Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Schreiben im Internet unmöglich

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 18.01.2014, 16:12   #1
sima
 
Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Hallo,
ich habe folgendes Problem:
Meine Tastatur funktioniert einwandfrei, kann überall (word, e-mail, picasa,...) damit arbeiten, doch sobald ich über meinen Browser ins Internet gehe (google chrome), geht fast gar nichts mehr. (Beim IE ist es übrigens dasselbe!!) Ich kann soviele Tasten wie ich will drücken, es wird höchstens die erste angenommen oder besser gesagt: angezeigt (und das auch nicht immer????). Sobald ich aber dann den Vollbildmodus ein- oder ausschalte, sehe ich auf der verkleinerten- bzw. vergrößerten Seite meine zuvor gedrückten Tasten. Ich muss also immer blind schreiben, dann den Vollbildmodus ein- oder ausschalten, dann sehe ich das Geschriebene. Gleiches gilt für Befehle: scrallen, dann Vollbildmodus ein-oder aus, erst dann sehe ich die Seite weiter unten....oder neuer Tab, Eingabefunktion.....usw. immer das Gleiche! Ich bin am verzweifeln.
Und wenn ich zu unserem zweiten Benutzer wechsle, funktioniert es dort einwandfrei.

Kann das ein Virus oder so sein, oder liegt das an irgendeiner Interneteinstellung, die nur ein Benutzer gespeichert hat - zu allem Übel ist genau die Benutzerseite des Systemadministrators davon betroffen.

Einige Infos noch:
Ich habe einen Laptop, HP Probook 4530, Windows 7 Professional, 64 Bit

Virusscan A1- Internetschutz ergab keinen Befall, erst als ich FRST gedownloadet habe, gabs Probleme, sodass ich den Test noch nicht durchgeführt haben.

Scan mit Malwarebytes ergab nichts.
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Sigrid :: SIGRID-HP [Administrator]

18.01.2014 10:05:55
mbam-log-2014-01-18 (10-05-55).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 246090
Laufzeit: 15 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Defogger Logfile
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:04 on 18/01/2014 (Sigrid)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Gmer Logfile
Code:
ATTFilter
GMER 2.1.19322 - hxxp://www.gmer.net
Rootkit scan 2014-01-18 15:33:48
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.JF3O 465,76GB
Running: gmer.exe; Driver: C:\Users\Sigrid\AppData\Local\Temp\pwdcrpob.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                           fffff800035fa000 64 bytes [00, 00, 9D, 00, 46, 4D, 73, ...]
INITKDBG  C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594                                                                           fffff800035fa042 4 bytes [00, 00, 00, 00]

---- User code sections - GMER 2.1 ----

.text     C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe[2464] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35                                      00000000711d11a8 2 bytes [1D, 71]
.text     C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe[2464] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21                                00000000711d13a8 2 bytes [1D, 71]
.text     C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe[2464] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21                                    00000000711d1422 2 bytes [1D, 71]
.text     C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe[2464] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19                             00000000711d1498 2 bytes [1D, 71]
.text     C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe[2464] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 195                  0000000070f21b41 2 bytes [F2, 70]
.text     C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe[2464] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 362                  0000000070f21be8 2 bytes [F2, 70]
.text     C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe[2464] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 418                  0000000070f21c20 2 bytes [F2, 70]
.text     C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe[2464] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 596                  0000000070f21cd2 2 bytes [F2, 70]
.text     C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe[2464] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 628                  0000000070f21cf2 2 bytes [F2, 70]
.text     C:\Program Files (x86)\Secunia\PSI\sua.exe[3480] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                     0000000074ef1465 2 bytes [EF, 74]
.text     C:\Program Files (x86)\Secunia\PSI\sua.exe[3480] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                    0000000074ef14bb 2 bytes [EF, 74]
.text     ...                                                                                                                                          * 2
.text     C:\Users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe[6316] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                   0000000074ef1465 2 bytes [EF, 74]
.text     C:\Users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe[6316] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                  0000000074ef14bb 2 bytes [EF, 74]
.text     ...                                                                                                                                          * 2

---- Threads - GMER 2.1 ----

Thread    C:\windows\System32\spoolsv.exe [1772:3516]                                                                                                  000007fef1d210c8
Thread    C:\windows\System32\spoolsv.exe [1772:3524]                                                                                                  000007fef1ce6144
Thread    C:\windows\System32\spoolsv.exe [1772:3528]                                                                                                  000007fef8005fd0
Thread    C:\windows\System32\spoolsv.exe [1772:3532]                                                                                                  000007fef7ff3438
Thread    C:\windows\System32\spoolsv.exe [1772:3536]                                                                                                  000007fef80063ec
Thread    C:\windows\System32\spoolsv.exe [1772:3540]                                                                                                  000007fef7ff3438
Thread    C:\windows\System32\spoolsv.exe [1772:3544]                                                                                                  000007fef80063ec
Thread    C:\windows\System32\svchost.exe [2492:3260]                                                                                                  000007fef69e9688
Thread    C:\windows\SysWOW64\ntdll.dll [4260:4264]                                                                                                    000000000083ec1e
Thread    C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [456:5924]                                                           000007fef5e4b6cc
Thread    C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [456:5900]                                                           000007fef5d0b62c
Thread    C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [456:5936]                                                           000007fef5d0b62c

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{44BC97F3-0F96-4A25-95AD-039854B2F059}\Connection@Name  isatap.{D5645DFD-AE94-4BB6-AB76-FB06B0D50988}
Reg       HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind     \Device\{8721B58E-AFE7-4CF9-9659-9D1C0FC2FA43}?\Device\{44BC97F3-0F96-4A25-95AD-039854B2F059}?\Device\{880C003C-C3FC-4AAF-8041-003922F8D199}?
Reg       HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route    "{8721B58E-AFE7-4CF9-9659-9D1C0FC2FA43}"?"{44BC97F3-0F96-4A25-95AD-039854B2F059}"?"{880C003C-C3FC-4AAF-8041-003922F8D199}"?
Reg       HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export   \Device\TCPIP6TUNNEL_{8721B58E-AFE7-4CF9-9659-9D1C0FC2FA43}?\Device\TCPIP6TUNNEL_{44BC97F3-0F96-4A25-95AD-039854B2F059}?\Device\TCPIP6TUNNEL_{880C003C-C3FC-4AAF-8041-003922F8D199}?
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b026a86                                                                  
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b026a86@b05ce5fff74a                                                     0x6C 0x73 0x40 0xF4 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b026a86@60a10afb72b3                                                     0xF9 0xCC 0x30 0x9B ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74de2b026a86@fca13e71b581                                                     0xDA 0x36 0x03 0x54 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{44BC97F3-0F96-4A25-95AD-039854B2F059}@InterfaceName                       isatap.{D5645DFD-AE94-4BB6-AB76-FB06B0D50988}
Reg       HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{44BC97F3-0F96-4A25-95AD-039854B2F059}@ReusableType                        0
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b026a86 (not active ControlSet)                                              
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b026a86@b05ce5fff74a                                                         0x6C 0x73 0x40 0xF4 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b026a86@60a10afb72b3                                                         0xF9 0xCC 0x30 0x9B ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74de2b026a86@fca13e71b581                                                         0xDA 0x36 0x03 0x54 ...

---- EOF - GMER 2.1 ----
         
So, nun hoffe ich auf baldige Antwort und dass es nur ein kleines, leicht lösbares Problem ist.
Lg
Sima

Alt 18.01.2014, 16:52   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Hi,

was für Probleme macht FRST?
__________________

__________________

Alt 19.01.2014, 09:22   #3
sima
 
Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Beim download FRST64bit kam viruswarnung und jetzt geht das öffnen nicht mehr.

Was mir noch aufgefallen ist, dass es jetzt auch beim zweiten Benutzer losgeht. Bestimmte Tasten greifen nicht mehr und beim Wechsel auf Vollbild hab ich manche Teile des Bildschirmes doppelt. Ich glaube bald geht gar nichts mehr im Internet.

Soll ich beim downloaden von FRST irgendetwas beachten (virenschutz ausschalten?) oder gibt es eine alternative dazu?

lg

Heute morgen ging FRST problemlos, ich habe aber gar nichts gemacht??????

Hier die beiden txt-files:

FRST.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by Sigrid (administrator) on SIGRID-HP on 19-01-2014 09:09:26
Running from C:\Users\Sigrid\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MfeEpePcMonitor] - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1424896 2012-11-14] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2996792 2011-07-15] (Hewlett-Packard Company)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-19] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-19] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IKARUS-GuardX] - C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe [5016824 2011-11-07] (IKARUS Security Software GmbH)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-27] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKCU\...\Run: [HP Photosmart 5510 series (NET) #2] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKCU\...\Run: [Google Update] - C:\Users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-30] (Google Inc.)
HKU\Herzogs\...\Run: [OM_Monitor] - C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe
HKU\Herzogs\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\Herzogs\...\Run: [Google Update] - C:\Users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-28] (Google Inc.)
HKU\Herzogs\...\Run: [Exetender] - "C:\Program Files (x86)\FantastiGames\GPlayer.exe" /runonstartup
HKU\Herzogs\...\Run: [KiesHelper] - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
HKU\Herzogs\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\Herzogs\...\Run: [HP Photosmart 5510 series (NET) #2] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli
Startup: C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = 
SearchScopes: HKCU - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default
FF Homepage: hxxp://www.arccosine.com/
FF NetworkProxy: "autoconfig_url", "hxxp://internetschutz.aon.at/webschutz/webschutz.pac"
FF NetworkProxy: "type", 2
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Adblock Plus - C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-06]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-03-09]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []

Chrome: 
=======
CHR HomePage: hxxp://www.google.at/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Update) - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\foffipojfhllopobhnlcejcmhjhdgapl [2013-03-19]
CHR Extension: (Google Wallet) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR StartMenuInternet: Google Chrome - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-19] (Qualcomm Atheros Commnucations)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company)
R2 GuardX; C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe [1531280 2011-11-07] (IKARUS Security Software GmbH)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-19] (Atheros)
S2 SelfUpdateService; "C:\Program Files (x86)\Freetec\SystemStore\SelfUpdate.exe"  -displayname "Self Update Service" -servicename "SelfUpdateService" [x]
S2 SystemStoreService; "C:\Program Files (x86)\Freetec\SystemStore\SystemStore.exe"  -displayname "System Store Service" -servicename:SystemStoreService [x]

==================== Drivers (Whitelisted) ====================

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-19] (Qualcomm Atheros)
S1 cdrbsdrv; C:\Windows\SysWow64\Drivers\cdrbsdrv.sys [32256 2005-05-10] (B.H.A Corporation)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 NTGUARD; C:\Program Files (x86)\A1 Internetschutz\bin\ntguard_x64.sys [36816 2011-11-07] (IKARUS Security Software GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
S3 ssceserd; C:\Windows\System32\DRIVERS\ssceserd.sys [129024 2010-12-21] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-19 09:09 - 2014-01-19 09:10 - 00020947 _____ C:\Users\Sigrid\Desktop\FRST.txt
2014-01-19 09:08 - 2014-01-19 09:08 - 00000000 ____D C:\FRST
2014-01-18 23:33 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 23:33 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-01-18 23:33 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-01-18 23:33 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-01-18 23:32 - 2014-01-18 23:33 - 00005327 _____ C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 17:15 - 2014-01-18 17:15 - 00002177 _____ C:\Users\Sigrid\Desktop\HP Support Assistant.lnk
2014-01-18 17:09 - 2014-01-18 17:09 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 15:42 - 2014-01-18 15:42 - 00090936 _____ C:\Users\Sigrid\Documents\A1 Internetschutz_support_18012014_1541.zip
2014-01-18 15:42 - 2014-01-18 15:42 - 00090647 _____ C:\Users\Sigrid\Desktop\A1 Internetschutz_support_18012014_1542.zip
2014-01-18 15:33 - 2014-01-18 15:33 - 00008438 _____ C:\Users\Sigrid\Desktop\Gmer.txt
2014-01-18 15:19 - 2014-01-18 15:19 - 00370610 _____ C:\Users\Sigrid\Desktop\gmer_2.1.19323.zip
2014-01-18 15:17 - 2014-01-18 15:17 - 02076160 _____ (Farbar) C:\Users\Sigrid\Downloads\FRST64.exe
2014-01-18 15:12 - 2014-01-18 15:12 - 02076160 _____ (Farbar) C:\Users\Sigrid\Desktop\FRST64.exe
2014-01-18 15:04 - 2014-01-18 15:04 - 00000474 _____ C:\Users\Sigrid\Desktop\defogger_disable.log
2014-01-18 14:54 - 2014-01-18 14:54 - 00000474 _____ C:\Users\Sigrid\Downloads\defogger_disable.log
2014-01-18 14:47 - 2014-01-18 14:47 - 00050477 _____ C:\Users\Sigrid\Desktop\Defogger.exe
2014-01-18 11:30 - 2014-01-18 11:30 - 00322771 _____ C:\Users\Sigrid\AppData\Local\census.cache
2014-01-18 11:29 - 2014-01-18 11:29 - 00118007 _____ C:\Users\Sigrid\AppData\Local\ars.cache
2014-01-18 11:04 - 2014-01-18 11:04 - 00000036 _____ C:\Users\Sigrid\AppData\Local\housecall.guid.cache
2014-01-18 11:03 - 2014-01-18 11:04 - 02405664 _____ (Trend Micro Inc.) C:\Users\Sigrid\Downloads\HousecallLauncher64.exe
2014-01-15 14:08 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 14:08 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 14:08 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-14 06:23 - 2014-01-14 06:23 - 00022918 _____ C:\Users\Herzogs\Downloads\Zusammenfassung laufende Buchungen.xlsx
2014-01-13 09:11 - 2014-01-13 09:11 - 00470043 _____ C:\Users\Sigrid\Downloads\Karte von Israel zur Zeit Jesu.zip
2014-01-13 08:19 - 2014-01-13 08:19 - 03381378 _____ C:\Users\Sigrid\Downloads\Israel-Video-small.wmv
2014-01-12 01:00 - 2014-01-19 09:01 - 00000784 _____ C:\windows\setupact.log
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\windows\setuperr.log
2013-12-31 00:20 - 2013-12-31 00:23 - 00000000 ____D C:\586c01a190c1e01a40
2013-12-29 21:21 - 2013-12-29 21:21 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-29 21:21 - 2013-12-29 21:21 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 21:21 - 2013-12-29 21:21 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 21:20 - 2013-12-29 21:21 - 03571656 _____ (Piriform Ltd) C:\Users\Sigrid\Downloads\ccsetup409_slim.exe
2013-12-29 21:14 - 2013-12-29 21:15 - 00000000 ____D C:\195853154a7dc3fe94fd
2013-12-29 21:11 - 2013-12-29 21:13 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Adobe
2013-12-27 09:01 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-12-27 09:01 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-12-27 09:01 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-12-27 09:01 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-12-27 09:01 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-12-27 09:01 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-12-27 09:01 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-12-27 09:01 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-12-27 09:01 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-12-27 09:01 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-12-27 09:01 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-12-27 09:01 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-12-27 09:01 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-12-27 09:01 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-12-27 09:01 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-12-27 09:01 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-12-27 09:01 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-12-27 09:01 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-12-27 09:01 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-12-27 09:01 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-12-27 09:01 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-12-27 09:01 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-12-27 09:01 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-12-27 09:01 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-12-27 09:01 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-12-27 09:01 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-12-27 09:01 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-12-27 09:01 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-12-27 09:01 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-12-27 09:01 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-12-27 09:01 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-12-24 14:18 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2013-12-24 14:15 - 2013-12-24 14:15 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-12-23 20:32 - 2013-12-23 20:32 - 04558848 _____ (Google Inc.) C:\windows\SysWOW64\GPhotos.scr

==================== One Month Modified Files and Folders =======

2014-01-19 09:10 - 2014-01-19 09:09 - 00020947 _____ C:\Users\Sigrid\Desktop\FRST.txt
2014-01-19 09:10 - 2012-03-28 05:59 - 00001128 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA.job
2014-01-19 09:09 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 09:09 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 09:08 - 2014-01-19 09:08 - 00000000 ____D C:\FRST
2014-01-19 09:08 - 2012-11-30 17:57 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA.job
2014-01-19 09:07 - 2011-05-03 19:08 - 00701560 _____ C:\windows\system32\perfh007.dat
2014-01-19 09:07 - 2011-05-03 19:08 - 00150428 _____ C:\windows\system32\perfc007.dat
2014-01-19 09:07 - 2009-07-14 06:13 - 01620612 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-19 09:02 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-19 09:01 - 2014-01-12 01:00 - 00000784 _____ C:\windows\setupact.log
2014-01-19 01:16 - 2013-01-23 22:23 - 00000000 ____D C:\Users\Sigrid\Documents\AA_Firmung
2014-01-19 01:16 - 2011-12-17 09:44 - 01668847 _____ C:\windows\WindowsUpdate.log
2014-01-19 00:30 - 2013-01-29 13:38 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-18 23:33 - 2014-01-18 23:32 - 00005327 _____ C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 23:33 - 2013-10-21 09:10 - 00000000 ____D C:\ProgramData\Oracle
2014-01-18 23:33 - 2011-09-17 21:06 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-18 22:10 - 2012-03-28 05:59 - 00001076 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core.job
2014-01-18 22:08 - 2012-11-30 17:57 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core.job
2014-01-18 21:13 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2014-01-18 20:02 - 2011-12-30 20:09 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForSigrid.job
2014-01-18 17:16 - 2011-12-30 20:09 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForSigrid
2014-01-18 17:15 - 2014-01-18 17:15 - 00002177 _____ C:\Users\Sigrid\Desktop\HP Support Assistant.lnk
2014-01-18 17:15 - 2011-05-03 19:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-18 17:15 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2014-01-18 17:11 - 2011-05-03 19:12 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2014-01-18 17:10 - 2011-05-03 18:43 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-18 17:09 - 2014-01-18 17:09 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 17:07 - 2011-05-03 18:43 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2014-01-18 17:06 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2014-01-18 15:42 - 2014-01-18 15:42 - 00090936 _____ C:\Users\Sigrid\Documents\A1 Internetschutz_support_18012014_1541.zip
2014-01-18 15:42 - 2014-01-18 15:42 - 00090647 _____ C:\Users\Sigrid\Desktop\A1 Internetschutz_support_18012014_1542.zip
2014-01-18 15:33 - 2014-01-18 15:33 - 00008438 _____ C:\Users\Sigrid\Desktop\Gmer.txt
2014-01-18 15:19 - 2014-01-18 15:19 - 00370610 _____ C:\Users\Sigrid\Desktop\gmer_2.1.19323.zip
2014-01-18 15:17 - 2014-01-18 15:17 - 02076160 _____ (Farbar) C:\Users\Sigrid\Downloads\FRST64.exe
2014-01-18 15:12 - 2014-01-18 15:12 - 02076160 _____ (Farbar) C:\Users\Sigrid\Desktop\FRST64.exe
2014-01-18 15:04 - 2014-01-18 15:04 - 00000474 _____ C:\Users\Sigrid\Desktop\defogger_disable.log
2014-01-18 14:54 - 2014-01-18 14:54 - 00000474 _____ C:\Users\Sigrid\Downloads\defogger_disable.log
2014-01-18 14:47 - 2014-01-18 14:47 - 00050477 _____ C:\Users\Sigrid\Desktop\Defogger.exe
2014-01-18 11:30 - 2014-01-18 11:30 - 00322771 _____ C:\Users\Sigrid\AppData\Local\census.cache
2014-01-18 11:29 - 2014-01-18 11:29 - 00118007 _____ C:\Users\Sigrid\AppData\Local\ars.cache
2014-01-18 11:04 - 2014-01-18 11:04 - 00000036 _____ C:\Users\Sigrid\AppData\Local\housecall.guid.cache
2014-01-18 11:04 - 2014-01-18 11:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Sigrid\Downloads\HousecallLauncher64.exe
2014-01-18 10:33 - 2012-10-13 17:26 - 00002328 _____ C:\Users\Herzogs\Desktop\Google Chrome.lnk
2014-01-17 15:53 - 2011-10-08 00:07 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2014-01-17 15:52 - 2011-10-28 19:15 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-16 22:38 - 2011-09-27 16:28 - 00000432 _____ C:\windows\BRWMARK.INI
2014-01-16 21:12 - 2012-03-27 13:47 - 00002323 _____ C:\Users\Sigrid\Desktop\Google Chrome.lnk
2014-01-16 20:48 - 2009-07-14 05:45 - 00440144 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-16 01:02 - 2011-09-27 16:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 00:59 - 2013-08-16 10:37 - 00000000 ____D C:\windows\system32\MRT
2014-01-16 00:57 - 2011-10-21 17:38 - 86054176 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-15 21:37 - 2011-09-22 19:50 - 00000000 ____D C:\Users\Sigrid\Documents\AA_Marco_Luca
2014-01-14 06:23 - 2014-01-14 06:23 - 00022918 _____ C:\Users\Herzogs\Downloads\Zusammenfassung laufende Buchungen.xlsx
2014-01-13 09:11 - 2014-01-13 09:11 - 00470043 _____ C:\Users\Sigrid\Downloads\Karte von Israel zur Zeit Jesu.zip
2014-01-13 08:19 - 2014-01-13 08:19 - 03381378 _____ C:\Users\Sigrid\Downloads\Israel-Video-small.wmv
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\windows\setuperr.log
2014-01-11 21:08 - 2012-06-25 19:30 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Windows Live
2014-01-02 11:02 - 2011-12-02 06:37 - 00003194 _____ C:\windows\System32\Tasks\HPCeeScheduleForHerzogs
2014-01-02 11:02 - 2011-12-02 06:37 - 00000340 _____ C:\windows\Tasks\HPCeeScheduleForHerzogs.job
2014-01-01 12:41 - 2009-07-14 06:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-12-31 00:23 - 2013-12-31 00:20 - 00000000 ____D C:\586c01a190c1e01a40
2013-12-29 23:43 - 2011-10-06 08:31 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForSIGRID-HP$
2013-12-29 23:43 - 2011-10-06 08:31 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForSIGRID-HP$.job
2013-12-29 22:40 - 2009-07-27 16:04 - 00000000 ____D C:\windows\Panther
2013-12-29 21:31 - 2013-01-29 13:38 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-12-29 21:31 - 2013-01-29 13:37 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-12-29 21:31 - 2011-09-18 21:07 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-29 21:21 - 2013-12-29 21:21 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-29 21:21 - 2013-12-29 21:21 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 21:21 - 2013-12-29 21:21 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 21:21 - 2013-12-29 21:20 - 03571656 _____ (Piriform Ltd) C:\Users\Sigrid\Downloads\ccsetup409_slim.exe
2013-12-29 21:15 - 2013-12-29 21:14 - 00000000 ____D C:\195853154a7dc3fe94fd
2013-12-29 21:13 - 2013-12-29 21:11 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Adobe
2013-12-28 22:31 - 2013-08-02 09:52 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-28 22:30 - 2011-09-17 21:04 - 00000000 ____D C:\Users\Sigrid\AppData\Roaming\vlc
2013-12-25 20:33 - 2011-09-15 21:23 - 00001421 _____ C:\Users\Sigrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 12:03 - 2011-09-16 03:42 - 00000000 ____D C:\windows\rescache
2013-12-25 10:58 - 2011-09-18 23:24 - 00001421 _____ C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 10:54 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-12-24 14:15 - 2013-12-24 14:15 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-12-23 20:32 - 2013-12-23 20:32 - 04558848 _____ (Google Inc.) C:\windows\SysWOW64\GPhotos.scr

Some content of TEMP:
====================
C:\Users\Sigrid\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Sigrid\AppData\Local\Temp\sp64126.exe
C:\Users\Sigrid\AppData\Local\Temp\UninstallHPSA.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-09 16:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


und die Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2014 03
Ran by Sigrid at 2014-01-19 09:11:38
Running from C:\Users\Sigrid\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: A1 Internetschutz (Enabled - Up to date) {54915AF1-3B92-EB1D-9EAD-22745B2972A6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: A1 Internetschutz (Enabled - Up to date) {EFF0BB15-1DA8-E493-A41D-190620AE381B}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
7-Zip 9.20 (x32 Version:  - )
A1 Internetschutz 2.0.69 (x32 Version: 2.0.69 - A1 Telekom Austria)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.4.595.1 - Advanced Micro Devices Inc.) Hidden
Any Video Converter 5.0.7 (x32 Version:  - Any-Video-Converter.com)
ArcSoft Webcam Sharing Manager (x32 Version: 2.0.0.30 - ArcSoft)
ATI Catalyst Install Manager (Version: 3.0.820.0 - ATI Technologies, Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0328.1145.19234 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0328.1145.19234 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0328.1145.19234 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0328.1145.19234 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0328.1145.19234 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help English (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help French (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help German (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0328.1144.19234 - ATI) Hidden
ccc-utility64 (Version: 2011.0328.1145.19234 - ATI) Hidden
CCleaner (Version: 4.09 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
ClipGrab 3.2.1.2 (x32 Version:  - Philipp Schmieder Medien)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Access Manager for HP ProtectTools (Version: 6.1.0.1 - Hewlett-Packard Company)
Drive Encryption For HP ProtectTools (Version: 6.0.100.35469 - Hewlett-Packard Company)
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
Face Recognition for HP ProtectTools (Version: 6.00.4407 - Hewlett-Packard Company)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKCU Version: 32.0.1700.76 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Connection Manager (x32 Version: 4.4.10.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (x32 Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (x32 Version: 2.0.8.1 - Hewlett-Packard Company)
HP FWUpdateEDO2 (x32 Version: 1.2.0.0 - Hewlett-Packard)
HP Hotkey Support (x32 Version: 4.6.4.1 - Hewlett-Packard Company)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (Version: 24.0.342.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (x32 Version: 140.0.2.2 - Hewlett Packard)
HP Power Assistant (Version: 2.1.0.6 - Hewlett-Packard Company)
HP ProtectTools Security Manager (Version: 6.08.1017 - Hewlett-Packard Company)
HP ProtectTools Security Manager (Version: 6.08.1017 - Hewlett-Packard Company) Hidden
HP QuickWeb (x32 Version: 3.0.3.9925 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (x32 Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (x32 Version: 4.5.12.1 - Hewlett-Packard Company)
HP Software Setup (x32 Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Default Settings (x32 Version: 2.4.3.1 - Hewlett-Packard Company)
HP Update (x32 Version: 5.003.001.001 - Hewlett-Packard)
HP Wallpaper (x32 Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (x32 Version: 5.8.50058.0 - Sonix)
IDT Audio (x32 Version: 1.0.6367.0 - IDT)
Intel(R) Display Audio Driver (x32 Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (x32 Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron Flash Media Controller Driver (x32 Version: 1.0.72.4 - JMicron Technology Corp.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (x32 Version: 1.0.0 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
PDF-Viewer (Version: 2.5.209.0 - Tracker Software Products Ltd)
Picasa 3 (x32 Version: 3.9 - Google, Inc.)
Privacy Manager for HP ProtectTools (Version: 6.00.831 - Hewlett-Packard Company)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.206 - Ihr Firmenname)
Qualcomm Atheros Driver Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (x32 Version: 7.58.411.2012 - Realtek)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.5.0 - SAMSUNG Electronics Co., Ltd.)
SDK (x32 Version: 2.26.012 - Portrait Displays, Inc.) Hidden
Secunia PSI (3.0.0.4001) (x32 Version: 3.0.0.4001 - Secunia)
Synaptics Pointing Device Driver (Version: 17.0.18.8 - Synaptics Incorporated)
Theft Recovery for HP ProtectTools (x32 Version: 6.0.0.33 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 6.0.0.33 - Hewlett-Packard Company) Hidden
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Validity Fingerprint Sensor Driver (Version: 4.4.228.0 - Validity Sensors, Inc.)
VIP Access SDK (1.0.1.5)  (x32 Version: 1.0.1.5 - Symantec Inc.)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden

==================== Restore Points  =========================

07-01-2014 13:06:34 Windows Update
10-01-2014 15:01:55 Windows Update
15-01-2014 12:57:08 Windows Update
15-01-2014 23:56:44 Windows Update
18-01-2014 16:09:30 Installed HP Support Assistant
18-01-2014 16:13:33 Windows Modules Installer
18-01-2014 16:14:54 Windows Modules Installer
18-01-2014 22:32:02 Installed Java 7 Update 51

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-02-11 15:41 - 00000098 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {05DDB983-8C5F-4514-9D37-4D7AD854D85D} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {1EEF7199-53BB-47E3-9D88-8FECC127CA1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {2BA4A3A6-B9AE-4496-8CA4-682B61BFFECB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {3911DC8D-B858-409F-855B-47A34C98CEB3} - System32\Tasks\HPCeeScheduleForSigrid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {3AEB04CE-C9CC-466C-9CF5-0313E7BE79AE} - System32\Tasks\HPCeeScheduleForSIGRID-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {49C20BA5-EFFE-46CD-848A-B2095A1932A9} - System32\Tasks\Software Updater => C:\Program Files (x86)\Freetec\SystemStore\SoftwareUpdater.Bootstrapper.exe
Task: {4B5B3F17-D6A2-4FD3-9A35-4A1C8E993D88} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {4CD94467-8333-42B2-BF24-AC9E61D9E44D} - System32\Tasks\HPCeeScheduleForHerzogs => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {6C5B5ED4-35E2-4D0A-830A-BC3D93ABCC33} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {80A66D3F-C81F-4EDF-AFB0-20FD8BF9E693} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA => C:\Users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: {85A40A50-6150-41D7-A19C-7C9B6F96D19B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8E235180-8C1B-4467-B2E2-EDF087A01A82} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\Freetec\SystemStore\SoftwareUpdater.Ui.exe
Task: {9D361ACD-1830-4A0A-AB0F-84E3425472A6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core => C:\Users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28] (Google Inc.)
Task: {ACA73012-CD4A-4715-BE2B-5246E6687AAD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-29] (Adobe Systems Incorporated)
Task: {C4170D8A-F092-4D14-9468-AD2501E612B6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA => C:\Users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28] (Google Inc.)
Task: {D4E6D8F2-13BC-4013-A5FB-0D014E074747} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core => C:\Users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core.job => C:\Users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA.job => C:\Users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core.job => C:\Users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA.job => C:\Users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForHerzogs.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForSIGRID-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForSigrid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2011-01-27 06:11 - 2011-01-27 06:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-03-22 18:17 - 2011-03-22 18:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-14 18:16 - 2011-03-14 18:16 - 00024576 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2011-03-28 19:44 - 2011-03-28 19:44 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-05-03 19:25 - 2011-06-11 12:42 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-02-01 09:14 - 2013-02-01 09:14 - 02830336 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-02-01 08:38 - 2013-02-01 08:38 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-02-01 09:17 - 2013-02-01 09:17 - 02863104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-02-01 09:15 - 2013-02-01 09:15 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-02-01 08:42 - 2013-02-01 08:42 - 02035712 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-02-01 08:43 - 2013-02-01 08:43 - 01945600 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-02-01 09:12 - 2013-02-01 09:12 - 03092480 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2013-08-16 17:12 - 2013-08-16 17:12 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9ab0e818cb3d1b6930eba54179f89300\IsdiInterop.ni.dll
2011-09-04 13:43 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-04-27 16:05 - 2011-04-27 16:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-01-16 21:12 - 2014-01-11 11:28 - 00715544 _____ () C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-16 21:12 - 2014-01-11 11:28 - 00100120 _____ () C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-16 21:12 - 2014-01-11 11:29 - 04055320 _____ () C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-16 21:12 - 2014-01-11 11:29 - 00399640 _____ () C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-16 21:12 - 2014-01-11 11:28 - 01634584 _____ () C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2014 09:02:54 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BtTray.exe, Version: 8.0.0.206, Zeitstempel: 0x5030ef67
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0x730
Startzeit der fehlerhaften Anwendung: 0xBtTray.exe0
Pfad der fehlerhaften Anwendung: BtTray.exe1
Pfad des fehlerhaften Moduls: BtTray.exe2
Berichtskennung: BtTray.exe3

Error: (01/19/2014 09:02:53 AM) (Source: .NET Runtime) (User: )
Description: Application: BtTray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.BadImageFormatException
Stack:
   at CommApiInterop.Ipc.SafeNativeMethods.CreateIpcStub(PROTOCAL_TYPE, Boolean, IpcAction, IntPtr, Int32)
   at CommApiInterop.PodIpc..ctor(PROTOCAL_TYPE, Int32, Boolean, CommApiInterop.IPodIpcObserver)
   at BtTray.Bootstrapper.ConfigurePodIpcService()
   at BtTray.Bootstrapper.Run(System.String[])
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.runTryCode(System.Object)
   at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.WrappedInvoke(System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run()
   at BtTray.App.Main()

Error: (01/19/2014 01:16:14 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC

Error: (01/19/2014 01:16:12 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC

Error: (01/19/2014 01:16:12 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC

Error: (01/19/2014 01:16:12 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC

Error: (01/19/2014 01:16:12 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC

Error: (01/19/2014 01:16:12 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC

Error: (01/19/2014 01:16:12 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC

Error: (01/19/2014 01:16:12 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU failed to post message to CCC


System errors:
=============
Error: (01/19/2014 09:03:22 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (01/19/2014 09:02:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "System Store Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/19/2014 09:02:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Self Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/19/2014 09:02:03 AM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/19/2014 09:01:47 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/19/2014 09:00:55 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/19/2014 01:16:14 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/18/2014 10:49:25 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/18/2014 09:11:04 PM) (Source: BTHUSB) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (01/18/2014 08:03:40 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (02/23/2013 11:10:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8324 seconds with 960 seconds of active time.  This session ended with a crash.

Error: (10/13/2011 08:59:50 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 335 seconds with 180 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-02-11 10:57:43.997
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-11 10:57:43.857
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 4030.36 MB
Available physical RAM: 2028.71 MB
Total Pagefile: 8058.9 MB
Available Pagefile: 5242.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:442.57 GB) (Free:350.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:17.9 GB) (Free:2.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F2D83907)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End Of Log ============================
         
lg
__________________

Alt 19.01.2014, 11:15   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Virenwarnung ignorieren, FRST zulassen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.01.2014, 11:24   #5
sima
 
Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Hallo,
habe FRST heute morgen schon gemacht, logfiles sind in meiner vorigen Antwort zu finden.
lg


Alt 19.01.2014, 11:30   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
--> Schreiben im Internet unmöglich

Alt 19.01.2014, 16:23   #7
sima
 
Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Hier dein gewünschter logfile combofix.txt
Code:
ATTFilter
ComboFix 14-01-16.03 - Sigrid 19.01.2014  15:53:28.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.4030.2253 [GMT 1:00]
ausgeführt von:: c:\users\Sigrid\Desktop\ComboFix.exe
AV: A1 Internetschutz *Disabled/Updated* {54915AF1-3B92-EB1D-9EAD-22745B2972A6}
SP: A1 Internetschutz *Disabled/Updated* {EFF0BB15-1DA8-E493-A41D-190620AE381B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-12-19 bis 2014-01-19  ))))))))))))))))))))))))))))))
.
.
2014-01-19 15:03 . 2014-01-19 15:03	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-01-19 15:03 . 2014-01-19 15:03	--------	d-----w-	c:\users\hilfe\AppData\Local\temp
2014-01-19 15:03 . 2014-01-19 15:03	--------	d-----w-	c:\users\Herzogs\AppData\Local\temp
2014-01-19 15:03 . 2014-01-19 15:03	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-01-19 08:08 . 2014-01-19 08:08	--------	d-----w-	C:\FRST
2014-01-18 22:33 . 2013-12-18 20:09	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-18 16:09 . 2014-01-18 16:09	--------	d-----w-	c:\programdata\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-17 17:08 . 2013-12-04 03:28	10315576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{DBEE73D9-D182-4593-A994-397DAB55B790}\mpengine.dll
2014-01-15 13:08 . 2013-11-27 01:41	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2014-01-15 13:08 . 2013-11-27 01:41	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2014-01-15 13:08 . 2013-11-27 01:41	53248	----a-w-	c:\windows\system32\drivers\usbehci.sys
2014-01-15 13:08 . 2013-11-27 01:41	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2014-01-15 13:08 . 2013-11-27 01:41	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2014-01-15 13:08 . 2013-11-27 01:41	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2014-01-15 13:08 . 2013-11-27 01:41	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2014-01-15 13:08 . 2013-11-26 10:32	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-01-15 13:08 . 2013-11-26 11:40	376768	----a-w-	c:\windows\system32\drivers\netio.sys
2013-12-30 23:20 . 2013-12-30 23:23	--------	d-----w-	C:\586c01a190c1e01a40
2013-12-29 20:21 . 2013-12-29 20:21	--------	d-----w-	c:\program files\CCleaner
2013-12-29 20:14 . 2013-12-29 20:15	--------	d-----w-	C:\195853154a7dc3fe94fd
2013-12-29 20:11 . 2013-12-29 20:13	--------	d-----w-	c:\users\Sigrid\AppData\Local\Adobe
2013-12-24 13:18 . 2013-10-14 17:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2013-12-23 19:32 . 2013-12-23 19:32	4558848	----a-w-	c:\windows\SysWow64\GPhotos.scr
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-15 23:57 . 2011-10-21 16:38	86054176	----a-w-	c:\windows\system32\MRT.exe
2013-12-29 20:31 . 2013-01-29 12:37	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-29 20:31 . 2011-09-18 20:07	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-13 19:41 . 2013-12-13 19:42	1795952	----a-w-	c:\windows\system32\WdfCoInstaller01011.dll
2013-12-13 19:41 . 2013-12-13 19:42	92	----a-w-	c:\windows\system32\calibration.bin
2013-11-23 18:26 . 2013-12-11 21:05	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 21:05	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-11-19 02:33 . 2013-02-05 10:46	267936	------w-	c:\windows\system32\MpSigStub.exe
2013-11-12 02:23 . 2013-12-11 21:04	2048	----a-w-	c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 21:04	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-10-30 02:52 . 2013-10-30 02:52	169712	----a-w-	c:\windows\SysWow64\SynTPCom.dll
2013-10-30 02:52 . 2013-10-30 02:52	549104	----a-w-	c:\windows\system32\drivers\SynTP.sys
2013-10-30 02:52 . 2013-10-30 02:52	422640	----a-w-	c:\windows\system32\SynTPCo19.dll
2013-10-30 02:52 . 2013-10-30 02:52	252144	----a-w-	c:\windows\system32\SynTPAPI.dll
2013-10-30 02:52 . 2013-12-13 19:42	723184	----a-w-	c:\windows\system32\SynCOM.dll
2013-10-30 02:52 . 2013-10-30 02:52	400624	----a-w-	c:\windows\SysWow64\SynCom.dll
2013-10-30 02:52 . 2013-10-30 02:52	161880	----a-w-	c:\windows\system32\pca-manta.bin
2013-10-30 02:32 . 2013-12-11 21:05	335360	----a-w-	c:\windows\system32\msieftp.dll
2013-10-30 02:19 . 2013-12-11 21:05	301568	----a-w-	c:\windows\SysWow64\msieftp.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Photosmart 5510 series (NET)"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 2672488]
"HP Photosmart 5510 series (NET) F94F7668AC79227E37B23B9D4DB5F43E5B5DBABE81F65562A54DDE47"="c:\program files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 2672488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"IKARUS-GuardX"="c:\program files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe" [2011-11-07 5016824]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-10-27 169528]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-06-20 333728]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2012-09-05 184736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-9-24 573536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09	75360	----a-w-	c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\GuardX]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ntguard.sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SelfUpdateService;Self Update Service;c:\program files (x86)\Freetec\SystemStore\SelfUpdate.exe  -displayname Self Update Service -servicename SelfUpdateService;c:\program files (x86)\Freetec\SystemStore\SelfUpdate.exe  -displayname Self Update Service -servicename SelfUpdateService [x]
R2 SystemStoreService;System Store Service;c:\program files (x86)\Freetec\SystemStore\SystemStore.exe  -displayname System Store Service -servicename:SystemStoreService;c:\program files (x86)\Freetec\SystemStore\SystemStore.exe  -displayname System Store Service -servicename:SystemStoreService [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys;c:\windows\SYSNATIVE\DRIVERS\sscebus.sys [x]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys;c:\windows\SYSNATIVE\DRIVERS\sscemdfl.sys [x]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys;c:\windows\SYSNATIVE\DRIVERS\sscemdm.sys [x]
R3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\DRIVERS\ssceserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssceserd.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 NTGUARD;NTGUARD;c:\program files (x86)\A1 Internetschutz\bin\ntguard_x64.sys;c:\program files (x86)\A1 Internetschutz\bin\ntguard_x64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 GuardX;GuardX;c:\program files (x86)\A1 Internetschutz\bin\guardxservice.exe;c:\program files (x86)\A1 Internetschutz\bin\guardxservice.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-29 20:31]
.
2014-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core.job
- c:\users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 16:57]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA.job
- c:\users\Sigrid\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30 16:57]
.
2014-01-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core.job
- c:\users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28 04:59]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA.job
- c:\users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-28 04:59]
.
2014-01-02 c:\windows\Tasks\HPCeeScheduleForHerzogs.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2013-12-29 c:\windows\Tasks\HPCeeScheduleForSIGRID-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2014-01-18 c:\windows\Tasks\HPCeeScheduleForSigrid.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2013-02-01 200704]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-11-14 1424896]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-07-15 14904]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-08-19 764032]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-08-19 127616]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SystemStoreService]
"ImagePath"="\"c:\program files (x86)\Freetec\SystemStore\SystemStore.exe\"  -displayname \"System Store Service\" -servicename:SystemStoreService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0020\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0022\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0023\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0024\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0025\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0026\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-01-19  16:17:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-01-19 15:16
.
Vor Suchlauf: 18 Verzeichnis(se), 376.371.814.400 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 377.883.832.320 Bytes frei
.
- - End Of File - - AADEE65C5207BCB4DEFCAB9A14BC8F43
         

Alt 20.01.2014, 13:04   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.01.2014, 18:22   #9
sima
 
Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Hier der logfile von malwarebytes

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.20.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Sigrid :: SIGRID-HP [Administrator]

20.01.2014 15:47:19
mbam-log-2014-01-20 (15-47-19).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 451853
Laufzeit: 1 Stunde(n), 58 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Hier der adwcleaner
Code:
ATTFilter
# AdwCleaner v3.017 - Bericht erstellt am 20/01/2014 um 17:59:57
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Sigrid - SIGRID-HP
# Gestartet von : C:\Users\Sigrid\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : SystemStoreService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\wincert
Ordner Gelöscht : C:\Users\Sigrid\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Sigrid\AppData\LocalLow\searchresultstb
Datei Gelöscht : C:\Users\Sigrid\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : C:\windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\windows\System32\Tasks\Software Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_mcpatcher-hd-fix_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_mcpatcher-hd-fix_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (1)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (1)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (2)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (2)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (3)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (3)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (4)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (4)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (5)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (5)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-demo-fix (1)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-demo-fix (1)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-demo-fix (2)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-demo-fix (2)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-demo-fix_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-demo-fix_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server (1)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server (1)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server (2)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server (2)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server (3)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server (3)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-skinedit_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-skinedit_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_modloader-for-minecraft_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_modloader-for-minecraft_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_modloadermp-for-minecraft_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_modloadermp-for-minecraft_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_too-many-items_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_too-many-items_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_zelda-adventure-fur-minecraft_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_zelda-adventure-fur-minecraft_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\FLEXnet
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\FLEXnet
Schlüssel Gelöscht : HKLM\Software\Uniblue

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v

[ Datei : C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default\prefs.js ]


[ Datei : C:\Users\Herzogs\AppData\Roaming\Mozilla\Firefox\Profiles\rs53m760.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Herzogs\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7612 octets] - [20/01/2014 17:52:29]
AdwCleaner[S0].txt - [7323 octets] - [20/01/2014 17:59:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7383 octets] ##########
         
Und jetzt noch Junkware
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x64
Ran by Sigrid on 20.01.2014 at 18:09:31,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4157386011-1825002390-482303840-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (3)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup (3)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softonic_deutsch_ff_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softonic_deutsch_ff_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (1)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (1)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (3)_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup (3)_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\softonic_deutsch_ff_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\softonic_deutsch_ff_RASMANCS



~~~ Files

Successfully deleted: [File] "C:\Users\Sigrid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\startmenu\startfenster.lnk"
Successfully deleted: [File] "C:\Users\Sigrid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Sigrid\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Sigrid\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\free video converter"
Successfully deleted: [Empty Folder] C:\Users\Sigrid\appdata\local\{0C1B3329-723F-4047-B083-A5D7622FEE8F}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.01.2014 at 18:14:38,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Und zu guter letzt der FRST-logfile

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 04
Ran by Sigrid (administrator) on SIGRID-HP on 20-01-2014 18:18:52
Running from C:\Users\Sigrid\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MfeEpePcMonitor] - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1424896 2012-11-14] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2996792 2011-07-15] (Hewlett-Packard Company)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-19] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-19] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IKARUS-GuardX] - C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe [5016824 2011-11-07] (IKARUS Security Software GmbH)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-27] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKCU\...\Run: [HP Photosmart 5510 series (NET) #2] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\Herzogs\...\Run: [OM_Monitor] - C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe
HKU\Herzogs\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\Herzogs\...\Run: [Google Update] - C:\Users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-28] (Google Inc.)
HKU\Herzogs\...\Run: [Exetender] - "C:\Program Files (x86)\FantastiGames\GPlayer.exe" /runonstartup
HKU\Herzogs\...\Run: [KiesHelper] - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
HKU\Herzogs\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\Herzogs\...\Run: [HP Photosmart 5510 series (NET) #2] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default
FF Homepage: hxxp://www.arccosine.com/
FF NetworkProxy: "autoconfig_url", "hxxp://internetschutz.aon.at/webschutz/webschutz.pac"
FF NetworkProxy: "type", 2
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Adblock Plus - C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-06]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-03-09]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []

Chrome: 
=======
CHR HomePage: hxxp://www.google.at/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Update) - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\foffipojfhllopobhnlcejcmhjhdgapl [2013-03-19]
CHR Extension: (Google Wallet) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR StartMenuInternet: Google Chrome - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-19] (Qualcomm Atheros Commnucations)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company)
R2 GuardX; C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe [1531280 2011-11-07] (IKARUS Security Software GmbH)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-19] (Atheros)
S2 SelfUpdateService; "C:\Program Files (x86)\Freetec\SystemStore\SelfUpdate.exe"  -displayname "Self Update Service" -servicename "SelfUpdateService" [x]

==================== Drivers (Whitelisted) ====================

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-19] (Qualcomm Atheros)
S1 cdrbsdrv; C:\Windows\SysWow64\Drivers\cdrbsdrv.sys [32256 2005-05-10] (B.H.A Corporation)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 NTGUARD; C:\Program Files (x86)\A1 Internetschutz\bin\ntguard_x64.sys [36816 2011-11-07] (IKARUS Security Software GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
S3 ssceserd; C:\Windows\System32\DRIVERS\ssceserd.sys [129024 2010-12-21] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-20 18:14 - 2014-01-20 18:14 - 00002904 _____ C:\Users\Sigrid\Desktop\JRT.txt
2014-01-20 18:09 - 2014-01-20 18:09 - 00000000 ____D C:\windows\ERUNT
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Downloads\JRT.exe
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Desktop\JRT.exe
2014-01-20 17:52 - 2014-01-20 18:00 - 00000000 ____D C:\AdwCleaner
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Downloads\adwcleaner.exe
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Desktop\adwcleaner.exe
2014-01-20 15:19 - 2014-01-20 15:19 - 00000000 ____D C:\Users\Sigrid\Desktop\FRST-OlderVersion
2014-01-19 16:17 - 2014-01-19 16:17 - 00029562 _____ C:\Users\Sigrid\Desktop\ComboFix.txt
2014-01-19 16:04 - 2014-01-19 16:04 - 00000546 _____ C:\windows\PFRO.log
2014-01-19 15:51 - 2014-01-19 16:17 - 00000000 ____D C:\Qoobox
2014-01-19 15:51 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2014-01-19 15:51 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2014-01-19 15:51 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2014-01-19 15:45 - 2014-01-19 15:45 - 05167985 ____R (Swearware) C:\Users\Sigrid\Desktop\ComboFix.exe
2014-01-19 15:44 - 2014-01-19 15:45 - 05167985 _____ (Swearware) C:\Users\Sigrid\Downloads\ComboFix.exe
2014-01-19 09:11 - 2014-01-19 09:12 - 00033941 _____ C:\Users\Sigrid\Desktop\Addition.txt
2014-01-19 09:09 - 2014-01-20 18:18 - 00020126 _____ C:\Users\Sigrid\Desktop\FRST.txt
2014-01-19 09:08 - 2014-01-20 15:19 - 00000000 ____D C:\FRST
2014-01-18 23:33 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 23:33 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-01-18 23:33 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-01-18 23:33 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-01-18 23:32 - 2014-01-18 23:33 - 00005327 _____ C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 17:15 - 2014-01-18 17:15 - 00002177 _____ C:\Users\Sigrid\Desktop\HP Support Assistant.lnk
2014-01-18 17:09 - 2014-01-18 17:09 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 15:42 - 2014-01-18 15:42 - 00090936 _____ C:\Users\Sigrid\Documents\A1 Internetschutz_support_18012014_1541.zip
2014-01-18 15:42 - 2014-01-18 15:42 - 00090647 _____ C:\Users\Sigrid\Desktop\A1 Internetschutz_support_18012014_1542.zip
2014-01-18 15:33 - 2014-01-18 15:33 - 00008438 _____ C:\Users\Sigrid\Desktop\Gmer.txt
2014-01-18 15:19 - 2014-01-18 15:19 - 00370610 _____ C:\Users\Sigrid\Desktop\gmer_2.1.19323.zip
2014-01-18 15:17 - 2014-01-18 15:17 - 02076160 _____ (Farbar) C:\Users\Sigrid\Downloads\FRST64.exe
2014-01-18 15:12 - 2014-01-20 15:19 - 02076672 _____ (Farbar) C:\Users\Sigrid\Desktop\FRST64.exe
2014-01-18 15:04 - 2014-01-18 15:04 - 00000474 _____ C:\Users\Sigrid\Desktop\defogger_disable.log
2014-01-18 14:54 - 2014-01-18 14:54 - 00000474 _____ C:\Users\Sigrid\Downloads\defogger_disable.log
2014-01-18 14:47 - 2014-01-18 14:47 - 00050477 _____ C:\Users\Sigrid\Desktop\Defogger.exe
2014-01-18 11:30 - 2014-01-18 11:30 - 00322771 _____ C:\Users\Sigrid\AppData\Local\census.cache
2014-01-18 11:29 - 2014-01-18 11:29 - 00118007 _____ C:\Users\Sigrid\AppData\Local\ars.cache
2014-01-18 11:04 - 2014-01-18 11:04 - 00000036 _____ C:\Users\Sigrid\AppData\Local\housecall.guid.cache
2014-01-18 11:03 - 2014-01-18 11:04 - 02405664 _____ (Trend Micro Inc.) C:\Users\Sigrid\Downloads\HousecallLauncher64.exe
2014-01-15 14:08 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 14:08 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 14:08 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-14 06:23 - 2014-01-14 06:23 - 00022918 _____ C:\Users\Herzogs\Downloads\Zusammenfassung laufende Buchungen.xlsx
2014-01-13 09:11 - 2014-01-13 09:11 - 00470043 _____ C:\Users\Sigrid\Downloads\Karte von Israel zur Zeit Jesu.zip
2014-01-13 08:19 - 2014-01-13 08:19 - 03381378 _____ C:\Users\Sigrid\Downloads\Israel-Video-small.wmv
2014-01-12 01:00 - 2014-01-20 18:01 - 00001008 _____ C:\windows\setupact.log
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\windows\setuperr.log
2013-12-31 00:20 - 2013-12-31 00:23 - 00000000 ____D C:\586c01a190c1e01a40
2013-12-29 21:21 - 2013-12-29 21:21 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-29 21:21 - 2013-12-29 21:21 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 21:21 - 2013-12-29 21:21 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 21:20 - 2013-12-29 21:21 - 03571656 _____ (Piriform Ltd) C:\Users\Sigrid\Downloads\ccsetup409_slim.exe
2013-12-29 21:14 - 2013-12-29 21:15 - 00000000 ____D C:\195853154a7dc3fe94fd
2013-12-29 21:11 - 2013-12-29 21:13 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Adobe
2013-12-27 09:01 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-12-27 09:01 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-12-27 09:01 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-12-27 09:01 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-12-27 09:01 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-12-27 09:01 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-12-27 09:01 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-12-27 09:01 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-12-27 09:01 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-12-27 09:01 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-12-27 09:01 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-12-27 09:01 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-12-27 09:01 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-12-27 09:01 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-12-27 09:01 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-12-27 09:01 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-12-27 09:01 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-12-27 09:01 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-12-27 09:01 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-12-27 09:01 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-12-27 09:01 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-12-27 09:01 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-12-27 09:01 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-12-27 09:01 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-12-27 09:01 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-12-27 09:01 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-12-27 09:01 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-12-27 09:01 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-12-27 09:01 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-12-27 09:01 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-12-27 09:01 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-12-24 14:18 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2013-12-24 14:15 - 2013-12-24 14:15 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-12-23 20:32 - 2013-12-23 20:32 - 04558848 _____ (Google Inc.) C:\windows\SysWOW64\GPhotos.scr

==================== One Month Modified Files and Folders =======

2014-01-20 18:19 - 2014-01-19 09:09 - 00020126 _____ C:\Users\Sigrid\Desktop\FRST.txt
2014-01-20 18:14 - 2014-01-20 18:14 - 00002904 _____ C:\Users\Sigrid\Desktop\JRT.txt
2014-01-20 18:10 - 2012-03-28 05:59 - 00001128 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA.job
2014-01-20 18:10 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-20 18:10 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-20 18:09 - 2014-01-20 18:09 - 00000000 ____D C:\windows\ERUNT
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Downloads\JRT.exe
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Desktop\JRT.exe
2014-01-20 18:08 - 2012-11-30 17:57 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA.job
2014-01-20 18:07 - 2011-05-03 19:08 - 00705108 _____ C:\windows\system32\perfh007.dat
2014-01-20 18:07 - 2011-05-03 19:08 - 00151476 _____ C:\windows\system32\perfc007.dat
2014-01-20 18:07 - 2009-07-14 06:13 - 01629372 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-20 18:02 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-20 18:01 - 2014-01-12 01:00 - 00001008 _____ C:\windows\setupact.log
2014-01-20 18:00 - 2014-01-20 17:52 - 00000000 ____D C:\AdwCleaner
2014-01-20 18:00 - 2011-12-17 09:44 - 01730369 _____ C:\windows\WindowsUpdate.log
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Downloads\adwcleaner.exe
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Desktop\adwcleaner.exe
2014-01-20 17:30 - 2013-01-29 13:38 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-20 15:19 - 2014-01-20 15:19 - 00000000 ____D C:\Users\Sigrid\Desktop\FRST-OlderVersion
2014-01-20 15:19 - 2014-01-19 09:08 - 00000000 ____D C:\FRST
2014-01-20 15:19 - 2014-01-18 15:12 - 02076672 _____ (Farbar) C:\Users\Sigrid\Desktop\FRST64.exe
2014-01-20 10:49 - 2013-01-23 22:23 - 00000000 ____D C:\Users\Sigrid\Documents\AA_Firmung
2014-01-19 22:44 - 2012-11-30 17:57 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core.job
2014-01-19 22:44 - 2012-03-28 05:59 - 00001076 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core.job
2014-01-19 16:29 - 2012-10-28 22:25 - 00000000 ____D C:\Users\Sigrid\Desktop\Allerheiligen
2014-01-19 16:26 - 2011-05-03 18:49 - 01653526 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2014-01-19 16:17 - 2014-01-19 16:17 - 00029562 _____ C:\Users\Sigrid\Desktop\ComboFix.txt
2014-01-19 16:17 - 2014-01-19 15:51 - 00000000 ____D C:\Qoobox
2014-01-19 16:14 - 2011-09-18 23:24 - 00000000 ___RD C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 16:06 - 2009-07-14 03:34 - 00000252 _____ C:\windows\system.ini
2014-01-19 16:04 - 2014-01-19 16:04 - 00000546 _____ C:\windows\PFRO.log
2014-01-19 16:04 - 2009-07-14 03:34 - 96206848 _____ C:\windows\system32\config\SOFTWARE.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 24117248 _____ C:\windows\system32\config\SYSTEM.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00737280 _____ C:\windows\system32\config\DEFAULT.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00106496 _____ C:\windows\system32\config\SAM.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00024576 _____ C:\windows\system32\config\SECURITY.bak
2014-01-19 16:03 - 2013-02-11 10:46 - 00000000 ____D C:\windows\erdnt
2014-01-19 15:45 - 2014-01-19 15:45 - 05167985 ____R (Swearware) C:\Users\Sigrid\Desktop\ComboFix.exe
2014-01-19 15:45 - 2014-01-19 15:44 - 05167985 _____ (Swearware) C:\Users\Sigrid\Downloads\ComboFix.exe
2014-01-19 09:12 - 2014-01-19 09:11 - 00033941 _____ C:\Users\Sigrid\Desktop\Addition.txt
2014-01-18 23:33 - 2014-01-18 23:32 - 00005327 _____ C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 23:33 - 2013-10-21 09:10 - 00000000 ____D C:\ProgramData\Oracle
2014-01-18 23:33 - 2011-09-17 21:06 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-18 21:13 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2014-01-18 20:02 - 2011-12-30 20:09 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForSigrid.job
2014-01-18 17:16 - 2011-12-30 20:09 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForSigrid
2014-01-18 17:15 - 2014-01-18 17:15 - 00002177 _____ C:\Users\Sigrid\Desktop\HP Support Assistant.lnk
2014-01-18 17:15 - 2011-05-03 19:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-18 17:15 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2014-01-18 17:11 - 2011-05-03 19:12 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2014-01-18 17:10 - 2011-05-03 18:43 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-18 17:09 - 2014-01-18 17:09 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 17:07 - 2011-05-03 18:43 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2014-01-18 17:06 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2014-01-18 15:42 - 2014-01-18 15:42 - 00090936 _____ C:\Users\Sigrid\Documents\A1 Internetschutz_support_18012014_1541.zip
2014-01-18 15:42 - 2014-01-18 15:42 - 00090647 _____ C:\Users\Sigrid\Desktop\A1 Internetschutz_support_18012014_1542.zip
2014-01-18 15:33 - 2014-01-18 15:33 - 00008438 _____ C:\Users\Sigrid\Desktop\Gmer.txt
2014-01-18 15:19 - 2014-01-18 15:19 - 00370610 _____ C:\Users\Sigrid\Desktop\gmer_2.1.19323.zip
2014-01-18 15:17 - 2014-01-18 15:17 - 02076160 _____ (Farbar) C:\Users\Sigrid\Downloads\FRST64.exe
2014-01-18 15:04 - 2014-01-18 15:04 - 00000474 _____ C:\Users\Sigrid\Desktop\defogger_disable.log
2014-01-18 14:54 - 2014-01-18 14:54 - 00000474 _____ C:\Users\Sigrid\Downloads\defogger_disable.log
2014-01-18 14:47 - 2014-01-18 14:47 - 00050477 _____ C:\Users\Sigrid\Desktop\Defogger.exe
2014-01-18 11:30 - 2014-01-18 11:30 - 00322771 _____ C:\Users\Sigrid\AppData\Local\census.cache
2014-01-18 11:29 - 2014-01-18 11:29 - 00118007 _____ C:\Users\Sigrid\AppData\Local\ars.cache
2014-01-18 11:04 - 2014-01-18 11:04 - 00000036 _____ C:\Users\Sigrid\AppData\Local\housecall.guid.cache
2014-01-18 11:04 - 2014-01-18 11:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Sigrid\Downloads\HousecallLauncher64.exe
2014-01-18 10:33 - 2012-10-13 17:26 - 00002328 _____ C:\Users\Herzogs\Desktop\Google Chrome.lnk
2014-01-17 15:53 - 2011-10-08 00:07 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2014-01-17 15:52 - 2011-10-28 19:15 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-16 22:38 - 2011-09-27 16:28 - 00000432 _____ C:\windows\BRWMARK.INI
2014-01-16 21:12 - 2012-03-27 13:47 - 00002323 _____ C:\Users\Sigrid\Desktop\Google Chrome.lnk
2014-01-16 20:48 - 2009-07-14 05:45 - 00440144 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-16 01:02 - 2011-09-27 16:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 00:59 - 2013-08-16 10:37 - 00000000 ____D C:\windows\system32\MRT
2014-01-16 00:57 - 2011-10-21 17:38 - 86054176 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-15 21:37 - 2011-09-22 19:50 - 00000000 ____D C:\Users\Sigrid\Documents\AA_Marco_Luca
2014-01-14 06:23 - 2014-01-14 06:23 - 00022918 _____ C:\Users\Herzogs\Downloads\Zusammenfassung laufende Buchungen.xlsx
2014-01-13 09:11 - 2014-01-13 09:11 - 00470043 _____ C:\Users\Sigrid\Downloads\Karte von Israel zur Zeit Jesu.zip
2014-01-13 08:19 - 2014-01-13 08:19 - 03381378 _____ C:\Users\Sigrid\Downloads\Israel-Video-small.wmv
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\windows\setuperr.log
2014-01-11 21:08 - 2012-06-25 19:30 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Windows Live
2014-01-02 11:02 - 2011-12-02 06:37 - 00003194 _____ C:\windows\System32\Tasks\HPCeeScheduleForHerzogs
2014-01-02 11:02 - 2011-12-02 06:37 - 00000340 _____ C:\windows\Tasks\HPCeeScheduleForHerzogs.job
2014-01-01 12:41 - 2009-07-14 06:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-12-31 00:23 - 2013-12-31 00:20 - 00000000 ____D C:\586c01a190c1e01a40
2013-12-29 23:43 - 2011-10-06 08:31 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForSIGRID-HP$
2013-12-29 23:43 - 2011-10-06 08:31 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForSIGRID-HP$.job
2013-12-29 22:40 - 2009-07-27 16:04 - 00000000 ____D C:\windows\Panther
2013-12-29 21:31 - 2013-01-29 13:38 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-12-29 21:31 - 2013-01-29 13:37 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-12-29 21:31 - 2011-09-18 21:07 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-29 21:21 - 2013-12-29 21:21 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-29 21:21 - 2013-12-29 21:21 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 21:21 - 2013-12-29 21:21 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 21:21 - 2013-12-29 21:20 - 03571656 _____ (Piriform Ltd) C:\Users\Sigrid\Downloads\ccsetup409_slim.exe
2013-12-29 21:15 - 2013-12-29 21:14 - 00000000 ____D C:\195853154a7dc3fe94fd
2013-12-29 21:13 - 2013-12-29 21:11 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Adobe
2013-12-28 22:31 - 2013-08-02 09:52 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-28 22:30 - 2011-09-17 21:04 - 00000000 ____D C:\Users\Sigrid\AppData\Roaming\vlc
2013-12-25 20:33 - 2011-09-15 21:23 - 00001421 _____ C:\Users\Sigrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 12:03 - 2011-09-16 03:42 - 00000000 ____D C:\windows\rescache
2013-12-25 10:58 - 2011-09-18 23:24 - 00001421 _____ C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 10:54 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-12-24 14:15 - 2013-12-24 14:15 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2013-12-23 20:32 - 2013-12-23 20:32 - 04558848 _____ (Google Inc.) C:\windows\SysWOW64\GPhotos.scr

Some content of TEMP:
====================
C:\Users\Sigrid\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 09:41

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Alt 21.01.2014, 10:57   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.01.2014, 23:53   #11
sima
 
Schreiben im Internet unmöglich - Unglücklich

Schreiben im Internet unmöglich



Hier die gewünschten files

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=da96f09af1214d438a29253fb75e1f2a
# engine=16739
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-21 08:25:12
# local_time=2014-01-21 09:25:12 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 20255 141965762 0 0
# scanned=23325
# found=0
# cleaned=0
# scan_time=1072
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=da96f09af1214d438a29253fb75e1f2a
# engine=16739
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-21 10:31:21
# local_time=2014-01-21 11:31:21 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 31424 141973331 0 0
# scanned=219545
# found=0
# cleaned=0
# scan_time=7509
         
und

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
A1 Internetschutz   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.4001)   
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 51  
 Adobe Flash Player 11.9.900.170  
 Google Chrome 31.0.1650.63  
 Google Chrome 32.0.1700.76  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
und


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Sigrid (administrator) on SIGRID-HP on 21-01-2014 23:43:56
Running from C:\Users\Sigrid\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IKARUS Security Software GmbH) C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MfeEpePcMonitor] - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1424896 2012-11-14] (IDT, Inc.)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2996792 2011-07-15] (Hewlett-Packard Company)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-19] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-19] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IKARUS-GuardX] - C:\Program Files (x86)\A1 Internetschutz\bin\guardxkickoff_x64.exe [5016824 2011-11-07] (IKARUS Security Software GmbH)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-27] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKCU\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKCU\...\Run: [HP Photosmart 5510 series (NET) #2] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\Herzogs\...\Run: [OM_Monitor] - C:\Program Files (x86)\OLYMPUS\OLYMPUS Master\Monitor.exe
HKU\Herzogs\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\Herzogs\...\Run: [Google Update] - C:\Users\Herzogs\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-28] (Google Inc.)
HKU\Herzogs\...\Run: [Exetender] - "C:\Program Files (x86)\FantastiGames\GPlayer.exe" /runonstartup
HKU\Herzogs\...\Run: [KiesHelper] - C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
HKU\Herzogs\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
HKU\Herzogs\...\Run: [HP Photosmart 5510 series (NET) #2] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2672488 2011-05-25] (Hewlett-Packard Co.)
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default
FF Homepage: hxxp://www.arccosine.com/
FF NetworkProxy: "autoconfig_url", "hxxp://internetschutz.aon.at/webschutz/webschutz.pac"
FF NetworkProxy: "type", 2
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Adblock Plus - C:\Users\Sigrid\AppData\Roaming\Mozilla\Firefox\Profiles\nawjmtdv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-06]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-03-09]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []

Chrome: 
=======
CHR HomePage: hxxp://www.google.at/
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (Google Update) - C:\Users\Sigrid\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\foffipojfhllopobhnlcejcmhjhdgapl [2013-03-19]
CHR Extension: (Google Wallet) - C:\Users\Sigrid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR StartMenuInternet: Google Chrome - C:\Users\Sigrid\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-19] (Qualcomm Atheros Commnucations)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company)
R2 GuardX; C:\Program Files (x86)\A1 Internetschutz\bin\guardxservice.exe [1531280 2011-11-07] (IKARUS Security Software GmbH)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-19] (Atheros)
S2 SelfUpdateService; "C:\Program Files (x86)\Freetec\SystemStore\SelfUpdate.exe"  -displayname "Self Update Service" -servicename "SelfUpdateService" [x]

==================== Drivers (Whitelisted) ====================

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-19] (Qualcomm Atheros)
S1 cdrbsdrv; C:\Windows\SysWow64\Drivers\cdrbsdrv.sys [32256 2005-05-10] (B.H.A Corporation)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 NTGUARD; C:\Program Files (x86)\A1 Internetschutz\bin\ntguard_x64.sys [36816 2011-11-07] (IKARUS Security Software GmbH)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
S3 ssceserd; C:\Windows\System32\DRIVERS\ssceserd.sys [129024 2010-12-21] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-21 21:25 - 2014-01-21 21:25 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (3).exe
2014-01-21 21:03 - 2014-01-21 21:03 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (2).exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Downloads\SecurityCheck.exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Desktop\SecurityCheck.exe
2014-01-21 16:18 - 2014-01-21 16:18 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (1).exe
2014-01-21 15:54 - 2014-01-21 15:55 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu.exe
2014-01-20 23:41 - 2014-01-20 23:41 - 00000000 ____D C:\Users\Sigrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-20 18:14 - 2014-01-20 18:14 - 00002904 _____ C:\Users\Sigrid\Desktop\JRT.txt
2014-01-20 18:09 - 2014-01-20 18:09 - 00000000 ____D C:\windows\ERUNT
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Downloads\JRT.exe
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Desktop\JRT.exe
2014-01-20 17:52 - 2014-01-20 18:00 - 00000000 ____D C:\AdwCleaner
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Downloads\adwcleaner.exe
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Desktop\adwcleaner.exe
2014-01-20 15:19 - 2014-01-21 23:43 - 00000000 ____D C:\Users\Sigrid\Desktop\FRST-OlderVersion
2014-01-19 16:17 - 2014-01-19 16:17 - 00029562 _____ C:\Users\Sigrid\Desktop\ComboFix.txt
2014-01-19 16:04 - 2014-01-19 16:04 - 00000546 _____ C:\windows\PFRO.log
2014-01-19 15:51 - 2014-01-19 16:17 - 00000000 ____D C:\Qoobox
2014-01-19 15:51 - 2011-06-26 07:45 - 00256000 _____ C:\windows\PEV.exe
2014-01-19 15:51 - 2010-11-07 18:20 - 00208896 _____ C:\windows\MBR.exe
2014-01-19 15:51 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00098816 _____ C:\windows\sed.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00080412 _____ C:\windows\grep.exe
2014-01-19 15:51 - 2000-08-31 01:00 - 00068096 _____ C:\windows\zip.exe
2014-01-19 15:45 - 2014-01-19 15:45 - 05167985 ____R (Swearware) C:\Users\Sigrid\Desktop\ComboFix.exe
2014-01-19 15:44 - 2014-01-19 15:45 - 05167985 _____ (Swearware) C:\Users\Sigrid\Downloads\ComboFix.exe
2014-01-19 09:11 - 2014-01-19 09:12 - 00033941 _____ C:\Users\Sigrid\Desktop\Addition.txt
2014-01-19 09:09 - 2014-01-21 23:43 - 00020222 _____ C:\Users\Sigrid\Desktop\FRST.txt
2014-01-19 09:08 - 2014-01-21 23:43 - 00000000 ____D C:\FRST
2014-01-18 23:33 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 23:33 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-01-18 23:33 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-01-18 23:33 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-01-18 23:32 - 2014-01-18 23:33 - 00005327 _____ C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 17:15 - 2014-01-18 17:15 - 00002177 _____ C:\Users\Sigrid\Desktop\HP Support Assistant.lnk
2014-01-18 17:09 - 2014-01-18 17:09 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 15:42 - 2014-01-18 15:42 - 00090936 _____ C:\Users\Sigrid\Documents\A1 Internetschutz_support_18012014_1541.zip
2014-01-18 15:42 - 2014-01-18 15:42 - 00090647 _____ C:\Users\Sigrid\Desktop\A1 Internetschutz_support_18012014_1542.zip
2014-01-18 15:33 - 2014-01-18 15:33 - 00008438 _____ C:\Users\Sigrid\Desktop\Gmer.txt
2014-01-18 15:19 - 2014-01-18 15:19 - 00370610 _____ C:\Users\Sigrid\Desktop\gmer_2.1.19323.zip
2014-01-18 15:17 - 2014-01-18 15:17 - 02076160 _____ (Farbar) C:\Users\Sigrid\Downloads\FRST64.exe
2014-01-18 15:12 - 2014-01-21 23:43 - 02077184 _____ (Farbar) C:\Users\Sigrid\Desktop\FRST64.exe
2014-01-18 15:04 - 2014-01-18 15:04 - 00000474 _____ C:\Users\Sigrid\Desktop\defogger_disable.log
2014-01-18 14:54 - 2014-01-18 14:54 - 00000474 _____ C:\Users\Sigrid\Downloads\defogger_disable.log
2014-01-18 14:47 - 2014-01-18 14:47 - 00050477 _____ C:\Users\Sigrid\Desktop\Defogger.exe
2014-01-18 11:30 - 2014-01-18 11:30 - 00322771 _____ C:\Users\Sigrid\AppData\Local\census.cache
2014-01-18 11:29 - 2014-01-18 11:29 - 00118007 _____ C:\Users\Sigrid\AppData\Local\ars.cache
2014-01-18 11:04 - 2014-01-18 11:04 - 00000036 _____ C:\Users\Sigrid\AppData\Local\housecall.guid.cache
2014-01-18 11:03 - 2014-01-18 11:04 - 02405664 _____ (Trend Micro Inc.) C:\Users\Sigrid\Downloads\HousecallLauncher64.exe
2014-01-15 14:08 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 14:08 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 14:08 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 14:08 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-14 06:23 - 2014-01-14 06:23 - 00022918 _____ C:\Users\Herzogs\Downloads\Zusammenfassung laufende Buchungen.xlsx
2014-01-13 09:11 - 2014-01-13 09:11 - 00470043 _____ C:\Users\Sigrid\Downloads\Karte von Israel zur Zeit Jesu.zip
2014-01-13 08:19 - 2014-01-13 08:19 - 03381378 _____ C:\Users\Sigrid\Downloads\Israel-Video-small.wmv
2014-01-12 01:00 - 2014-01-21 15:40 - 00001120 _____ C:\windows\setupact.log
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\windows\setuperr.log
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\windows\SysWOW64\GPhotos.scr
2013-12-31 00:20 - 2013-12-31 00:23 - 00000000 ____D C:\586c01a190c1e01a40
2013-12-29 21:21 - 2013-12-29 21:21 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-29 21:21 - 2013-12-29 21:21 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 21:21 - 2013-12-29 21:21 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 21:20 - 2013-12-29 21:21 - 03571656 _____ (Piriform Ltd) C:\Users\Sigrid\Downloads\ccsetup409_slim.exe
2013-12-29 21:14 - 2013-12-29 21:15 - 00000000 ____D C:\195853154a7dc3fe94fd
2013-12-29 21:11 - 2013-12-29 21:13 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Adobe
2013-12-27 09:01 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-12-27 09:01 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-12-27 09:01 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-12-27 09:01 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-12-27 09:01 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-12-27 09:01 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-12-27 09:01 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-12-27 09:01 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-12-27 09:01 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-12-27 09:01 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-12-27 09:01 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-12-27 09:01 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-12-27 09:01 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-12-27 09:01 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-12-27 09:01 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-12-27 09:01 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-12-27 09:01 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-12-27 09:01 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-12-27 09:01 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-12-27 09:01 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2013-12-27 09:01 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-12-27 09:01 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-12-27 09:01 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-12-27 09:01 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2013-12-27 09:01 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-12-27 09:01 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-12-27 09:01 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-12-27 09:01 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-12-27 09:01 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2013-12-27 09:01 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-12-27 09:01 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-12-24 14:18 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2013-12-24 14:15 - 2013-12-24 14:15 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe

==================== One Month Modified Files and Folders =======

2014-01-21 23:44 - 2014-01-19 09:09 - 00020222 _____ C:\Users\Sigrid\Desktop\FRST.txt
2014-01-21 23:43 - 2014-01-20 15:19 - 00000000 ____D C:\Users\Sigrid\Desktop\FRST-OlderVersion
2014-01-21 23:43 - 2014-01-19 09:08 - 00000000 ____D C:\FRST
2014-01-21 23:43 - 2014-01-18 15:12 - 02077184 _____ (Farbar) C:\Users\Sigrid\Desktop\FRST64.exe
2014-01-21 23:30 - 2013-01-29 13:38 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-21 23:10 - 2012-03-28 05:59 - 00001128 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002UA.job
2014-01-21 23:08 - 2012-11-30 17:57 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001UA.job
2014-01-21 22:10 - 2012-03-28 05:59 - 00001076 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1002Core.job
2014-01-21 22:08 - 2012-11-30 17:57 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4157386011-1825002390-482303840-1001Core.job
2014-01-21 21:25 - 2014-01-21 21:25 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (3).exe
2014-01-21 21:03 - 2014-01-21 21:03 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (2).exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Downloads\SecurityCheck.exe
2014-01-21 19:37 - 2014-01-21 19:37 - 00987425 _____ C:\Users\Sigrid\Desktop\SecurityCheck.exe
2014-01-21 19:32 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 19:32 - 2009-07-14 05:45 - 00020944 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-21 16:18 - 2014-01-21 16:18 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu (1).exe
2014-01-21 15:55 - 2014-01-21 15:54 - 02347384 _____ (ESET) C:\Users\Sigrid\Downloads\esetsmartinstaller_enu.exe
2014-01-21 15:53 - 2011-05-03 19:08 - 00705108 _____ C:\windows\system32\perfh007.dat
2014-01-21 15:53 - 2011-05-03 19:08 - 00151476 _____ C:\windows\system32\perfc007.dat
2014-01-21 15:53 - 2009-07-14 06:13 - 01629372 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-21 15:47 - 2011-12-17 09:44 - 01783748 _____ C:\windows\WindowsUpdate.log
2014-01-21 15:40 - 2014-01-12 01:00 - 00001120 _____ C:\windows\setupact.log
2014-01-21 15:40 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-20 23:41 - 2014-01-20 23:41 - 00000000 ____D C:\Users\Sigrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-20 22:25 - 2013-01-23 22:23 - 00000000 ____D C:\Users\Sigrid\Documents\AA_Firmung
2014-01-20 18:14 - 2014-01-20 18:14 - 00002904 _____ C:\Users\Sigrid\Desktop\JRT.txt
2014-01-20 18:09 - 2014-01-20 18:09 - 00000000 ____D C:\windows\ERUNT
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Downloads\JRT.exe
2014-01-20 18:08 - 2014-01-20 18:08 - 01037068 _____ (Thisisu) C:\Users\Sigrid\Desktop\JRT.exe
2014-01-20 18:00 - 2014-01-20 17:52 - 00000000 ____D C:\AdwCleaner
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Downloads\adwcleaner.exe
2014-01-20 17:51 - 2014-01-20 17:51 - 01236282 _____ C:\Users\Sigrid\Desktop\adwcleaner.exe
2014-01-19 16:29 - 2012-10-28 22:25 - 00000000 ____D C:\Users\Sigrid\Desktop\Allerheiligen
2014-01-19 16:26 - 2011-05-03 18:49 - 01653526 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2014-01-19 16:17 - 2014-01-19 16:17 - 00029562 _____ C:\Users\Sigrid\Desktop\ComboFix.txt
2014-01-19 16:17 - 2014-01-19 15:51 - 00000000 ____D C:\Qoobox
2014-01-19 16:14 - 2011-09-18 23:24 - 00000000 ___RD C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 16:06 - 2009-07-14 03:34 - 00000252 _____ C:\windows\system.ini
2014-01-19 16:04 - 2014-01-19 16:04 - 00000546 _____ C:\windows\PFRO.log
2014-01-19 16:04 - 2009-07-14 03:34 - 96206848 _____ C:\windows\system32\config\SOFTWARE.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 24117248 _____ C:\windows\system32\config\SYSTEM.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00737280 _____ C:\windows\system32\config\DEFAULT.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00106496 _____ C:\windows\system32\config\SAM.bak
2014-01-19 16:04 - 2009-07-14 03:34 - 00024576 _____ C:\windows\system32\config\SECURITY.bak
2014-01-19 16:03 - 2013-02-11 10:46 - 00000000 ____D C:\windows\erdnt
2014-01-19 15:45 - 2014-01-19 15:45 - 05167985 ____R (Swearware) C:\Users\Sigrid\Desktop\ComboFix.exe
2014-01-19 15:45 - 2014-01-19 15:44 - 05167985 _____ (Swearware) C:\Users\Sigrid\Downloads\ComboFix.exe
2014-01-19 09:12 - 2014-01-19 09:11 - 00033941 _____ C:\Users\Sigrid\Desktop\Addition.txt
2014-01-18 23:33 - 2014-01-18 23:32 - 00005327 _____ C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 23:33 - 2013-10-21 09:10 - 00000000 ____D C:\ProgramData\Oracle
2014-01-18 23:33 - 2011-09-17 21:06 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-18 21:13 - 2009-07-14 04:20 - 00000000 ____D C:\windows\system32\NDF
2014-01-18 20:02 - 2011-12-30 20:09 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForSigrid.job
2014-01-18 17:16 - 2011-12-30 20:09 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForSigrid
2014-01-18 17:15 - 2014-01-18 17:15 - 00002177 _____ C:\Users\Sigrid\Desktop\HP Support Assistant.lnk
2014-01-18 17:15 - 2011-05-03 19:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-18 17:15 - 2009-07-14 04:20 - 00000000 ____D C:\windows\Help
2014-01-18 17:11 - 2011-05-03 19:12 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2014-01-18 17:10 - 2011-05-03 18:43 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-18 17:09 - 2014-01-18 17:09 - 00000000 ____D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-18 17:07 - 2011-05-03 18:43 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2014-01-18 17:06 - 2011-02-02 21:42 - 00000000 ____D C:\swsetup
2014-01-18 15:42 - 2014-01-18 15:42 - 00090936 _____ C:\Users\Sigrid\Documents\A1 Internetschutz_support_18012014_1541.zip
2014-01-18 15:42 - 2014-01-18 15:42 - 00090647 _____ C:\Users\Sigrid\Desktop\A1 Internetschutz_support_18012014_1542.zip
2014-01-18 15:33 - 2014-01-18 15:33 - 00008438 _____ C:\Users\Sigrid\Desktop\Gmer.txt
2014-01-18 15:19 - 2014-01-18 15:19 - 00370610 _____ C:\Users\Sigrid\Desktop\gmer_2.1.19323.zip
2014-01-18 15:17 - 2014-01-18 15:17 - 02076160 _____ (Farbar) C:\Users\Sigrid\Downloads\FRST64.exe
2014-01-18 15:04 - 2014-01-18 15:04 - 00000474 _____ C:\Users\Sigrid\Desktop\defogger_disable.log
2014-01-18 14:54 - 2014-01-18 14:54 - 00000474 _____ C:\Users\Sigrid\Downloads\defogger_disable.log
2014-01-18 14:47 - 2014-01-18 14:47 - 00050477 _____ C:\Users\Sigrid\Desktop\Defogger.exe
2014-01-18 11:30 - 2014-01-18 11:30 - 00322771 _____ C:\Users\Sigrid\AppData\Local\census.cache
2014-01-18 11:29 - 2014-01-18 11:29 - 00118007 _____ C:\Users\Sigrid\AppData\Local\ars.cache
2014-01-18 11:04 - 2014-01-18 11:04 - 00000036 _____ C:\Users\Sigrid\AppData\Local\housecall.guid.cache
2014-01-18 11:04 - 2014-01-18 11:03 - 02405664 _____ (Trend Micro Inc.) C:\Users\Sigrid\Downloads\HousecallLauncher64.exe
2014-01-18 10:33 - 2012-10-13 17:26 - 00002328 _____ C:\Users\Herzogs\Desktop\Google Chrome.lnk
2014-01-17 15:53 - 2011-10-08 00:07 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2014-01-17 15:52 - 2011-10-28 19:15 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-16 22:38 - 2011-09-27 16:28 - 00000432 _____ C:\windows\BRWMARK.INI
2014-01-16 20:48 - 2009-07-14 05:45 - 00440144 _____ C:\windows\system32\FNTCACHE.DAT
2014-01-16 01:02 - 2011-09-27 16:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 00:59 - 2013-08-16 10:37 - 00000000 ____D C:\windows\system32\MRT
2014-01-16 00:57 - 2011-10-21 17:38 - 86054176 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-15 21:37 - 2011-09-22 19:50 - 00000000 ____D C:\Users\Sigrid\Documents\AA_Marco_Luca
2014-01-14 06:23 - 2014-01-14 06:23 - 00022918 _____ C:\Users\Herzogs\Downloads\Zusammenfassung laufende Buchungen.xlsx
2014-01-13 09:11 - 2014-01-13 09:11 - 00470043 _____ C:\Users\Sigrid\Downloads\Karte von Israel zur Zeit Jesu.zip
2014-01-13 08:19 - 2014-01-13 08:19 - 03381378 _____ C:\Users\Sigrid\Downloads\Israel-Video-small.wmv
2014-01-12 01:00 - 2014-01-12 01:00 - 00000000 _____ C:\windows\setuperr.log
2014-01-11 21:08 - 2012-06-25 19:30 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Windows Live
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\windows\SysWOW64\GPhotos.scr
2014-01-02 11:02 - 2011-12-02 06:37 - 00003194 _____ C:\windows\System32\Tasks\HPCeeScheduleForHerzogs
2014-01-02 11:02 - 2011-12-02 06:37 - 00000340 _____ C:\windows\Tasks\HPCeeScheduleForHerzogs.job
2014-01-01 12:41 - 2009-07-14 06:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-12-31 00:23 - 2013-12-31 00:20 - 00000000 ____D C:\586c01a190c1e01a40
2013-12-29 23:43 - 2011-10-06 08:31 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForSIGRID-HP$
2013-12-29 23:43 - 2011-10-06 08:31 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForSIGRID-HP$.job
2013-12-29 22:40 - 2009-07-27 16:04 - 00000000 ____D C:\windows\Panther
2013-12-29 21:31 - 2013-01-29 13:38 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-12-29 21:31 - 2013-01-29 13:37 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-12-29 21:31 - 2011-09-18 21:07 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-29 21:21 - 2013-12-29 21:21 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2013-12-29 21:21 - 2013-12-29 21:21 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 21:21 - 2013-12-29 21:21 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 21:21 - 2013-12-29 21:20 - 03571656 _____ (Piriform Ltd) C:\Users\Sigrid\Downloads\ccsetup409_slim.exe
2013-12-29 21:15 - 2013-12-29 21:14 - 00000000 ____D C:\195853154a7dc3fe94fd
2013-12-29 21:13 - 2013-12-29 21:11 - 00000000 ____D C:\Users\Sigrid\AppData\Local\Adobe
2013-12-28 22:31 - 2013-08-02 09:52 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-28 22:30 - 2011-09-17 21:04 - 00000000 ____D C:\Users\Sigrid\AppData\Roaming\vlc
2013-12-25 20:33 - 2011-09-15 21:23 - 00001421 _____ C:\Users\Sigrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 12:03 - 2011-09-16 03:42 - 00000000 ____D C:\windows\rescache
2013-12-25 10:58 - 2011-09-18 23:24 - 00001421 _____ C:\Users\Herzogs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 10:54 - 2009-07-14 04:20 - 00000000 ____D C:\windows\PolicyDefinitions
2013-12-24 14:15 - 2013-12-24 14:15 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-12-24 14:15 - 2013-12-24 14:15 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2013-12-24 14:15 - 2013-12-24 14:15 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2013-12-24 14:15 - 2013-12-24 14:15 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2013-12-24 14:15 - 2013-12-24 14:15 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-12-24 14:15 - 2013-12-24 14:15 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe

Some content of TEMP:
====================
C:\Users\Sigrid\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 09:41

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Problem besteht nach wie vor.....

muss wohl irgendwo in den interneteinstellungen oder so liegen, bin echt ratlos.
Hilft es, wenn ich Internet neu aufsetze?


Ich habe seit monaten beim starten des laptops immer einen Btvstrack.exe-fehler...was ist das und kann das ev. mit meinem problem zusammenhängen?

Alt 22.01.2014, 16:23   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Zitat:
Ich habe seit monaten beim starten des laptops immer einen Btvstrack.exe-fehler...was ist das und kann das ev. mit meinem problem zusammenhängen?
Davbon hätte ich gerne einen Screenshot.

Das mit dem Schreiben im Browser:
in jedem browser oder nur in einem?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.01.2014, 21:16   #13
sima
 
Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Hallo,

bei Google Chrome ist das Problem bei beiden Benutzerprofilen, der IE geht tadellos bei einem Benutzerprofil (ging vorher nicht), nicht aber beim Administratorprofil, da komme ich nicht mal rein.

Bei Google-Chrome habe ich auch schon ein neues Browser-Nutzerprofil erstellt - ohne Wirkung.
Wahrscheinlich muss ich es deinstallieren, oder? Aber warum geht dann IE beim Administrator nicht?

Screenshot kommt gleich noch:

Alt 24.01.2014, 14:24   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.


Setze folgendermassen den Internet Explorer zurück:
  • Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
  • Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
  • Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.
(Hier findest du die bebilderte Anleitung.)
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.01.2014, 11:03   #15
sima
 
Schreiben im Internet unmöglich - Standard

Schreiben im Internet unmöglich



Habe Chrome deinstalliert und IE zurückgesetzt.
Dann Chrome neu installiert .... war hier wieder das gleiche Problem. Habs gleich wieder deinstalliert.
Jetzt browse ich mit IE und es geht - nur ist er mir bis jetzt drei mal abgestürzt.

Screenshot von meinem BTVstack-Problem hab ich angehängt - einfügen ging irgendwie nicht. Ich hoffe, es passt trotzdem.

Soll ich eigentlich alle installierten Programme unserer sessions wieder deinstallieren?

gruß
sigrid
Angehängte Grafiken
Dateityp: jpg Unbenannt.jpg (53,4 KB, 107x aufgerufen)

Antwort

Themen zu Schreiben im Internet unmöglich
4d36e972-e325-11ce-bfc1-08002be10318, autostart, browser, dateien, e-mail, einstellung, explorer, google, harddisk, hp probook, internet, laptop, logfile, malwarebytes, ntdll.dll, ntoskrnl.exe, problem, registry, schutz, seite, spoolsv.exe, svchost.exe, system32, tastatur, temp, tunnel, update, virus, windows



Ähnliche Themen: Schreiben im Internet unmöglich


  1. unmöglich im Internet zu arbeiten! Ständig Popups und ads...drehe noch durch
    Plagegeister aller Art und deren Bekämpfung - 06.09.2015 (18)
  2. Telekom Schreiben Trojaner Warnung
    Plagegeister aller Art und deren Bekämpfung - 28.05.2015 (27)
  3. Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.
    Log-Analyse und Auswertung - 22.04.2015 (5)
  4. Eingabeverzögerung beim Schreiben mit der Laptoptastatur
    Log-Analyse und Auswertung - 09.10.2014 (5)
  5. Telekom Schreiben
    Plagegeister aller Art und deren Bekämpfung - 22.02.2014 (9)
  6. Werbe-Popupfenster machen "surfen" im Internet unmöglich
    Plagegeister aller Art und deren Bekämpfung - 19.08.2013 (9)
  7. Hohe Systemauslastung durh Avp.exe und services.exe; Internet-Zugang sehr langsam bis unmöglich
    Plagegeister aller Art und deren Bekämpfung - 11.02.2013 (15)
  8. Verschlüsselungstrojaner von Schreiben.zip -Flirt Fever
    Plagegeister aller Art und deren Bekämpfung - 12.06.2012 (2)
  9. Ich kann nicht schreiben.
    Plagegeister aller Art und deren Bekämpfung - 18.04.2011 (1)
  10. Java/DLdr.Agent macht Internet Zugang unmöglich
    Plagegeister aller Art und deren Bekämpfung - 16.11.2010 (4)
  11. Trojaner selber schreiben
    Mülltonne - 08.11.2009 (2)
  12. Prblem mit Tastaur beim Schreiben.
    Plagegeister aller Art und deren Bekämpfung - 19.08.2009 (1)
  13. Delphi in Registry schreiben
    Alles rund um Windows - 21.12.2008 (0)
  14. Cookie schreiben??
    Mülltonne - 23.05.2008 (1)
  15. PC-/Prog.-Start und schreiben ist langsamer
    Antiviren-, Firewall- und andere Schutzprogramme - 29.01.2006 (2)

Zum Thema Schreiben im Internet unmöglich - Hallo, ich habe folgendes Problem: Meine Tastatur funktioniert einwandfrei, kann überall (word, e-mail, picasa,...) damit arbeiten, doch sobald ich über meinen Browser ins Internet gehe (google chrome), geht fast gar - Schreiben im Internet unmöglich...
Archiv
Du betrachtest: Schreiben im Internet unmöglich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.