP Support Assistant.lnk
2014-01-18 17:09 - 2014-01-18 17:09 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 15:42 - 2014-01-18 15:42 - 00090936 _____ C:\Users\Sigrid\Documents\A1 Internetschutz_support_18012014_1541.zip
2014-01-18 15:42 - 2014-01-18 15:42 - 00090647 _____ C:\Users\Sigrid\Desktop\A1 Internetschutz_support_18012014_1542.zip
2014-01-18 15:33 - 2014-01-18 15:33 - 00008438 _____ C:\Users\Sigrid\Desktop\Gmer.txt
2014-01-18 15:19 - 2014-01-18 15:19 - 00370610 _____ C:\Users\Sigrid\Desktop\gmer_2.1.19323.zip
2014-01-18 15:17 - 2014-01-18 15:17 - 02076160 _____ (Farbar) C:\Users\Sigrid\Downloads\FRST64.exe
2014-01-18 15:12 - 2014-01-28 20:26 - 02079232 _____ (Farbar) C:\Users\Sigrid\Desktop\FRST64.exe
2014-01-18 15:04 - 2014-01-18 15:04 - 00000474 _____ C:\Users\Sigrid\Desktop\defogger_disable.log
2014-01-18 14:54 - 2014-01-18 14:54 - 00000474 _____ C:\Users\Sigrid\Downloads\defogger_disable.log
2014-01-18 14:47 - 2014-01-18 14:47 - 00050477 _____ C:\Users\Sigrid\Desktop\Defogger.exe
2014-01-18 11:30 - 2014-01-18 11:30 - 00322771 _____ C:\Users\Sigrid\AppData\Local\census.cache
2014-01-18 11:29 - 2014-01-18 11:29 - 00118007 _____ C:\Users\Sigrid\AppData\Local\ars.cache
2014-01-18 11:04 - 2014-01-18 11:04 - 00000036 _____ C:\Users\Sigrid\AppData\Local\housecall.guid.cache
2014-01-18 11:03 - 2014-01-18 11:04 - 02405664 _____ (Trend Micro Inc.) C:\Users\Sigrid\Downloads\HousecallLauncher64.exe
2014-01-15 14:08 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 14:08 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 14:08 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-14 06:23 - 2014-01-14 06:23 - 00022918 _____ C:\Users\Herzogs\Downloads\Zusammenfassung laufende Buchungen.xlsx
2014-01-13 09:11 - 2014-01-13 09:11 - 00470043 _____ C:\Users\Sigrid\Downloads\Karte von Israel zur Zeit Jesu.zip
2014-01-13 08:19 - 2014-01-13 08:19 - 03381378 _____ C:\Users\Sigrid\Downloads\Israel-Video-small.wmv
2014-01-12 01:00 - 2014-01-28 20:55 - 00002352 _____ C:\windows\setupact.log
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\windows\setuperr.log
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\windows\SysWOW64\GPhotos.scr
2013-12-31 00:20 - 2013-12-31 00:23 - 00000000 ____D C:\586c01a190c1e01a40
2013-12-29 21:21 - 2013-12-29 21:21 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-29 21:21 - 2013-12-29 21:21 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 21:21 - 2013-12-29 21:21 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 21:20 - 2013-12-29 21:21 - 03571656 _____ (Piriform Ltd) C:\Users\Sigrid\Downloads\ccsetup409_slim.exe
2013-12-29 21:14 - 2013-12-29 21:15 - 00000000 ____D C:\195853154a7dc3fe94fd
2013-12-29 21:11 - 2014-01-24 21:24 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Adobe
==================== One Month Modified Files and Folders =======
2014-01-28 21:06 - 2014-01-19 09:09 - 00018914 _____ C:\Users\Sigrid\Desktop\FRST.txt
2014-01-28 21:01 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-28 21:01 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-28 21:00 - 2011-05-03 19:08 - 00691246 _____ C:\windows\system32\perfh007.dat
2014-01-28 21:00 - 2011-05-03 19:08 - 00147306 _____ C:\windows\system32\perfc007.dat
2014-01-28 21:00 - 2009-07-14 06:13 - 01629372 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-28 20:55 - 2014-01-12 01:00 - 00002352 _____ C:\windows\setupact.log
2014-01-28 20:55 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-28 20:36 - 2011-12-17 09:44 - 01155377 _____ C:\windows\WindowsUpdate.log
2014-01-28 20:30 - 2013-01-29 13:38 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 20:26 - 2014-01-20 15:19 - 00000000 ____D C:\Users\Sigrid\Desktop\FRST-OlderVersion
2014-01-28 20:26 - 2014-01-19 09:08 - 00000000 ____D C:\FRST
2014-01-28 20:26 - 2014-01-18 15:12 - 02079232 _____ (Farbar) C:\Users\Sigrid\Desktop\FRST64.exe
2014-01-28 20:24 - 2012-11-30 17:57 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA.job
2014-01-28 20:24 - 2012-03-28 05:59 - 00001128 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA.job
2014-01-28 19:00 - 2014-01-28 19:00 - 00262144 _____ C:\windows\Minidump\012814-85862-01.dmp
2014-01-28 19:00 - 2014-01-24 21:18 - 599999195 _____ C:\windows\MEMORY.DMP
2014-01-28 19:00 - 2012-04-07 16:27 - 00000000 ____D C:\windows\Minidump
2014-01-28 18:04 - 2013-07-12 23:34 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2014-01-28 18:03 - 2011-10-01 20:34 - 00000000 ____D C:\Users\Sigrid\Documents\AASigrid-PRIVAT
2014-01-27 22:10 - 2012-03-28 05:59 - 00001076 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core.job
2014-01-27 22:08 - 2012-11-30 17:57 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core.job
2014-01-27 20:13 - 2013-01-09 20:16 - 00000000 ____D C:\Users\Sigrid\Documents\A_RU
2014-01-27 17:19 - 2014-01-19 16:04 - 00002984 _____ C:\windows\PFRO.log
2014-01-27 17:17 - 2014-01-27 11:06 - 00181064 _____ (Sysinternals) C:\windows\PSEXESVC.EXE
2014-01-27 17:16 - 2009-07-14 03:34 - 00000514 _____ C:\windows\win.ini
2014-01-27 11:00 - 2014-01-27 11:00 - 00000207 _____ C:\windows\tweaking.com-regbackup-SIGRID-HP-Microsoft-Windows-7-Professional-(64-bit).dat
2014-01-27 10:59 - 2014-01-27 10:59 - 00000000 ____D C:\RegBackup
2014-01-27 10:12 - 2014-01-27 10:12 - 00000000 ____D C:\Users\Sigrid\Downloads\tweaking.com_windows_repair_aio
2014-01-27 10:12 - 2014-01-27 10:12 - 00000000 ____D C:\Users\Sigrid\Desktop\Tweaking.com - Windows Repair
2014-01-27 10:00 - 2014-01-27 10:00 - 00000000 ____D C:\Users\Sigrid\Documents\tweaking.com_windows_repair_aio-3
2014-01-27 09:56 - 2014-01-27 09:56 - 02903255 _____ C:\Users\Sigrid\Downloads\tweaking.com_windows_repair_aio.zip
2014-01-27 09:54 - 2014-01-27 09:54 - 00000000 ____D C:\Users\Sigrid\Documents\tweaking.com_windows_repair_aio-2
2014-01-27 09:29 - 2014-01-27 09:29 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Macromedia
2014-01-27 09:27 - 2014-01-27 09:27 - 00001107 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\ProgramData\Mozilla
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-27 09:27 - 2014-01-27 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-27 09:27 - 2011-09-18 19:47 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Mozilla
2014-01-27 08:53 - 2014-01-27 08:53 - 00262144 _____ C:\windows\Minidump\012714-26566-01.dmp
2014-01-26 17:16 - 2011-12-30 20:09 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForSigrid
2014-01-26 17:16 - 2011-12-30 20:09 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForSigrid.job
2014-01-26 15:03 - 2014-01-26 15:03 - 00262144 _____ C:\windows\Minidump\012614-24351-01.dmp
2014-01-26 14:13 - 2014-01-26 14:13 - 00262144 _____ C:\windows\Minidump\012614-25584-01.dmp
2014-01-24 22:47 - 2013-01-29 13:37 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-01-24 22:47 - 2011-09-18 21:07 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-24 22:46 - 2014-01-24 22:45 - 17738632 _____ (Adobe Systems Incorporated) C:\Users\Sigrid\Downloads\flashplayer_12_ax_debug.exe
2014-01-24 22:39 - 2014-01-24 22:39 - 00262144 _____ C:\windows\Minidump\012414-25552-01.dmp
2014-01-24 21:44 - 2013-01-23 22:23 - 00000000 ____D C:\Users\Sigrid\Documents\AA_Firmung
2014-01-24 21:26 - 2014-01-24 21:26 - 00262144 _____ C:\windows\Minidump\012414-50185-01.dmp
2014-01-24 21:24 - 2013-12-29 21:11 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Adobe
2014-01-24 21:24 - 2013-01-29 13:38 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-01-24 21:18 - 2014-01-24 21:18 - 00262144 _____ C:\windows\Minidump\012414-31090-01.dmp
2014-01-24 16:33 - 2011-10-12 14:36 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-24 16:21 - 2012-03-27 13:31 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Deployment
2014-01-24 16:21 - 2012-03-27 13:31 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Apps\2.0
2014-01-24 16:04 - 2014-01-24 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sigrid\Downloads\revosetup95.exe
2014-01-24 16:04 - 2014-01-24 16:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Sigrid\Downloads\revosetup95 (1).exe
2014-01-24 16:04 - 2014-01-24 16:04 - 00001224 _____ C:\Users\Sigrid\Desktop\Revo Uninstaller.lnk
2014-01-24 16:04 - 2014-01-24 16:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2014-01-24 16:02 - 2014-01-24 16:02 - 00008653 _____ C:\Users\Sigrid\Desktop\bookmarks_24.01.14.html
2014-01-23 21:29 - 2012-06-25 19:30 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Windows Live
2014-01-23 21:13 - 2014-01-23 21:13 - 00000000 ____D C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-22 15:36 - 2014-01-22 15:35 - 10339208 _____ (Adobe Systems, Inc.) C:\Users\Sigrid\Downloads\flashplayer_12_sa.exe
2014-01-21 21:25 - 2014-01-21 21:25 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (3).exe
2014-01-21 21:03 - 2014-01-21 21:03 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (2).exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Downloads\SecurityCheck.exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Desktop\SecurityCheck.exe
2014-01-21 16:18 - 2014-01-21 16:18 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (1).exe
2014-01-21 15:55 - 2014-01-21 15:54 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu.exe
2014-01-20 23:41 - 2014-01-20 23:41 - 00000000 ____D C:\Users\Sigrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-20 18:14 - 2014-01-20 18:14 - 00002904 _____ C:\Users\Sigrid\Desktop\JRT.txt
2014-01-20 18:09 - 2014-01-20 18:09 - 00000000 ____D C:\windows\ERUNT
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Downloads\JRT.exe
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Desktop\JRT.exe
2014-01-20 18:00 - 2014-01-20 17:52 - 00000000 ____D C:\AdwCleaner
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Downloads\adwcleaner.exe
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Desktop\adwcleaner.exe
2014-01-19 16:29 - 2012-10-28 22:25 - 00000000 ____D C:\Users\Sigrid\Desktop\Allerheiligen
2014-01-19 16:26 - 2011-05-03 18:49 - 01653526 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2014-01-19 16:17 - 2014-01-19 16:17 - 00029562 _____ C:\Users\Sigrid\Desktop\ComboFix.txt
2014-01-19 16:17 - 2014-01-19 15:51 - 00000000 ____D C:\Qoobox
2014-01-19 16:14 - 2011-09-18 23:24 - 00000000 ___RD C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 16:06 - 2009-07-14 03:34 - 00000252 _____ C:\windows\system.ini
2014-01-19 16:04 - 2009-07-14 03:34 - 96206848 _____ C:\windows\system32\config\SOFTWARE.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 24117248 _____ C:\windows\system32\config\SYSTEM.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00737280 _____ C:\windows\system32\config\DEFAULT.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00106496 _____ C:\windows\system32\config\SAM.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00024576 _____ C:\windows\system32\config\SECURITY.bak
2014-01-19 16:03 - 2013-02-11 10:46 - 00000000 ____D C:\windows\erdnt
2014-01-19 15:45 - 2014-01-19 15:45 - 05167985 ____R (Swearware) C:\Users\Sigrid\Desktop\ComboFix.exe
2014-01-19 15:45 - 2014-01-19 15:44 - 05167985 _____ (Swearware) C:\Users\Sigrid\Downloads\ComboFix.exe
2014-01-19 09:12 - 2014-01-19 09:11 - 00033941 _____ C:\Users\Sigrid\Desktop\Addition.txt
2014-01-18 23:33 - 2014-01-18 23:32 - 00005327 _____ C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 23:33 - 2013-10-21 09:10 - 00000000 ____D C:\ProgramData\Oracle
2014-01-18 23:33 - 2011-09-17 21:06 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-18 21:13 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2014-01-18 17:15 - 2014-01-18 17:15 - 00002177 _____ C:\Users\Sigrid\Desktop\HP Support Assistant.lnk
2014-01-18 17:15 - 2011-05-03 19:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-18 17:15 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2014-01-18 17:11 - 2011-05-03 19:12 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2014-01-18 17:10 - 2011-05-03 18:43 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-18 17:09 - 2014-01-18 17:09 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 17:07 - 2011-05-03 18:43 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2014-01-18 17:06 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2014-01-18 15:42 - 2014-01-18 15:42 - 00090936 _____ C:\Users\Sigrid\Documents\A1 Internetschutz_support_18012014_1541.zip
2014-01-18 15:42 - 2014-01-18 15:42 - 00090647 _____ C:\Users\Sigrid\Desktop\A1 Internetschutz_support_18012014_1542.zip
2014-01-18 15:33 - 2014-01-18 15:33 - 00008438 _____ C:\Users\Sigrid\Desktop\Gmer.txt
2014-01-18 15:19 - 2014-01-18 15:19 - 00370610 _____ C:\Users\Sigrid\Desktop\gmer_2.1.19323.zip
2014-01-18 15:17 - 2014-01-18 15:17 - 02076160 _____ (Farbar) C:\Users\Sigrid\Downloads\FRST64.exe
2014-01-18 15:04 - 2014-01-18 15:04 - 00000474 _____ C:\Users\Sigrid\Desktop\defogger_disable.log
2014-01-18 14:54 - 2014-01-18 14:54 - 00000474 _____ C:\Users\Sigrid\Downloads\defogger_disable.log
2014-01-18 14:47 - 2014-01-18 14:47 - 00050477 _____ C:\Users\Sigrid\Desktop\Defogger.exe
2014-01-18 11:30 - 2014-01-18 11:30 - 00322771 _____ C:\Users\Sigrid\AppData\Local\census.cache
2014-01-18 11:29 - 2014-01-18 11:29 - 00118007 _____ C:\Users\Sigrid\AppData\Local\ars.cache
2014-01-18 11:04 - 2014-01-18 11:04 - 00000036 _____ C:\Users\Sigrid\AppData\Local\housecall.guid.cache
2014-01-18 11:04 - 2014-01-18 11:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Sigrid\Downloads\HousecallLauncher64.exe
2014-01-18 10:33 - 2012-10-13 17:26 - 00002328 _____ C:\Users\Herzogs\Desktop\Google Chrome.lnk
2014-01-17 15:53 - 2011-10-08 00:07 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2014-01-17 15:52 - 2011-10-28 19:15 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-16 22:38 - 2011-09-27 16:28 - 00000432 _____ C:\windows\BRWMARK.INI
2014-01-16 20:48 - 2009-07-14 05:45 - 00440144 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-16 01:02 - 2011-09-27 16:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 00:59 - 2013-08-16 10:37 - 00000000 ____D C:\windows\system32\MRT
2014-01-16 00:57 - 2011-10-21 17:38 - 86054176 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-15 21:37 - 2011-09-22 19:50 - 00000000 ____D C:\Users\Sigrid\Documents\AA_Marco_Luca
2014-01-14 06:23 - 2014-01-14 06:23 - 00022918 _____ C:\Users\Herzogs\Downloads\Zusammenfassung laufende Buchungen.xlsx
2014-01-13 09:11 - 2014-01-13 09:11 - 00470043 _____ C:\Users\Sigrid\Downloads\Karte von Israel zur Zeit Jesu.zip
2014-01-13 08:19 - 2014-01-13 08:19 - 03381378 _____ C:\Users\Sigrid\Downloads\Israel-Video-small.wmv
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\windows\setuperr.log
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\windows\SysWOW64\GPhotos.scr
2014-01-02 11:02 - 2011-12-02 06:37 - 00003194 _____ C:\windows\System32\Tasks\HPCeeScheduleForHerzogs
2014-01-02 11:02 - 2011-12-02 06:37 - 00000340 _____ C:\windows\Tasks\HPCeeScheduleForHerzogs.job
2014-01-01 12:41 - 2009-07-14 06:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-12-31 00:23 - 2013-12-31 00:20 - 00000000 ____D C:\586c01a190c1e01a40
2013-12-29 23:43 - 2011-10-06 08:31 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForSIGRID-HP$
2013-12-29 23:43 - 2011-10-06 08:31 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForSIGRID-HP$.job
2013-12-29 22:40 - 2009-07-27 16:04 - 00000000 ____D C:\windows\Panther
2013-12-29 21:21 - 2013-12-29 21:21 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-29 21:21 - 2013-12-29 21:21 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 21:21 - 2013-12-29 21:21 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 21:21 - 2013-12-29 21:20 - 03571656 _____ (Piriform Ltd) C:\Users\Sigrid\Downloads\ccsetup409_slim.exe
2013-12-29 21:15 - 2013-12-29 21:14 - 00000000 ____D C:\195853154a7dc3fe94fd
Some content of TEMP:
====================
C:\Users\Sigrid\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 09:41
==================== End Of Log ============================
--- --- --- Freu mich aufs aufräumen...lapi ist extrem langsam beim start.... ich hab auch manches von dir vorgeschlagene programm irrtümlich zweimal gedownloadet, weil ja mein schreiben im www nicht richtig funktionierte...aber du siehst das bestimmt und berücksichtigst das beim aufräumen  danke schon mal und lg sigrid |
|
29.01.2014, 12:22
| #21 |
| /// the machine /// TB-Ausbilder | Schreiben im Internet unmöglich Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ --> Schreiben im Internet unmöglich |
|
29.01.2014, 19:07
| #22 |
| | Schreiben im Internet unmöglich Hallo, hab alles entfernt secunia und Malwarebytes hatte ich schon, jetzt hab ich mir noch winpatrol von deiner vorgeschlagenen seite runtergeladen, da hat mein antivirus programm gleich reagiert - ist das normal oder passt da was nicht? virusbeschreibung: Datum/Zeit: 29.01.2014 19:01:30 Dateiname: WinPatrol.exe Ursprungspfad: c:\Program Files (x86)\BillP Studios\WinPatrol\ Dateigröße: 419,06 KB Virusname: Trojan.Win32.Tobfy Empfehlung: Speichern + Löschen SignaturId: 2467494 soll ich winpatrol wieder deinstallieren? lg |
|
30.01.2014, 16:13
| #23 |
| /// the machine /// TB-Ausbilder | Schreiben im Internet unmöglich Fehlalarm
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.01.2014, 20:30
| #24 |
| | Schreiben im Internet unmöglich Gut, dann dürfte mein lapi wieder voll einsatzfähig sein - zumindest läuft alles rund, keine aufhänger, keine ruckler und der start geht auch blitzschnell! Danke vielmals. Ihr seid echt spitze!!!  |
|
31.01.2014, 16:16
| #25 |
| /// the machine /// TB-Ausbilder | Schreiben im Internet unmöglich Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Schreiben im Internet unmöglich |
| 4d36e972-e325-11ce-bfc1-08002be10318, autostart, browser, dateien, e-mail, einstellung, explorer, google, harddisk, hp probook, internet, laptop, logfile, malwarebytes, ntdll.dll, ntoskrnl.exe, problem, registry, schutz, seite, spoolsv.exe, svchost.exe, system32, tastatur, temp, tunnel, update, virus, windows |
Linear-Darstellung
