Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Internet funktioniert nur noch sporadisch

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 21.07.2014, 14:11   #1
Workman
 
Internet funktioniert nur noch sporadisch - Standard

Internet funktioniert nur noch sporadisch



Mein internet funktioniert nur noch sporadisch auf dem Rechner, obewohl ein anderer Rechner ohne PRobleme ins Internet gehen kann.

hier Die Log Files:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014
Ran by geiser at 2014-07-21 13:02:58
Running from C:\Users\geiser\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Symantec Endpoint Protection (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
AS: Symantec Endpoint Protection (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Symantec Endpoint Protection (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Anviz Zeiter fassungs system (HKLM-x32\...\Anviz Zeiter fassungs system) (Version:  - )
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.2106 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3703 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.1.3703 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.3207 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.3.3207 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2531 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2531 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.2627 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.1.2627 - CyberLink Corp.) Hidden
CyberLink Webcam Sharing Manager 4 (HKLM-x32\...\InstallShield_{296F7F3B-C75A-45e9-AD22-CC19DF86E9D3}) (Version: 4.2.1.1419 - CyberLink Corp.)
CyberLink Webcam Sharing Manager 4 (x32 Version: 4.2.1.1419 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.3801 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 4.2.1.3801 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DELISprint (HKLM-x32\...\{9480CCD5-BB18-4DF3-AB18-04198B30DD62}) (Version: 5.6.6.0 - DPD)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.4.1 (HKLM-x32\...\{A5F7DF42-F67D-11E3-B7EB-00163E98E7D6}) (Version: 5.4.1.3962 - Evernote Corp.)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{84663FDA-1374-4048-9869-DD4A8784785A}) (Version: 6.0.16.1 - Hewlett-Packard Company)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.1.1714 - Hewlett-Packard Company)
HP Client Security Manager (Version: 8.3.1.1714 - Hewlett-Packard Company) Hidden
HP Connection Manager (HKLM-x32\...\{79B0E32B-3B78-4EAD-B4DC-CF7BB05214AA}) (Version: 4.6.16.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Device Access Manager (HKLM\...\{274A948D-DD41-4B8F-B66F-0F4AD233200F}) (Version: 8.0.0.4 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{F3F74675-3700-4C55-A9AC-924D4E36DC40}) (Version: 1.1.2.0 - Hewlett-Packard)
HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.6.4.82 - Hewlett-Packard Company)
HP Drive Encryption (Version: 8.6.4.82 - Hewlett-Packard Company) Hidden
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{D562B3BB-4405-4FA8-BCE2-D5DB89E8D5CE}) (Version: 2.2.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 8.1.1.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10220 - Realtek Semiconductor Corp.)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 5.0.12.1 - Hewlett-Packard Company)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{3F728815-C7E8-40EA-8D1A-F7B8E2382325}) (Version: 3.4.10.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}) (Version: 8.5.4.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 8.0.0.6 - Hewlett-Packard Company)
HP Theft Recovery (x32 Version: 8.0.0.6 - Hewlett-Packard Company) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6496.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
LogMeIn (HKLM-x32\...\{F8511796-1457-4A92-BEF7-71080FCF297A}) (Version: 4.1.4132 - LogMeIn, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4623.1003 - Microsoft Corporation)
Microsoft Office Outlook 2003 (HKLM-x32\...\{90E00407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.33 - PDF Complete, Inc)
phonostar-Player Version 3.03.1 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{9041BE08-21DA-4916-EC0B-9375C5B624D9}) (Version: 11.0.737.1 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.21.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.68.201.2013 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.7 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Symantec Endpoint Protection (HKLM\...\{E87C0024-225D-47FC-A05D-97E4DC4C3D4C}) (Version: 12.1.4100.4126 - Symantec Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VSDC Free Video Editor Version 2.0.1.56 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 2.0.1.56 - Flash-Integro LLC)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
XMind 2013 (v3.4.0) (HKLM-x32\...\XMind_is1) (Version: 3.4.0.201311050558 - XMind Ltd.)

==================== Restore Points  =========================

28-06-2014 10:03:50 Windows Update
01-07-2014 10:32:21 Windows Update
04-07-2014 11:19:00 Windows Update
08-07-2014 00:52:39 Windows Update
08-07-2014 07:59:44 Installiert Symantec Endpoint Protection.
10-07-2014 08:31:21 Windows Update
11-07-2014 21:36:12 Windows Update
16-07-2014 06:14:58 Windows Update
21-07-2014 07:22:05 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B1ABADB-51A6-4D50-8CAE-0E06D4EC5901} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {121087AA-7156-42B3-AC59-85231FCCB8B0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {250CB331-E2AA-45CB-B679-92CA4CEA3F08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)
Task: {2AAB3E50-E3A6-40E0-BB21-A963FC95A158} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9A3EA4FF-426F-4347-AE36-4A0BC6E0D7A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A0754C8C-39E1-4F7D-A129-EA07A66D2880} - System32\Tasks\HPCeeScheduleForgeiser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {AA92F458-CEAC-4929-AE2F-D9E3AD09845B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {F376E33D-34C7-47EA-B750-F0FDC1855F8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForgeiser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-05-22 14:21 - 2013-05-22 14:21 - 00299832 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2010-01-22 12:02 - 2010-01-22 12:02 - 00027648 _____ () C:\Windows\System32\sdf2ml6.dll
2014-03-19 20:08 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-01-10 22:35 - 2013-01-10 22:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-01-10 22:30 - 2013-01-10 22:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2013-03-06 23:38 - 2013-03-06 23:38 - 03020504 _____ () c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2013-01-10 20:25 - 2013-01-10 20:25 - 00364544 _____ () C:\Windows\system32\BsExtendFunc.dll
2012-12-12 12:38 - 2012-12-12 12:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-28 06:50 - 2013-04-25 17:23 - 00042496 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-23 00:05 - 2013-02-23 00:05 - 00387936 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 19:53 - 2011-07-05 19:53 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-02-01 02:04 - 2013-02-01 02:04 - 00080120 _____ () C:\Windows\system32\BsProfilefunc.dll
2014-06-17 18:10 - 2014-06-17 18:10 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-06-17 18:10 - 2014-06-17 18:10 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-01-26 09:28 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-02-14 10:38 - 2014-02-14 10:38 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\4533aebe1623540dda1d6f329ab59c25\IsdiInterop.ni.dll
2013-04-28 09:07 - 2012-02-02 02:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-18 19:42 - 2012-10-22 10:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-06-05 12:35 - 2013-06-05 12:35 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-06-20 06:08 - 2014-06-20 06:08 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Symantec Eraser Control driver
Description: Symantec Eraser Control driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: eeCtrl
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2014 11:49:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/21/2014 11:47:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/21/2014 11:43:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/21/2014 10:53:39 AM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Tracking Cookies in Datei: Cookie:geiser@track.adform.net/ von: Manuelle-Scan.  Aktion: Löschen erfolgreich.  Beschreibung der Aktion: Die Datei wurde erfolgreich gelöscht.

Error: (07/21/2014 10:12:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DPAgent.exe, Version: 6.0.0.2935, Zeitstempel: 0x524dc5b6
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0202a828
ID des fehlerhaften Prozesses: 0x1698
Startzeit der fehlerhaften Anwendung: 0xDPAgent.exe0
Pfad der fehlerhaften Anwendung: DPAgent.exe1
Pfad des fehlerhaften Moduls: DPAgent.exe2
Berichtskennung: DPAgent.exe3

Error: (07/21/2014 09:08:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DPAgent.exe, Version: 6.0.0.2935, Zeitstempel: 0x524dc5b6
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00f1b268
ID des fehlerhaften Prozesses: 0x162c
Startzeit der fehlerhaften Anwendung: 0xDPAgent.exe0
Pfad der fehlerhaften Anwendung: DPAgent.exe1
Pfad des fehlerhaften Moduls: DPAgent.exe2
Berichtskennung: DPAgent.exe3

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: System call failed: WinUsb_ResetPipe: 2.

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: System call failed: WinUsb_ResetPipe: 2.

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: System call failed: WinUsb_ResetPipe: 2.

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: System call failed: WinUsb_ResetPipe: 2.


System errors:
=============
Error: (07/21/2014 10:12:13 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (07/21/2014 10:11:53 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/21/2014 10:11:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Validity VCS Fingerprint Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/21/2014 10:11:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
eeCtrl

Error: (07/21/2014 10:10:00 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎21.‎07.‎2014 um 10:07:55 unerwartet heruntergefahren.

Error: (07/21/2014 09:09:08 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (07/21/2014 09:08:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/21/2014 09:08:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
eeCtrl

Error: (07/21/2014 09:02:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.179.381.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (07/18/2014 00:49:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst UNS erreicht.


Microsoft Office Sessions:
=========================
Error: (07/21/2014 11:49:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\phonostar-player\phonostar.exe

Error: (07/21/2014 11:47:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe

Error: (07/21/2014 11:43:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsSMSEditor.exe

Error: (07/21/2014 10:53:39 AM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Tracking Cookies in Datei: Cookie:geiser@track.adform.net/ von: Manuelle-Scan.  Aktion: Löschen erfolgreich.  Beschreibung der Aktion: Die Datei wurde erfolgreich gelöscht.

Error: (07/21/2014 10:12:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DPAgent.exe6.0.0.2935524dc5b6unknown0.0.0.000000000c00000050202a828169801cfa4bb655e93cdC:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exeunknownb34b96b5-10ae-11e4-adad-3c77e63eb29c

Error: (07/21/2014 09:08:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DPAgent.exe6.0.0.2935524dc5b6unknown0.0.0.000000000c000000500f1b268162c01cfa4b28f68ad7aC:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exeunknownda3b7f7d-10a5-11e4-b994-3c77e63eb29c

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: WinUsb_ResetPipe: 2

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: WinUsb_ResetPipe: 2

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: WinUsb_ResetPipe: 2

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: WinUsb_ResetPipe: 2


==================== Memory info =========================== 

Percentage of memory in use: 53%
Total physical RAM: 3944.58 MB
Available physical RAM: 1844.83 MB
Total Pagefile: 7887.34 MB
Available Pagefile: 5517.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:452.12 GB) (Free:339.78 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.54 GB) (Free:0.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
Drive g: (Paca präsentiert SL) (CDROM) (Total:0.25 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 969B4A2B)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 MB) - (Type=0B)

==================== End Of Log ============================
         
und Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014
Ran by geiser at 2014-07-21 13:02:58
Running from C:\Users\geiser\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Symantec Endpoint Protection (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
AS: Symantec Endpoint Protection (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Symantec Endpoint Protection (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Anviz Zeiter fassungs system (HKLM-x32\...\Anviz Zeiter fassungs system) (Version:  - )
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.2106 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.2106 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3703 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.1.3703 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.3207 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.3.3207 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2531 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2531 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.2627 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.1.2627 - CyberLink Corp.) Hidden
CyberLink Webcam Sharing Manager 4 (HKLM-x32\...\InstallShield_{296F7F3B-C75A-45e9-AD22-CC19DF86E9D3}) (Version: 4.2.1.1419 - CyberLink Corp.)
CyberLink Webcam Sharing Manager 4 (x32 Version: 4.2.1.1419 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.3801 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 4.2.1.3801 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DELISprint (HKLM-x32\...\{9480CCD5-BB18-4DF3-AB18-04198B30DD62}) (Version: 5.6.6.0 - DPD)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.4.1 (HKLM-x32\...\{A5F7DF42-F67D-11E3-B7EB-00163E98E7D6}) (Version: 5.4.1.3962 - Evernote Corp.)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{84663FDA-1374-4048-9869-DD4A8784785A}) (Version: 6.0.16.1 - Hewlett-Packard Company)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.1.1714 - Hewlett-Packard Company)
HP Client Security Manager (Version: 8.3.1.1714 - Hewlett-Packard Company) Hidden
HP Connection Manager (HKLM-x32\...\{79B0E32B-3B78-4EAD-B4DC-CF7BB05214AA}) (Version: 4.6.16.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Device Access Manager (HKLM\...\{274A948D-DD41-4B8F-B66F-0F4AD233200F}) (Version: 8.0.0.4 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{F3F74675-3700-4C55-A9AC-924D4E36DC40}) (Version: 1.1.2.0 - Hewlett-Packard)
HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.6.4.82 - Hewlett-Packard Company)
HP Drive Encryption (Version: 8.6.4.82 - Hewlett-Packard Company) Hidden
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{D562B3BB-4405-4FA8-BCE2-D5DB89E8D5CE}) (Version: 2.2.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 8.1.1.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10220 - Realtek Semiconductor Corp.)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 5.0.12.1 - Hewlett-Packard Company)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{3F728815-C7E8-40EA-8D1A-F7B8E2382325}) (Version: 3.4.10.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{D1E7D876-6B86-4B35-A93D-15B0D6C43EAF}) (Version: 8.5.4.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 8.0.0.6 - Hewlett-Packard Company)
HP Theft Recovery (x32 Version: 8.0.0.6 - Hewlett-Packard Company) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6496.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
LogMeIn (HKLM-x32\...\{F8511796-1457-4A92-BEF7-71080FCF297A}) (Version: 4.1.4132 - LogMeIn, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4623.1003 - Microsoft Corporation)
Microsoft Office Outlook 2003 (HKLM-x32\...\{90E00407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.33 - PDF Complete, Inc)
phonostar-Player Version 3.03.1 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{9041BE08-21DA-4916-EC0B-9375C5B624D9}) (Version: 11.0.737.1 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.21.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.68.201.2013 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.7 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Symantec Endpoint Protection (HKLM\...\{E87C0024-225D-47FC-A05D-97E4DC4C3D4C}) (Version: 12.1.4100.4126 - Symantec Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VSDC Free Video Editor Version 2.0.1.56 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 2.0.1.56 - Flash-Integro LLC)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
XMind 2013 (v3.4.0) (HKLM-x32\...\XMind_is1) (Version: 3.4.0.201311050558 - XMind Ltd.)

==================== Restore Points  =========================

28-06-2014 10:03:50 Windows Update
01-07-2014 10:32:21 Windows Update
04-07-2014 11:19:00 Windows Update
08-07-2014 00:52:39 Windows Update
08-07-2014 07:59:44 Installiert Symantec Endpoint Protection.
10-07-2014 08:31:21 Windows Update
11-07-2014 21:36:12 Windows Update
16-07-2014 06:14:58 Windows Update
21-07-2014 07:22:05 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0B1ABADB-51A6-4D50-8CAE-0E06D4EC5901} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {121087AA-7156-42B3-AC59-85231FCCB8B0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {250CB331-E2AA-45CB-B679-92CA4CEA3F08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)
Task: {2AAB3E50-E3A6-40E0-BB21-A963FC95A158} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9A3EA4FF-426F-4347-AE36-4A0BC6E0D7A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A0754C8C-39E1-4F7D-A129-EA07A66D2880} - System32\Tasks\HPCeeScheduleForgeiser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {AA92F458-CEAC-4929-AE2F-D9E3AD09845B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {F376E33D-34C7-47EA-B750-F0FDC1855F8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForgeiser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-05-22 14:21 - 2013-05-22 14:21 - 00299832 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2010-01-22 12:02 - 2010-01-22 12:02 - 00027648 _____ () C:\Windows\System32\sdf2ml6.dll
2014-03-19 20:08 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-01-10 22:35 - 2013-01-10 22:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-01-10 22:30 - 2013-01-10 22:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2013-03-06 23:38 - 2013-03-06 23:38 - 03020504 _____ () c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2013-01-10 20:25 - 2013-01-10 20:25 - 00364544 _____ () C:\Windows\system32\BsExtendFunc.dll
2012-12-12 12:38 - 2012-12-12 12:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-28 06:50 - 2013-04-25 17:23 - 00042496 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-23 00:05 - 2013-02-23 00:05 - 00387936 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 19:53 - 2011-07-05 19:53 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-02-01 02:04 - 2013-02-01 02:04 - 00080120 _____ () C:\Windows\system32\BsProfilefunc.dll
2014-06-17 18:10 - 2014-06-17 18:10 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-06-17 18:10 - 2014-06-17 18:10 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-01-26 09:28 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-02-14 10:38 - 2014-02-14 10:38 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\4533aebe1623540dda1d6f329ab59c25\IsdiInterop.ni.dll
2013-04-28 09:07 - 2012-02-02 02:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-18 19:42 - 2012-10-22 10:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-06-05 12:35 - 2013-06-05 12:35 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-06-20 06:08 - 2014-06-20 06:08 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Symantec Eraser Control driver
Description: Symantec Eraser Control driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: eeCtrl
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2014 11:49:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/21/2014 11:47:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/21/2014 11:43:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/21/2014 10:53:39 AM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Tracking Cookies in Datei: Cookie:geiser@track.adform.net/ von: Manuelle-Scan.  Aktion: Löschen erfolgreich.  Beschreibung der Aktion: Die Datei wurde erfolgreich gelöscht.

Error: (07/21/2014 10:12:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DPAgent.exe, Version: 6.0.0.2935, Zeitstempel: 0x524dc5b6
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0202a828
ID des fehlerhaften Prozesses: 0x1698
Startzeit der fehlerhaften Anwendung: 0xDPAgent.exe0
Pfad der fehlerhaften Anwendung: DPAgent.exe1
Pfad des fehlerhaften Moduls: DPAgent.exe2
Berichtskennung: DPAgent.exe3

Error: (07/21/2014 09:08:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DPAgent.exe, Version: 6.0.0.2935, Zeitstempel: 0x524dc5b6
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00f1b268
ID des fehlerhaften Prozesses: 0x162c
Startzeit der fehlerhaften Anwendung: 0xDPAgent.exe0
Pfad der fehlerhaften Anwendung: DPAgent.exe1
Pfad des fehlerhaften Moduls: DPAgent.exe2
Berichtskennung: DPAgent.exe3

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: System call failed: WinUsb_ResetPipe: 2.

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: System call failed: WinUsb_ResetPipe: 2.

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: System call failed: WinUsb_ResetPipe: 2.

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: System call failed: WinUsb_ResetPipe: 2.


System errors:
=============
Error: (07/21/2014 10:12:13 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (07/21/2014 10:11:53 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/21/2014 10:11:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Validity VCS Fingerprint Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/21/2014 10:11:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
eeCtrl

Error: (07/21/2014 10:10:00 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎21.‎07.‎2014 um 10:07:55 unerwartet heruntergefahren.

Error: (07/21/2014 09:09:08 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (07/21/2014 09:08:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (07/21/2014 09:08:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
eeCtrl

Error: (07/21/2014 09:02:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.179.381.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (07/18/2014 00:49:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst UNS erreicht.


Microsoft Office Sessions:
=========================
Error: (07/21/2014 11:49:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\phonostar-player\phonostar.exe

Error: (07/21/2014 11:47:02 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe

Error: (07/21/2014 11:43:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsSMSEditor.exe

Error: (07/21/2014 10:53:39 AM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Tracking Cookies in Datei: Cookie:geiser@track.adform.net/ von: Manuelle-Scan.  Aktion: Löschen erfolgreich.  Beschreibung der Aktion: Die Datei wurde erfolgreich gelöscht.

Error: (07/21/2014 10:12:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DPAgent.exe6.0.0.2935524dc5b6unknown0.0.0.000000000c00000050202a828169801cfa4bb655e93cdC:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exeunknownb34b96b5-10ae-11e4-adad-3c77e63eb29c

Error: (07/21/2014 09:08:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DPAgent.exe6.0.0.2935524dc5b6unknown0.0.0.000000000c000000500f1b268162c01cfa4b28f68ad7aC:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exeunknownda3b7f7d-10a5-11e4-b994-3c77e63eb29c

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: WinUsb_ResetPipe: 2

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: WinUsb_ResetPipe: 2

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: WinUsb_ResetPipe: 2

Error: (07/18/2014 11:04:04 AM) (Source: Validity USDK) (EventID: 44) (User: )
Description: WinUsb_ResetPipe: 2


==================== Memory info =========================== 

Percentage of memory in use: 53%
Total physical RAM: 3944.58 MB
Available physical RAM: 1844.83 MB
Total Pagefile: 7887.34 MB
Available Pagefile: 5517.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:452.12 GB) (Free:339.78 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.54 GB) (Free:0.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
Drive g: (Paca präsentiert SL) (CDROM) (Total:0.25 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 969B4A2B)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 MB) - (Type=0B)

==================== End Of Log ============================
         
Eins könnte noch interessant sein: DNS Auflösung funktionert nicht immer, aber wenn die IP Adresse eingegeben wird, dann scheint die internetverbindung zustandezukommen,...

Beste Grüße & Vielen Dank

Alt 21.07.2014, 14:14   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Internet funktioniert nur noch sporadisch - Standard

Internet funktioniert nur noch sporadisch



Hi,

FRST.txt fehlt.
__________________

__________________

Alt 21.07.2014, 14:14   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet funktioniert nur noch sporadisch - Standard

Internet funktioniert nur noch sporadisch



Hi,

anderes FRST-Log fehlt.

Zitat:
AV: Symantec Endpoint Protection (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
Sowas macht man schonmal garnicht, sowas wie Symantec und MSE sollte man niemals gleichzeitig verwenden. Eins davon muss umgehend runter.
__________________
__________________

Alt 21.07.2014, 14:57   #4
Workman
 
Internet funktioniert nur noch sporadisch - Standard

Internet funktioniert nur noch sporadisch



stimmt! Sorry!


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by PC_USER (administrator) on PACANBHP on 21-07-2014 13:00:56
Running from C:\Users\PC_USER\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin\ccSvcHst.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin64\Smc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin\ccSvcHst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfvista.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtsCM] => RTSCM64.EXE 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2014-01-26] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-03-01] (IDT, Inc.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-12-11] (LogMeIn, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-02-07] (PDF Complete Inc)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-01-31] (Hewlett-Packard Company)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-21] (Intel Corporation)
HKLM-x32\...\Run: [CLWCSM] => c:\Program Files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe [249096 2013-02-20] (cyberlink)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-02] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-02] (CyberLink Corp.)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [13685464 2013-03-06] (Hewlett-Packard)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-08-07] (CyberLink Corp.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-10-16] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1658497280-1287766379-2973162731-1001\...\Run: [Power2GoExpress8] => NA 
HKU\S-1-5-21-1658497280-1287766379-2973162731-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1658497280-1287766379-2973162731-1001\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2013-04-25] ()
HKU\S-1-5-21-1658497280-1287766379-2973162731-1001\...\RunOnce: [Uninstall C:\Users\PC_USER\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\PC_USER\AppData\Local\Microsoft\SkyDrive\16.4 (the data entry has 20 more characters).
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\PC_USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPCOM13/10
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM13/10
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=CMNTDFJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\bin\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.11.11

FireFox:
========
FF ProfilePath: C:\Users\PC_USER\AppData\Roaming\Mozilla\Firefox\Profiles\ibey9dvu.default-1386744686798
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll (DigitalPersona, Inc.)
FF Plugin HKCU: @phonostar.de/phonostar-Player - C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Evernote Web Clipper - C:\Users\PC_USER\AppData\Roaming\Mozilla\Firefox\Profiles\ibey9dvu.default-1386744686798\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-06-24]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2014-01-26]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Data\IPSFF
FF Extension: Symantec Vulnerability Protection - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Data\IPSFF [2014-07-08]

==================== Services (Whitelisted) =================

R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-02-01] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-10-03] (DigitalPersona, Inc.)
R2 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [556856 2013-03-04] (Hewlett-Packard Company)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [553248 2013-01-31] (Hewlett-Packard Company)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-22] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-22] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-06-08] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-06-08] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-12-11] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1135752 2013-02-07] (PDF Complete Inc)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin\ccSvcHst.exe [144496 2014-06-21] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin64\Smc.exe [2379128 2014-06-21] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin64\snac64.exe [335216 2014-06-21] (Symantec Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-03-01] (IDT, Inc.) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Data\Definitions\BASHDefs\20140612.012\BHDrvx64.sys [1530160 2014-05-10] (Symantec Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-06] (Ralink Corporation)
R1 ccSettings_{CF58CB78-7BAE-4134-8869-E02D7EF85E4E}; C:\Windows\System32\Drivers\SEP\0C011004\101E.105\x64\ccSetx64.sys [169048 2014-06-21] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-26] (CyberLink)
R3 clwcsm; C:\Windows\System32\DRIVERS\clwcsm.sys [42432 2013-02-19] (CyberLink Corporation)
R3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-02-19] (Hewlett-Packard Company)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-21] (Symantec Corporation)
R3 EraserUtilDrv11313; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [142128 2014-07-21] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-07-08] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Data\Definitions\IPSDefs\20140718.011\IDSvia64.sys [525016 2014-07-04] (Symantec Corporation)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-12-11] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Data\Definitions\VirusDefs\20140720.019\ENG64.SYS [126040 2014-07-21] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Data\Definitions\VirusDefs\20140720.019\EX64.SYS [2099288 2014-07-21] (Symantec Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-08-22] (WinMagic Inc.)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [692832 2012-10-09] (Ralink Technology, Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-01] (RTS Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8243144 2013-03-07] (Realtek Semiconductor Corp.)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2013-08-22] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2013-08-22] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [28400 2013-01-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [32496 2013-01-11] (Synaptics Incorporated)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C011004\101E.105\x64\SRTSP64.SYS [867032 2014-06-21] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C011004\101E.105\x64\SRTSPX64.SYS [36952 2014-06-21] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C011004\101E.105\x64\SYMDS64.SYS [493656 2014-06-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C011004\101E.105\x64\SYMEFA64.SYS [1148120 2014-06-21] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C011004\101E.105\x64\Ironx64.SYS [225496 2014-06-21] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C011004\101E.105\x64\SYMNETS.SYS [437976 2014-06-21] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [104472 2014-06-21] (Symantec Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-20] (IVT Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-21 13:00 - 2014-07-21 13:02 - 00027066 _____ () C:\Users\PC_USER\Downloads\FRST.txt
2014-07-21 13:00 - 2014-07-21 13:01 - 00000000 ____D () C:\FRST
2014-07-21 13:00 - 2014-07-21 13:00 - 02089984 _____ (Farbar) C:\Users\PC_USER\Downloads\FRST64.exe
2014-07-21 10:59 - 2014-07-21 10:59 - 00000474 _____ () C:\Users\PC_USER\Downloads\defogger_disable.log
2014-07-21 10:59 - 2014-07-21 10:59 - 00000000 _____ () C:\Users\PC_USER\defogger_reenable
2014-07-21 10:58 - 2014-07-21 10:58 - 00050477 _____ () C:\Users\PC_USER\Downloads\Defogger.exe
2014-07-21 10:11 - 2014-07-21 12:52 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-07-15 18:06 - 2014-07-17 10:03 - 00010215 _____ () C:\Users\PC_USER\Desktop\Stundenzettel.xlsx
2014-07-14 13:37 - 2014-07-14 13:38 - 00094773 _____ () C:\Users\PC_USER\Desktop\test.wma
2014-07-12 00:02 - 2014-07-12 00:02 - 00000000 ____D () C:\Users\PC_USER\AppData\Local\Generic
2014-07-11 23:26 - 2014-07-11 23:26 - 00008738 _____ () C:\Users\PC_USER\Desktop\Finanzierung Z4.xlsx
2014-07-09 14:01 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 14:01 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 14:01 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 14:01 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 14:01 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 14:01 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 14:01 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 14:01 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 14:01 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 14:01 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 14:01 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 14:01 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 14:01 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 14:01 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 14:01 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 14:01 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 14:01 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 14:01 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 14:01 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 14:01 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 14:01 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 14:01 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 14:01 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 14:01 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 14:01 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 14:01 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 14:01 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 14:01 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 14:01 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 14:01 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 14:01 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 14:01 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 14:01 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 14:01 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 14:01 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 14:01 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 14:01 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 14:01 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 14:01 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 14:01 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 14:01 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 14:01 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 14:01 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 14:01 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 14:01 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 14:01 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 14:01 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 14:01 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 14:01 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 14:01 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 14:01 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 14:01 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 14:01 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 14:01 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 14:01 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 14:01 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 13:58 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 13:58 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 13:58 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 13:57 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 13:57 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 13:57 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 13:57 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 13:57 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 13:57 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 13:57 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 13:57 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 13:57 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 13:57 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 13:57 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 13:57 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 13:57 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 13:57 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 13:57 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 13:57 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 13:57 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 13:57 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 13:57 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 13:57 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 13:57 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 13:57 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-08 10:06 - 2014-07-08 10:06 - 00000000 ____D () C:\Users\PC_USER\AppData\Local\Symantec
2014-07-08 10:04 - 2014-07-08 10:04 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-07-08 10:04 - 2014-07-08 10:04 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-07-08 10:04 - 2014-07-08 10:04 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-08 10:02 - 2014-07-08 10:02 - 00577392 _____ (Symantec Corporation) C:\Windows\system32\SymVPN.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00421232 _____ (Symantec Corporation) C:\Windows\SysWOW64\SymVPN.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00158576 _____ (Symantec Corporation) C:\Windows\system32\FwsVpn.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00136560 _____ (Symantec Corporation) C:\Windows\SysWOW64\FwsVpn.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00057200 _____ (Symantec Corporation) C:\Windows\system32\snacnp.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00051056 _____ (Symantec Corporation) C:\Windows\SysWOW64\snacnp.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00045088 _____ (Symantec Corporation) C:\Windows\system32\Drivers\WGX64.SYS
2014-07-08 10:01 - 2014-07-08 10:01 - 00000000 ____D () C:\Windows\system32\Drivers\SEP
2014-07-08 10:01 - 2014-07-08 10:01 - 00000000 ____D () C:\ProgramData\regid.1992-12.com.symantec
2014-07-08 10:00 - 2014-07-08 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
2014-07-08 10:00 - 2014-07-08 10:00 - 00000000 ____D () C:\Program Files (x86)\Symantec
2014-07-08 09:59 - 2014-07-08 10:00 - 00000000 ____D () C:\ProgramData\Symantec
2014-07-02 16:02 - 2014-07-02 16:02 - 00000000 ____D () C:\SCAN
2014-06-21 16:45 - 2014-06-21 16:45 - 00104472 _____ (Symantec Corporation) C:\Windows\system32\Drivers\Teefer.sys

==================== One Month Modified Files and Folders =======

2014-07-21 13:02 - 2014-07-21 13:00 - 00027066 _____ () C:\Users\PC_USER\Downloads\FRST.txt
2014-07-21 13:01 - 2014-07-21 13:00 - 00000000 ____D () C:\FRST
2014-07-21 13:00 - 2014-07-21 13:00 - 02089984 _____ (Farbar) C:\Users\PC_USER\Downloads\FRST64.exe
2014-07-21 12:55 - 2013-12-05 14:58 - 01436980 _____ () C:\Windows\WindowsUpdate.log
2014-07-21 12:52 - 2014-07-21 10:11 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-07-21 12:52 - 2013-04-28 09:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-21 11:20 - 2013-12-05 15:02 - 00000000 ____D () C:\Users\PC_USER\AppData\Local\PDFC
2014-07-21 10:59 - 2014-07-21 10:59 - 00000474 _____ () C:\Users\PC_USER\Downloads\defogger_disable.log
2014-07-21 10:59 - 2014-07-21 10:59 - 00000000 _____ () C:\Users\PC_USER\defogger_reenable
2014-07-21 10:59 - 2013-12-05 15:00 - 00000000 ____D () C:\Users\PC_USER
2014-07-21 10:58 - 2014-07-21 10:58 - 00050477 _____ () C:\Users\PC_USER\Downloads\Defogger.exe
2014-07-21 10:19 - 2009-07-14 06:45 - 00026832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-21 10:19 - 2009-07-14 06:45 - 00026832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-21 10:15 - 2013-09-18 20:22 - 00793126 _____ () C:\Windows\system32\perfh007.dat
2014-07-21 10:15 - 2013-09-18 20:22 - 00183846 _____ () C:\Windows\system32\perfc007.dat
2014-07-21 10:15 - 2009-07-14 07:13 - 01857698 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 10:13 - 2013-02-22 22:59 - 00001000 _____ () C:\Windows\SysWOW64\bscs.ini
2014-07-21 10:12 - 2013-09-18 20:02 - 00004151 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-07-21 10:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-07-21 10:11 - 2013-04-28 09:07 - 00000000 ____D () C:\ProgramData\PDFC
2014-07-21 10:10 - 2013-09-18 20:02 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-07-21 10:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 10:10 - 2009-07-14 06:51 - 00074878 _____ () C:\Windows\setupact.log
2014-07-21 10:08 - 2013-12-06 11:09 - 00001509 _____ () C:\Windows\SysWOW64\REMOTEDEVICE.INI
2014-07-21 09:58 - 2013-12-05 15:09 - 00001994 ____H () C:\Users\PC_USER\Documents\Default.rdp
2014-07-21 09:12 - 2013-12-05 15:01 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{943C3C4E-7C80-49D2-9336-8D686FE8C73C}
2014-07-21 08:43 - 2014-02-07 15:35 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPC_USER
2014-07-21 08:43 - 2014-02-07 15:35 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForPC_USER.job
2014-07-17 10:03 - 2014-07-15 18:06 - 00010215 _____ () C:\Users\PC_USER\Desktop\Stundenzettel.xlsx
2014-07-15 13:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-14 14:00 - 2014-03-05 09:31 - 00000000 ____D () C:\Users\PC_USER\AppData\Roaming\Skype
2014-07-14 13:38 - 2014-07-14 13:37 - 00094773 _____ () C:\Users\PC_USER\Desktop\test.wma
2014-07-12 00:02 - 2014-07-12 00:02 - 00000000 ____D () C:\Users\PC_USER\AppData\Local\Generic
2014-07-11 23:58 - 2013-12-17 12:18 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-07-11 23:55 - 2013-12-10 12:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 23:40 - 2013-12-10 12:25 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-11 23:26 - 2014-07-11 23:26 - 00008738 _____ () C:\Users\PC_USER\Desktop\Finanzierung Z4.xlsx
2014-07-11 13:20 - 2013-12-13 14:33 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-11 13:20 - 2013-12-13 14:33 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-10 12:23 - 2014-03-07 11:44 - 00722432 _____ () C:\Users\PC_USER\Desktop\Supplier Invoices.xls
2014-07-10 10:59 - 2009-07-14 06:45 - 00343040 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 10:56 - 2014-05-07 20:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 10:56 - 2013-09-18 20:10 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 10:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 10:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 10:52 - 2013-04-28 09:07 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 10:52 - 2013-04-28 09:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 10:52 - 2013-04-28 09:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 10:06 - 2014-07-08 10:06 - 00000000 ____D () C:\Users\PC_USER\AppData\Local\Symantec
2014-07-08 10:04 - 2014-07-08 10:04 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-07-08 10:04 - 2014-07-08 10:04 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-07-08 10:04 - 2014-07-08 10:04 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-08 10:04 - 2014-07-08 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
2014-07-08 10:02 - 2014-07-08 10:02 - 00577392 _____ (Symantec Corporation) C:\Windows\system32\SymVPN.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00421232 _____ (Symantec Corporation) C:\Windows\SysWOW64\SymVPN.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00158576 _____ (Symantec Corporation) C:\Windows\system32\FwsVpn.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00136560 _____ (Symantec Corporation) C:\Windows\SysWOW64\FwsVpn.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00057200 _____ (Symantec Corporation) C:\Windows\system32\snacnp.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00051056 _____ (Symantec Corporation) C:\Windows\SysWOW64\snacnp.dll
2014-07-08 10:02 - 2014-07-08 10:02 - 00045088 _____ (Symantec Corporation) C:\Windows\system32\Drivers\WGX64.SYS
2014-07-08 10:01 - 2014-07-08 10:01 - 00000000 ____D () C:\Windows\system32\Drivers\SEP
2014-07-08 10:01 - 2014-07-08 10:01 - 00000000 ____D () C:\ProgramData\regid.1992-12.com.symantec
2014-07-08 10:00 - 2014-07-08 10:00 - 00000000 ____D () C:\Program Files (x86)\Symantec
2014-07-08 10:00 - 2014-07-08 09:59 - 00000000 ____D () C:\ProgramData\Symantec
2014-07-08 09:32 - 2014-04-06 11:17 - 00001056 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2014-07-08 09:32 - 2014-04-06 11:17 - 00001044 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2014-07-08 09:31 - 2010-11-21 05:47 - 00186364 _____ () C:\Windows\PFRO.log
2014-07-08 07:42 - 2014-04-06 11:17 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-07-02 16:02 - 2014-07-02 16:02 - 00000000 ____D () C:\SCAN
2014-06-30 14:03 - 2014-01-07 16:42 - 00000000 ____D () C:\Program Files\Att
2014-06-30 04:09 - 2014-07-09 13:57 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 13:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-24 07:08 - 2013-04-28 09:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-06-21 16:45 - 2014-06-21 16:45 - 00104472 _____ (Symantec Corporation) C:\Windows\system32\Drivers\Teefer.sys

Some content of TEMP:
====================
C:\Users\PC_USER\AppData\Local\Temp\AtpTimerInfo.dll
C:\Users\PC_USER\AppData\Local\Temp\Extract.exe
C:\Users\PC_USER\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\PC_USER\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\PC_USER\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\PC_USER\AppData\Local\Temp\OfficeSetup.exe
C:\Users\PC_USER\AppData\Local\Temp\Setup.X86.de-DE_HomeStudentRetail_732e565d-24cc-4db8-9e1c-ab7a459a800a_TX_DB_(1).exe
C:\Users\PC_USER\AppData\Local\Temp\SP63065.exe
C:\Users\PC_USER\AppData\Local\Temp\SP63563.exe
C:\Users\PC_USER\AppData\Local\Temp\SP63791.exe
C:\Users\PC_USER\AppData\Local\Temp\SP63852.exe
C:\Users\PC_USER\AppData\Local\Temp\SP63998.exe
C:\Users\PC_USER\AppData\Local\Temp\SP64087.exe
C:\Users\PC_USER\AppData\Local\Temp\SP64284.exe
C:\Users\PC_USER\AppData\Local\Temp\SP64338.exe
C:\Users\PC_USER\AppData\Local\Temp\SP64399.exe
C:\Users\PC_USER\AppData\Local\Temp\SP64670.exe
C:\Users\PC_USER\AppData\Local\Temp\SP64815.exe
C:\Users\PC_USER\AppData\Local\Temp\SP64934.exe
C:\Users\PC_USER\AppData\Local\Temp\SP65011.exe
C:\Users\PC_USER\AppData\Local\Temp\SP65461.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-21 11:41

==================== End Of Log ============================
         
--- --- ---



Besten Dank und viel Spass...

Alt 21.07.2014, 15:04   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet funktioniert nur noch sporadisch - Standard

Internet funktioniert nur noch sporadisch



Oh, schraubi hat ja vor mir hier geantwortet, ich bin dann mal raus hier

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.07.2014, 15:17   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Internet funktioniert nur noch sporadisch - Standard

Internet funktioniert nur noch sporadisch



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Internet funktioniert nur noch sporadisch

Alt 22.07.2014, 09:37   #7
Workman
 
Internet funktioniert nur noch sporadisch - Standard

Internet funktioniert nur noch sporadisch



Voila Combofix... und: hat gemeckert, obwohl AV Software ausgeschaltet wurde...

Code:
ATTFilter
ComboFix 14-07-21.01 - PC_USER 22.07.2014  10:07:48.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.3945.1831 [GMT 2:00]
ausgeführt von:: c:\users\PC_USER\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Symantec Endpoint Protection *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
FW: Symantec Endpoint Protection *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Symantec Endpoint Protection *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\PC_USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\{DDA4C5D0-FDA4-4BB1-9D5E-E4F62EF79C71}.xps
c:\users\PC_USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\{E6135B19-1511-470D-8B9F-128BAA873C1B}.xps
c:\users\PC_USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\{EE4789CD-304A-48FC-B465-4666555CAA64}.xps
c:\users\PC_USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F53E39B5-0EDB-4FB9-9182-46E3C7056FDF}.xps
c:\users\PC_USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F69400E5-299C-47F6-A085-10C1152C9A4D}.xps
c:\users\PC_USER\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FA89F98D-9311-4827-A0BC-F94AE5E24595}.xps
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-22 bis 2014-07-22  ))))))))))))))))))))))))))))))
.
.
2014-07-22 08:22 . 2014-07-22 08:22	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2014-07-22 08:22 . 2014-07-22 08:22	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-07-22 08:22 . 2014-07-22 08:22	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2014-07-22 07:58 . 2014-07-02 03:09	10924376	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4564402-727F-42DF-BC66-7E63F1E05435}\mpengine.dll
2014-07-21 13:55 . 2014-07-21 13:58	--------	d-----w-	c:\users\PC_USER\AppData\Local\Google
2014-07-21 13:54 . 2014-07-21 13:55	--------	d-----w-	c:\program files (x86)\Google
2014-07-21 11:00 . 2014-07-21 11:04	--------	d-----w-	C:\FRST
2014-07-18 09:28 . 2014-07-02 03:09	10924376	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-11 22:02 . 2014-07-11 22:02	--------	d-----w-	c:\users\PC_USER\AppData\Local\Generic
2014-07-11 07:34 . 2014-05-02 07:04	1031560	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3D445B8D-81F2-4B30-921F-92D77B42B92A}\gapaengine.dll
2014-07-09 11:58 . 2014-06-05 14:45	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-07-09 11:58 . 2014-06-05 14:26	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-07-09 11:58 . 2014-06-05 14:25	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-07-08 08:07 . 2014-07-08 08:07	--------	d-----w-	c:\program files (x86)\Common Files\Symantec Shared
2014-07-08 08:06 . 2014-07-08 08:06	--------	d-----w-	c:\users\PC_USER\AppData\Local\Symantec
2014-07-08 08:04 . 2014-07-08 08:04	177752	----a-w-	c:\windows\system32\drivers\SYMEVENT64x86.SYS
2014-07-08 08:04 . 2014-07-08 08:04	--------	d-----w-	c:\program files\Common Files\Symantec Shared
2014-07-08 08:02 . 2014-07-08 08:02	577392	----a-w-	c:\windows\system32\SymVPN.dll
2014-07-08 08:02 . 2014-07-08 08:02	57200	----a-w-	c:\windows\system32\snacnp.dll
2014-07-08 08:02 . 2014-07-08 08:02	51056	----a-w-	c:\windows\SysWow64\snacnp.dll
2014-07-08 08:02 . 2014-07-08 08:02	45088	----a-w-	c:\windows\system32\drivers\WGX64.SYS
2014-07-08 08:02 . 2014-07-08 08:02	421232	----a-w-	c:\windows\SysWow64\SymVPN.dll
2014-07-08 08:02 . 2014-07-08 08:02	136560	----a-w-	c:\windows\SysWow64\FwsVpn.dll
2014-07-08 08:02 . 2014-07-08 08:02	158576	----a-w-	c:\windows\system32\FwsVpn.dll
2014-07-08 08:01 . 2014-07-08 08:01	--------	d-----w-	c:\programdata\regid.1992-12.com.symantec
2014-07-08 08:01 . 2014-07-08 08:01	--------	d-----w-	c:\windows\system32\drivers\SEP
2014-07-08 08:00 . 2014-07-08 08:00	--------	d-----w-	c:\program files (x86)\Symantec
2014-07-08 07:59 . 2014-07-08 08:00	--------	d-----w-	c:\programdata\Symantec
2014-07-02 14:02 . 2014-07-02 14:02	--------	d-----w-	C:\SCAN
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 21:40 . 2013-12-10 10:25	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-07-10 08:52 . 2013-04-28 07:07	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 08:52 . 2013-04-28 07:07	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-21 14:45 . 2014-06-21 14:45	493656	----a-w-	c:\windows\system32\drivers\SEP\0C011004\101E.105\x64\SymDS64.sys
2014-06-21 14:45 . 2014-06-21 14:45	437976	----a-w-	c:\windows\system32\drivers\SEP\0C011004\101E.105\x64\symnets.sys
2014-06-21 14:45 . 2014-06-21 14:45	36952	----a-w-	c:\windows\system32\drivers\SEP\0C011004\101E.105\x64\srtspx64.sys
2014-06-21 14:45 . 2014-06-21 14:45	1148120	----a-w-	c:\windows\system32\drivers\SEP\0C011004\101E.105\x64\SymEFA64.sys
2014-06-21 14:45 . 2014-06-21 14:45	867032	----a-w-	c:\windows\system32\drivers\SEP\0C011004\101E.105\x64\srtsp64.sys
2014-06-21 14:45 . 2014-06-21 14:45	225496	----a-w-	c:\windows\system32\drivers\SEP\0C011004\101E.105\x64\Ironx64.sys
2014-06-21 14:45 . 2014-06-21 14:45	169048	----a-w-	c:\windows\system32\drivers\SEP\0C011004\101E.105\x64\ccSetx64.sys
2014-06-21 14:45 . 2014-06-21 14:45	104472	----a-w-	c:\windows\system32\drivers\Teefer.sys
2014-06-20 07:22 . 2013-12-05 21:18	588496	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-06-08 04:41 . 2014-04-06 09:17	35656	----a-w-	c:\windows\system32\LMIport.dll
2014-06-08 04:41 . 2014-04-06 09:17	107368	----a-w-	c:\windows\system32\LMIRfsClientNP.dll
2014-06-08 04:41 . 2014-04-06 09:17	92488	----a-w-	c:\windows\system32\LMIinit.dll
2014-06-06 10:47 . 2014-06-06 10:47	4558848	----a-w-	c:\windows\SysWow64\GPhotos.scr
2014-05-29 08:44 . 2014-04-06 09:17	107368	----a-w-	c:\windows\system32\LMIRfsClientNP.dll.001.bak
2014-05-02 07:04 . 2013-12-16 12:07	1031560	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-25 02:34 . 2014-06-11 18:09	801280	----a-w-	c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 18:09	626688	----a-w-	c:\windows\SysWow64\usp10.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-06 11:57	223432	----a-w-	c:\users\PC_USER\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-06 11:57	223432	----a-w-	c:\users\PC_USER\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-06 11:57	223432	----a-w-	c:\users\PC_USER\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress8"="NA" [X]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"phonostar-PlayerTimer"="c:\program files (x86)\phonostar-Player\phonostarTimer.exe" [2013-04-25 42496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-03-01 56088]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2013-02-07 683656]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2013-01-31 337184]
"BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2013-01-10 379904]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-12-20 291280]
"CLWCSM"="c:\program files (x86)\CyberLink\Webcam Sharing Manager\StreamProvider.exe" [2013-02-20 249096]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2013-02-01 136488]
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2013-02-01 167488]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2013-03-06 13685464]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2013-08-05 111576]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2013-08-07 490760]
"AccelerometerSysTrayApplet"="c:\program files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe" [2013-10-16 77088]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2013-10-16 185144]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-26 152392]
.
c:\users\PC_USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2014-6-17 1109344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
R3 RTSPER;Realtek PCIe CardReader Driver;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
R3 rtsuvc;HP HD Webcam [Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 SmbDrvI;SmbDrvI;c:\windows\system32\drivers\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_Intel.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe;c:\windows\SYSNATIVE\inetsrv\wmsvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 PinFile;PinFile;c:\windows\system32\DRIVERS\PinFile.sys;c:\windows\SYSNATIVE\DRIVERS\PinFile.sys [x]
S0 SDDisk2K;SDDisk2K;c:\windows\system32\DRIVERS\SDDisk2K.sys;c:\windows\SYSNATIVE\DRIVERS\SDDisk2K.sys [x]
S0 SDDToki;SDDToki;c:\windows\system32\DRIVERS\SDDToki.sys;c:\windows\SYSNATIVE\DRIVERS\SDDToki.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\Drivers\SEP\0C011004\101E.105\x64\SYMDS64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C011004\101E.105\x64\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\Drivers\SEP\0C011004\101E.105\x64\SYMEFA64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C011004\101E.105\x64\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Data\Definitions\BASHDefs\20140703.011\BHDrvx64.sys;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Data\Definitions\BASHDefs\20140703.011\BHDrvx64.sys [x]
S1 ccSettings_{CF58CB78-7BAE-4134-8869-E02D7EF85E4E};Symantec Endpoint Protection 12.1.4100.4126.105 Settings Manager;c:\windows\system32\Drivers\SEP\0C011004\101E.105\x64\ccSetx64.sys;c:\windows\SYSNATIVE\Drivers\SEP\0C011004\101E.105\x64\ccSetx64.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Data\Definitions\IPSDefs\20140721.011\IDSvia64.sys;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Data\Definitions\IPSDefs\20140721.011\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\Drivers\SEP\0C011004\101E.105\x64\Ironx64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C011004\101E.105\x64\Ironx64.SYS [x]
S1 SYMNETS;Symantec Network Security WFP Driver;c:\windows\system32\Drivers\SEP\0C011004\101E.105\x64\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C011004\101E.105\x64\SYMNETS.SYS [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 FLCDLOCK;HP Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPFSService;HP File Sanitizer;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 SepMasterService;Symantec Endpoint Protection;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin\ccSvcHst.exe;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin\ccSvcHst.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\system32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\system32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\system32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]
S3 clwcsm;CyberLink Webcam Sharing Manager 4.2;c:\windows\system32\DRIVERS\clwcsm.sys;c:\windows\SYSNATIVE\DRIVERS\clwcsm.sys [x]
S3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
S3 EraserUtilDrv11313;EraserUtilDrv11313;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11313.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\system32\DRIVERS\rtbth.sys;c:\windows\SYSNATIVE\DRIVERS\rtbth.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-28 08:52]
.
2014-07-21 c:\windows\Tasks\HPCeeScheduleForPC_USER.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-06 11:57	262344	----a-w-	c:\users\PC_USER\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-06 11:57	262344	----a-w-	c:\users\PC_USER\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-06 11:57	262344	----a-w-	c:\users\PC_USER\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-06-20 07:29	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-06-20 07:29	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-06-20 07:29	2335960	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-18 172168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-18 400008]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-18 441992]
"RtsCM"="RTSCM64.EXE" [2013-03-06 144456]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2014-03-01 1703424]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2013-12-11 57928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-07-08 21720]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Auswahl speichern - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Bild ausschneiden - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Diese Seite ausschneiden - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Neue Notiz - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: URL notieren - c:\program files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
TCP: DhcpNameServer = 192.168.11.11
FF - ProfilePath - c:\users\PC_USER\AppData\Roaming\Mozilla\Firefox\Profiles\ibey9dvu.default-1386744686798\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{438363A8-F486-4C37-834C-4955773CB3D3} - msiexec
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SepMasterService]
"ImagePath"="\"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin\ccSvcHst.exe\" /s \"Symantec Endpoint Protection\" /m \"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin\sms.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SmcService]
"ImagePath"="\"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.4100.4126.105\Bin64\Smc.exe\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\CurrentVersion]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-07-22  10:29:17
ComboFix-quarantined-files.txt  2014-07-22 08:29
.
Vor Suchlauf: 15 Verzeichnis(se), 366.145.830.912 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 369.321.594.880 Bytes frei
.
- - End Of File - - 33D50FBA4BE59A802218A42C454641F3
         

Alt 23.07.2014, 08:13   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Internet funktioniert nur noch sporadisch - Standard

Internet funktioniert nur noch sporadisch



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Internet funktioniert nur noch sporadisch
.dll, antivirus, converter, cpu, defender, device driver, dll, error, failed, fehler, firefox, flash player, home, internet, log, löschen, microsoft, onedrive, realtek, rundll, scan, security, server, software, symantec, usb, windows




Ähnliche Themen: Internet funktioniert nur noch sporadisch


  1. Internet sporadisch weg und wieder da
    Plagegeister aller Art und deren Bekämpfung - 24.07.2015 (7)
  2. Maus funktioniert nach Trojaner nur noch im abgesichertem Modus
    Plagegeister aller Art und deren Bekämpfung - 30.07.2014 (11)
  3. Internet Explorer lädt nur sporadisch Seiten
    Plagegeister aller Art und deren Bekämpfung - 14.06.2014 (27)
  4. Nach Trojaner funktioniert nur noch BIOS
    Log-Analyse und Auswertung - 22.07.2013 (1)
  5. weißer Bildschirm bei Windowsstart; abgesicherter Modus mit Eingabefunktion funktioniert nur noch
    Plagegeister aller Art und deren Bekämpfung - 03.06.2013 (21)
  6. Firefox funktioniert nur noch wenn er als Administrator gestartet wurde
    Log-Analyse und Auswertung - 02.06.2013 (9)
  7. "Internet Explorer funktioniert nicht mehr" schließt alles bis auf das Internet
    Plagegeister aller Art und deren Bekämpfung - 11.05.2013 (45)
  8. Windows Update deaktiviert sich nach Neustart / Internet sporadisch nicht erreichbar / Java Exploits
    Plagegeister aller Art und deren Bekämpfung - 12.04.2013 (9)
  9. GUV- Virus Sperrung auf Desktop, abgespeicherter Mudus funktioniert noch ( Win 7)
    Log-Analyse und Auswertung - 21.02.2013 (38)
  10. BKA Ukash Trojaner; Abgesicherter Modus funktioniert noch
    Log-Analyse und Auswertung - 05.09.2011 (5)
  11. obere Buchstabenleiste der Laptop Tastatur funktioniert nur noch teilweise
    Alles rund um Windows - 19.08.2010 (27)
  12. Internet- und Netzwerkverbindung bricht sporadisch ab
    Netzwerk und Hardware - 26.06.2010 (0)
  13. Internet funktioniert nur noch im abgesicherten Modus
    Log-Analyse und Auswertung - 28.07.2009 (16)
  14. AVG update funktioniert nicht und noch andere Probleme
    Log-Analyse und Auswertung - 08.03.2009 (2)
  15. Internet funktioniert kaum noch
    Log-Analyse und Auswertung - 25.06.2008 (0)
  16. Bildschirm leer - nur noch Taskmanager funktioniert!
    Alles rund um Windows - 20.12.2007 (14)
  17. Verzweiflung .. kaum noch ein Link funktioniert
    Log-Analyse und Auswertung - 22.12.2005 (4)

Zum Thema Internet funktioniert nur noch sporadisch - Mein internet funktioniert nur noch sporadisch auf dem Rechner, obewohl ein anderer Rechner ohne PRobleme ins Internet gehen kann. hier Die Log Files: Code: Alles auswählen Aufklappen ATTFilter Additional scan - Internet funktioniert nur noch sporadisch...
Archiv
Du betrachtest: Internet funktioniert nur noch sporadisch auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.