Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8: default-search.net als Startsarte in allen Browsern

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.03.2014, 06:27   #1
Katy91
 
Windows 8: default-search.net als Startsarte in allen Browsern - Standard

Windows 8: default-search.net als Startsarte in allen Browsern



Hallo,
seit neuestens erscheint bei mir als Startseite im Firefox wie auch im Internet Explorer als Startseite default-search.net.
Ich kann zwar die Startseite abändern, aber das bekämpft das Problem ja bestimmt nicht.

Hier die Files die ihr braucht um mir zu helfen:

FRST:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Kathrin (administrator) on KATHRIN-PC on 29-03-2014 07:09:20
Running from C:\Users\Kathrin\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(National Instruments Corporation) C:\WINDOWS\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(National Instruments, Inc.) C:\WINDOWS\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\WINDOWS\SysWOW64\lktsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(CyberLink Corp.) C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Allmyapps SAS) C:\Users\Kathrin\AppData\Roaming\Allmyapps\Allmyapps.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Dropbox, Inc.) C:\Users\Kathrin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe
(Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [TpShocks] - C:\WINDOWS\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2668024 2013-01-28] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-02-28] (Lenovo Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4277000 2012-11-08] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NI Update Service] - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [857888 2013-05-28] (National Instruments)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [522232 2012-09-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1661856 2014-03-22] (Simply Super Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [Allmyapps] - C:\Users\Kathrin\AppData\Roaming\Allmyapps\Allmyapps.exe [7311224 2014-03-18] (Allmyapps SAS)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [Allmyapps Update] - C:\Users\Kathrin\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [320376 2014-03-18] (Allmyapps SAS)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [NIRegistrationWizard] - C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [847000 2013-04-19] ()
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kathrin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.default-search.net?sid=476&aid=122&itype=n&ver=11471&tm=299&src=hmp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - DefaultScope {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = 
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} vpnweb.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512] (National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default
FF SearchEngineOrder.1: default-search.net
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npIMAQAXControl.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2010win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2011win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2013win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-27]
FF Extension: Settings Manager - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0} [2014-03-27]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2014-03-25]
FF Extension: {0d40efba-48b4-470d-953a-3d8ace89260c} - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{0d40efba-48b4-470d-953a-3d8ace89260c}.xpi [2013-11-07]
FF Extension: Video MPEG4 Plugin Free - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{62a9e1ac-ebb8-46f8-ae9d-292c433c266f}.xpi [2013-11-09]
FF Extension: Adblock Plus - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-09]

==================== Services (Whitelisted) =================

S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [152568 2013-02-28] (Lenovo Corporation)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139944 2013-08-07] (AuthenTec, Inc)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [50440 2012-11-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [1628664 2013-02-06] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [677880 2013-02-28] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [53544 2013-06-12] (National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [63792 2013-06-12] (National Instruments Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-01-28] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [462840 2013-02-22] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [83768 2013-06-10] (National Instruments Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57696 2013-06-08] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [81248 2013-06-08] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720 2013-06-12] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-06-06] (National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976 2013-05-11] (National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [176512 2013-06-19] (National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440 2013-06-07] (National Instruments Corporation)
R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57680 2013-06-08] (National Instruments Corporation)
R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [687944 2013-06-15] (National Instruments Corporation)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-31] (Nitro PDF Software)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401704 2013-07-22] (AuthenTec, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
S2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [12968 2012-01-27] (National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [12952 2011-07-01] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [13624 2012-12-19] (National Instruments Corporation)
R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [926992 2012-12-19] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [13624 2012-12-19] (National Instruments Corporation)
R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [16984 2012-12-18] (National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [13008 2012-06-06] (National Instruments Corporation)
R2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [13008 2012-06-06] (National Instruments Corporation)
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [148352 2012-08-23] (Ricoh co.,Ltd.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-05] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-24] (Microsoft Corporation)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-12] (Lenovo Group Limited)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-29 07:06 - 2014-03-29 07:06 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2014-03-29 07:05 - 2014-03-29 07:05 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger(1).exe
2014-03-28 13:19 - 2010-01-03 19:05 - 504987648 _____ () C:\Users\Kathrin\Desktop\00001.MTS
2014-03-28 04:22 - 2014-03-28 04:23 - 00001758 _____ () C:\sc-cleaner.txt
2014-03-28 04:22 - 2014-03-28 04:22 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Kathrin\Downloads\sc-cleaner.exe
2014-03-27 20:01 - 2014-03-27 20:01 - 00000000 ____D () C:\ProgramData\Brother
2014-03-27 14:16 - 2014-03-27 14:17 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dev-Cpp
2014-03-27 14:16 - 2014-03-27 14:16 - 00001009 _____ () C:\Users\Kathrin\Desktop\Dev-C++.lnk
2014-03-27 14:14 - 2014-03-27 14:14 - 00000000 ____D () C:\Program Files (x86)\Dev-Cpp
2014-03-27 14:13 - 2014-03-27 14:13 - 43633629 _____ () C:\Users\Kathrin\Downloads\Dev-Cpp_5.4.0_TDM-GCC_x64_4.7.1_Setup.exe
2014-03-27 11:18 - 2014-03-28 04:09 - 00000000 ____D () C:\ProgramData\systemk
2014-03-27 11:18 - 2014-03-28 04:09 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-03-27 11:17 - 2014-03-27 11:17 - 09326468 _____ () C:\Users\Kathrin\Desktop\devcpp-4.9.9.2_setup.exe
2014-03-25 23:39 - 2014-03-27 19:57 - 00029120 _____ () C:\Users\Kathrin\Desktop\Handout - Feedback.odt
2014-03-25 22:56 - 2014-03-27 10:44 - 08997900 _____ () C:\Users\Kathrin\Desktop\Präsentation Feedback.odp
2014-03-25 20:21 - 2014-03-25 20:21 - 00987442 _____ () C:\Users\Kathrin\Downloads\SecurityCheck.exe
2014-03-25 18:19 - 2014-03-25 18:19 - 02347384 _____ (ESET) C:\Users\Kathrin\Downloads\esetsmartinstaller_enu.exe
2014-03-24 20:54 - 2014-03-24 20:54 - 00000000 ____D () C:\Users\Kathrin\Documents\ARADump
2014-03-24 20:54 - 2014-03-24 20:54 - 00000000 ____D () C:\Users\Kathrin\Cyberlink
2014-03-24 20:53 - 2014-03-24 20:53 - 00526323 _____ () C:\Users\Kathrin\Downloads\web_of_trust_wot-20131118-fx.zip
2014-03-24 20:04 - 2014-03-24 20:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-24 20:02 - 2014-03-24 20:02 - 01038974 _____ (Thisisu) C:\Users\Kathrin\Downloads\JRT.exe
2014-03-24 19:56 - 2014-03-28 04:13 - 00000000 ____D () C:\AdwCleaner
2014-03-24 19:55 - 2014-03-24 19:55 - 01950720 _____ () C:\Users\Kathrin\Downloads\adwcleaner.exe
2014-03-24 19:12 - 2014-03-28 21:10 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-24 19:12 - 2014-03-24 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 19:12 - 2014-03-24 19:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-24 19:12 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-24 19:12 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-24 19:12 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-24 19:10 - 2014-03-24 19:11 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Kathrin\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 18:59 - 2014-03-24 18:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kathrin\Downloads\revosetup95.exe
2014-03-24 18:59 - 2014-03-24 18:59 - 00001291 _____ () C:\Users\Kathrin\Desktop\Revo Uninstaller.lnk
2014-03-24 18:59 - 2014-03-24 18:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-22 07:46 - 2014-03-22 07:46 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition3.txt
2014-03-22 07:44 - 2014-03-22 07:44 - 00059303 _____ () C:\Users\Kathrin\Downloads\FRST2.txt
2014-03-22 07:43 - 2014-03-22 07:43 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357.exe
2014-03-22 07:41 - 2014-03-22 07:45 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition.txt
2014-03-22 07:40 - 2014-03-29 07:09 - 00029875 _____ () C:\Users\Kathrin\Downloads\FRST.txt
2014-03-22 07:40 - 2014-03-29 07:09 - 00000000 ____D () C:\FRST
2014-03-22 07:39 - 2014-03-22 07:40 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2014-03-22 07:39 - 2014-03-22 07:39 - 01145856 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST.exe
2014-03-22 07:38 - 2014-03-29 07:05 - 00000476 _____ () C:\Users\Kathrin\Downloads\defogger_disable.log
2014-03-22 07:38 - 2014-03-22 07:38 - 00000000 _____ () C:\Users\Kathrin\defogger_reenable
2014-03-22 07:37 - 2014-03-22 07:37 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger.exe
2014-03-22 07:19 - 2014-03-22 07:19 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-22 07:19 - 2014-03-22 07:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\LSC
2014-03-22 07:10 - 2014-03-22 07:10 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-22 07:08 - 2014-03-22 07:09 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\Users\Kathrin\Documents\Simply Super Software
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Simply Super Software
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-22 07:07 - 2014-03-22 07:08 - 21407864 _____ (Simply Super Software ) C:\Users\Kathrin\Downloads\trjsetup690.exe
2014-03-21 22:48 - 2014-02-22 13:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-21 22:48 - 2014-02-22 12:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-21 21:52 - 2014-03-21 21:52 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Lenovo
2014-03-19 07:25 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-19 07:25 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-19 07:25 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-19 07:09 - 2014-03-19 07:08 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-19 07:09 - 2014-03-19 07:08 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-19 07:09 - 2014-03-19 07:08 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-19 06:59 - 2014-03-19 06:59 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Cisco
2014-03-19 06:59 - 2014-03-19 06:59 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-19 06:59 - 2012-09-26 07:45 - 00107432 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2014-03-18 20:38 - 2013-12-14 07:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-18 20:38 - 2013-12-09 09:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-18 20:37 - 2014-01-08 02:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-18 20:37 - 2014-01-08 02:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-18 20:37 - 2014-01-08 02:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-18 20:37 - 2014-01-04 16:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-18 20:37 - 2014-01-04 16:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-18 20:37 - 2014-01-04 15:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-18 20:37 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-18 20:37 - 2014-01-03 00:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-18 20:37 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-18 20:37 - 2014-01-01 02:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-18 20:37 - 2014-01-01 02:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-18 20:37 - 2014-01-01 01:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-18 20:37 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-18 20:37 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-18 20:37 - 2014-01-01 00:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-18 20:37 - 2014-01-01 00:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-18 20:37 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-18 20:37 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-18 20:37 - 2013-12-31 00:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-18 20:37 - 2013-12-31 00:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-18 20:37 - 2013-12-31 00:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-18 20:37 - 2013-12-27 16:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-18 20:37 - 2013-12-27 09:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-18 20:37 - 2013-12-27 09:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-18 20:37 - 2013-12-27 09:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-18 20:37 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-18 20:37 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-18 20:37 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-18 20:37 - 2013-12-21 08:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-18 20:37 - 2013-12-17 08:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-18 20:37 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-18 20:37 - 2013-12-13 11:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-18 20:37 - 2013-12-13 07:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-18 20:37 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-18 20:37 - 2013-12-09 05:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-15 13:10 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-15 13:10 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-15 13:10 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-15 13:10 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-15 13:10 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-15 13:10 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-15 13:10 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-15 13:10 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-15 13:10 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-15 13:10 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-15 13:10 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-15 13:10 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-15 13:10 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-15 13:10 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-15 13:10 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-15 13:10 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-15 13:10 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-15 13:10 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-15 13:10 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-15 13:10 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-15 13:10 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-15 13:10 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-15 13:10 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-15 13:10 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-15 13:10 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-15 13:10 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-15 13:10 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-15 13:10 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-15 13:10 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-15 13:10 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-15 13:10 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-15 13:10 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-15 13:10 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-15 13:10 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-15 13:10 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-15 13:10 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-15 13:10 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-15 13:10 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-15 13:10 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-15 13:10 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-15 13:10 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-15 13:10 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-15 13:10 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-15 13:10 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-15 13:10 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-15 13:10 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-15 13:10 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-15 13:10 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-15 13:10 - 2014-01-27 12:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-15 13:10 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-15 13:10 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-15 13:10 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-15 13:10 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-15 13:10 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-15 13:10 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-15 13:03 - 2013-12-11 18:40 - 00002092 _____ () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-15 13:03 - 2013-12-11 18:40 - 00002092 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-15 13:03 - 2013-12-11 18:40 - 00002092 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-02 14:28 - 2014-03-02 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 13:53 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-02 13:53 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll

==================== One Month Modified Files and Folders =======

2014-03-29 07:09 - 2014-03-22 07:40 - 00029875 _____ () C:\Users\Kathrin\Downloads\FRST.txt
2014-03-29 07:09 - 2014-03-22 07:40 - 00000000 ____D () C:\FRST
2014-03-29 07:06 - 2014-03-29 07:06 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2014-03-29 07:06 - 2013-11-24 21:33 - 01442381 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-29 07:05 - 2014-03-29 07:05 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger(1).exe
2014-03-29 07:05 - 2014-03-22 07:38 - 00000476 _____ () C:\Users\Kathrin\Downloads\defogger_disable.log
2014-03-29 07:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-29 06:59 - 2012-12-15 04:34 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-03-29 06:58 - 2013-04-08 17:39 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dropbox
2014-03-29 06:57 - 2014-01-02 10:54 - 00000000 __RDO () C:\Users\Kathrin\SkyDrive
2014-03-29 06:57 - 2013-04-08 17:42 - 00000000 ___RD () C:\Users\Kathrin\Dropbox
2014-03-29 06:56 - 2013-04-08 14:39 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Nitro PDF
2014-03-28 21:43 - 2014-01-02 11:33 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\ClassicShell
2014-03-28 21:41 - 2013-12-20 16:52 - 00035874 _____ () C:\WINDOWS\PFRO.log
2014-03-28 21:41 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-28 21:33 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-28 21:33 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\TAPI
2014-03-28 21:11 - 2013-06-29 19:56 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-28 21:10 - 2014-03-24 19:12 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-28 19:30 - 2013-12-06 21:01 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C3BC0EC9-7B8A-46EC-AC7D-AE06DD0CCEC7}
2014-03-28 19:04 - 2013-04-08 14:49 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4231283838-1293705952-112321423-1001
2014-03-28 18:42 - 2013-04-11 19:56 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-28 13:20 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-28 13:20 - 2013-09-30 04:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-28 13:20 - 2013-09-30 04:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-28 13:19 - 2013-12-12 23:49 - 00003612 _____ () C:\WINDOWS\setupact.log
2014-03-28 04:23 - 2014-03-28 04:22 - 00001758 _____ () C:\sc-cleaner.txt
2014-03-28 04:22 - 2014-03-28 04:22 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Kathrin\Downloads\sc-cleaner.exe
2014-03-28 04:13 - 2014-03-24 19:56 - 00000000 ____D () C:\AdwCleaner
2014-03-28 04:09 - 2014-03-27 11:18 - 00000000 ____D () C:\ProgramData\systemk
2014-03-28 04:09 - 2014-03-27 11:18 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-03-28 04:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Globalization
2014-03-27 20:01 - 2014-03-27 20:01 - 00000000 ____D () C:\ProgramData\Brother
2014-03-27 19:57 - 2014-03-25 23:39 - 00029120 _____ () C:\Users\Kathrin\Desktop\Handout - Feedback.odt
2014-03-27 14:17 - 2014-03-27 14:16 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dev-Cpp
2014-03-27 14:16 - 2014-03-27 14:16 - 00001009 _____ () C:\Users\Kathrin\Desktop\Dev-C++.lnk
2014-03-27 14:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-27 14:14 - 2014-03-27 14:14 - 00000000 ____D () C:\Program Files (x86)\Dev-Cpp
2014-03-27 14:13 - 2014-03-27 14:13 - 43633629 _____ () C:\Users\Kathrin\Downloads\Dev-Cpp_5.4.0_TDM-GCC_x64_4.7.1_Setup.exe
2014-03-27 11:27 - 2014-01-02 18:54 - 00000000 ____D () C:\Users\Kathrin\Documents\Visual Studio 2013
2014-03-27 11:20 - 2013-06-08 07:59 - 00000000 ____D () C:\Users\Kathrin\Documents\Studium
2014-03-27 11:17 - 2014-03-27 11:17 - 09326468 _____ () C:\Users\Kathrin\Desktop\devcpp-4.9.9.2_setup.exe
2014-03-27 10:44 - 2014-03-25 22:56 - 08997900 _____ () C:\Users\Kathrin\Desktop\Präsentation Feedback.odp
2014-03-25 20:21 - 2014-03-25 20:21 - 00987442 _____ () C:\Users\Kathrin\Downloads\SecurityCheck.exe
2014-03-25 18:19 - 2014-03-25 18:19 - 02347384 _____ (ESET) C:\Users\Kathrin\Downloads\esetsmartinstaller_enu.exe
2014-03-24 20:54 - 2014-03-24 20:54 - 00000000 ____D () C:\Users\Kathrin\Documents\ARADump
2014-03-24 20:54 - 2014-03-24 20:54 - 00000000 ____D () C:\Users\Kathrin\Cyberlink
2014-03-24 20:54 - 2013-11-24 21:11 - 00000000 ____D () C:\Users\Kathrin
2014-03-24 20:54 - 2013-06-30 20:46 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-24 20:54 - 2013-06-30 20:19 - 00000000 ____D () C:\Users\Kathrin\Documents\CyberLink
2014-03-24 20:54 - 2013-06-30 20:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\CyberLink
2014-03-24 20:54 - 2012-12-15 04:36 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-24 20:53 - 2014-03-24 20:53 - 00526323 _____ () C:\Users\Kathrin\Downloads\web_of_trust_wot-20131118-fx.zip
2014-03-24 20:04 - 2014-03-24 20:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-24 20:02 - 2014-03-24 20:02 - 01038974 _____ (Thisisu) C:\Users\Kathrin\Downloads\JRT.exe
2014-03-24 19:55 - 2014-03-24 19:55 - 01950720 _____ () C:\Users\Kathrin\Downloads\adwcleaner.exe
2014-03-24 19:12 - 2014-03-24 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 19:12 - 2014-03-24 19:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-24 19:11 - 2014-03-24 19:10 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Kathrin\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 19:02 - 2013-10-09 09:02 - 00001008 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-24 18:59 - 2014-03-24 18:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kathrin\Downloads\revosetup95.exe
2014-03-24 18:59 - 2014-03-24 18:59 - 00001291 _____ () C:\Users\Kathrin\Desktop\Revo Uninstaller.lnk
2014-03-24 18:59 - 2014-03-24 18:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 18:59 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-22 07:46 - 2014-03-22 07:46 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition3.txt
2014-03-22 07:45 - 2014-03-22 07:41 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition.txt
2014-03-22 07:44 - 2014-03-22 07:44 - 00059303 _____ () C:\Users\Kathrin\Downloads\FRST2.txt
2014-03-22 07:43 - 2014-03-22 07:43 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357.exe
2014-03-22 07:40 - 2014-03-22 07:39 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2014-03-22 07:39 - 2014-03-22 07:39 - 01145856 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST.exe
2014-03-22 07:38 - 2014-03-22 07:38 - 00000000 _____ () C:\Users\Kathrin\defogger_reenable
2014-03-22 07:37 - 2014-03-22 07:37 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger.exe
2014-03-22 07:19 - 2014-03-22 07:19 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-22 07:19 - 2014-03-22 07:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\LSC
2014-03-22 07:19 - 2013-04-08 14:49 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\LSC
2014-03-22 07:19 - 2012-12-15 04:23 - 00000000 ____D () C:\Program Files\Lenovo
2014-03-22 07:19 - 2012-12-14 20:54 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-22 07:18 - 2012-12-15 04:34 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-03-22 07:12 - 2013-04-08 14:41 - 00000000 ___RD () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-22 07:10 - 2014-03-22 07:10 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-22 07:09 - 2014-03-22 07:08 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\Users\Kathrin\Documents\Simply Super Software
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Simply Super Software
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-22 07:08 - 2014-03-22 07:07 - 21407864 _____ (Simply Super Software ) C:\Users\Kathrin\Downloads\trjsetup690.exe
2014-03-21 21:52 - 2014-03-21 21:52 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Lenovo
2014-03-20 21:43 - 2013-06-28 15:12 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-03-20 21:43 - 2013-04-11 20:00 - 00049952 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-03-20 20:17 - 2013-04-08 14:41 - 00000000 ___RD () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-19 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-19 07:40 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-19 07:40 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-19 07:40 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-19 07:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-19 07:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-19 07:39 - 2013-08-31 09:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-19 07:37 - 2013-04-08 21:13 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-19 07:10 - 2013-11-18 20:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-19 07:08 - 2014-03-19 07:09 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-19 07:08 - 2014-03-19 07:09 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-19 07:08 - 2014-03-19 07:09 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-19 07:08 - 2013-08-31 08:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-19 06:59 - 2014-03-19 06:59 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Cisco
2014-03-19 06:59 - 2014-03-19 06:59 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-19 06:59 - 2013-04-14 10:50 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-19 06:43 - 2013-04-13 13:20 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-18 20:29 - 2013-08-22 15:44 - 00513320 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-18 20:28 - 2013-06-30 13:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 20:28 - 2013-06-30 13:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-18 20:28 - 2013-04-08 22:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 20:22 - 2013-04-29 13:51 - 00000412 _____ () C:\WINDOWS\Tasks\AllmyappsUpdateTask.job
2014-03-15 13:11 - 2013-06-29 19:56 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-15 13:03 - 2012-12-15 04:35 - 00000000 ____D () C:\WINDOWS\System32\Tasks\TVT
2014-03-15 13:03 - 2012-12-15 04:23 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-03-05 09:26 - 2014-03-24 19:12 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-24 19:12 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-24 19:12 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 14:28 - 2014-03-02 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 13:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-02 13:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-02 13:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-02 13:57 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-02 13:57 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-01 07:05 - 2014-03-15 13:10 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 05:58 - 2014-03-15 13:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 05:30 - 2014-03-15 13:10 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 05:17 - 2014-03-15 13:10 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 04:54 - 2014-03-15 13:10 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 04:47 - 2014-03-15 13:10 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 04:42 - 2014-03-15 13:10 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 04:18 - 2014-03-15 13:10 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 04:14 - 2014-03-15 13:10 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-15 13:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 04:03 - 2014-03-15 13:10 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 03:57 - 2014-03-15 13:10 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-15 13:10 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-15 13:10 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-15 13:10 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-15 13:10 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-15 13:10 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\ProgramData\Lenovo-1208.vbs


Some content of TEMP:
====================
C:\Users\Kathrin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kathrin\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Kathrin\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-15 13:10] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-03-25 21:22

==================== End Of Log ============================
         
Mit dem Addition-File wird das Thema leider zu groß.
Wenn sich jemand dem Thema annimmt, stelle ich das gerne noch gestückelt ans antowrt rein.

Gmer zeigt beim Start folgende Fehlermeldung:
Code:
ATTFilter
C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei 
zugreifen, da sie von einem anderen Prozess verwendet wird.
         
Defogger lief ohne Fehlermeldung.

Danke schonmal im Vorraus.

Viele Grüße
Katy

Alt 29.03.2014, 06:29   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: default-search.net als Startsarte in allen Browsern - Standard

Windows 8: default-search.net als Startsarte in allen Browsern



Hi,

dann stückel mal
__________________

__________________

Alt 29.03.2014, 06:34   #3
Katy91
 
Windows 8: default-search.net als Startsarte in allen Browsern - Standard

Windows 8: default-search.net als Startsarte in allen Browsern



Super

Hier das Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Kathrin at 2014-03-29 07:09:56
Running from C:\Users\Kathrin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

 PowerDVD Create 10 (x32 Version: 10.0.1.2020 - CyberLink Corp.) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.9 - Absolute Software)
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Allmyapps (HKCU\...\Allmyapps) (Version: 2.0.0.28 - Allmyapps SAS)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4354 - AVG Technologies)
AVG 2014 (Version: 14.0.3722 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4354 - AVG Technologies) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.0.10057 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.10057 - Cisco Systems, Inc.) Hidden
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
CyberLink Power2Go 7 (x32 Version: 7.0.0.3231 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4518.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4518.52 - CyberLink Corp.) Hidden
CyberLink PowerProducer 5.5 (x32 Version: 5.5.3.4307 - CyberLink Corp.) Hidden
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.4.0 - )
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Fingerprint Reader (HKLM\...\{7DD99174-299B-4450-A179-7F27F4C2D042}) (Version: 6.0.200.105 - AuthenTec, Inc.)
Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2013.11.01 - www.hardcopy.de)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{DF37555F-0259-43DA-B60C-47106FA14AA3}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Integrated Camera Driver Installer Package Ver.1.0.0.23 (HKLM-x32\...\{F8754583-7893-4CD8-9E51-1A08F3D4C1A9}) (Version: 1.0.0.23 - RICOH)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.34813 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
IVI Shared Component 64-bit (Version: 2.21.49152 - IVI Foundation Inc.) Hidden
IVI Shared Components 2.2.1 (HKLM-x32\...\IviSharedComponent) (Version: 2.21.49152 - IVI Foundation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
LAV Filters 0.56.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.56.1 - Hendrik Leppkes)
LEGO MINDSTORMS NXT x64 Driver (HKLM\...\{A0831C28-A6FA-49A3-86AE-B5AE3C9EE19C}) (Version: 1.20.115.0 - LEGO)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.02 - )
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.0 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}) (Version: 1.3.1.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.66.00.22 - )
Lenovo QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0039 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.0.96.0 - Lenovo Corporation)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 1.1.0.20 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 1.1.0.55 - Lenovo)
Lenovo Solution Center (HKLM\...\{C51863E5-EB09-43A5-9D43-26A32587EEAC}) (Version: 2.4.002.00 - Lenovo Group Limited)
Lenovo Solutions for Small Business (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 1.1.27.5565 - Intel(R) Corporation)
Lenovo Solutions for Small Business Customizations (HKLM-x32\...\{AFD7B869-3B70-40C7-8983-769256BA3BD2}) (Version: 1.1.0004.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.05.0009 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0007.00 - Lenovo)
LTspice IV (HKLM-x32\...\LTspice IV) (Version:  - )
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Math Kernel Libraries (64-bit) (Version: 1.0.31.0 - National Instruments) Hidden
Math Kernel Libraries (64-bit) (Version: 13.0.13 - National Instruments) Hidden
Math Kernel Libraries (x32 Version: 1.0.31.0 - National Instruments) Hidden
Math Kernel Libraries (x32 Version: 13.0.13 - National Instruments) Hidden
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden
Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.30809.0 - Microsoft Corporation) Hidden
Microsoft C++ Azure Mobile SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 5.1 (x32 Version: 5.1.4001 - National Instruments) Hidden
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows - ENU (HKLM-x32\...\{78095723-ced1-49b3-b0ac-8598452ef0ec}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
National Instruments - Software (HKLM-x32\...\NI Uninstaller) (Version:  - National Instruments)
NI .NET Framework 4.0 (x32 Version: 4.01.49152 - National Instruments) Hidden
NI ActiveX Container (64-bit) (Version: 13.0.4 - National Instruments) Hidden
NI ActiveX Container (x32 Version: 13.0.4 - National Instruments) Hidden
NI AFW Channel Configuration Tool (x32 Version: 9.0.143 - National Instruments) Hidden
NI AFW Custom UI (x32 Version: 9.0.143 - National Instruments) Hidden
NI AFW Custom UI Assemblies (x32 Version: 9.0.143 - National Instruments) Hidden
NI AFW UI Assemblies (x32 Version: 9.0.143 - National Instruments) Hidden
NI Assistant Framework (x32 Version: 9.0.143 - National Instruments) Hidden
NI Assistant Framework 64-bit (Version: 9.0.143 - National Instruments) Hidden
NI Assistant Framework LabVIEW 2013 Support (x32 Version: 9.0.107 - National Instruments) Hidden
NI Assistant Framework LabVIEW Code Generator 2013 (x32 Version: 9.0.107 - National Instruments) Hidden
NI Authentication 13.0.0 (64-bit) (Version: 13.0.326 - National Instruments) Hidden
NI Authentication 13.0.0 (x32 Version: 13.0.326 - National Instruments) Hidden
NI Certificates Deployment Support (x32 Version: 1.03.49152 - National Instruments) Hidden
NI CodeSignAPI (x32 Version: 2.70.346 - National Instruments) Hidden
NI Control Design Assistant 2013 (x32 Version: 13.0.229 - National Instruments) Hidden
NI Curl 13.0.0 (64-bit) (Version: 13.0.324 - National Instruments) Hidden
NI Curl 13.0.0 (x32 Version: 13.0.324 - National Instruments) Hidden
NI Customer Experience Improvement Program (x32 Version: 2.0.77 - National Instruments) Hidden
NI DataSocket 5.1 (64-bit) (Version: 5.1.227 - National Instruments) Hidden
NI DataSocket 5.1 (x32 Version: 5.1.227 - National Instruments) Hidden
NI Distributed System Manager 2013 (x32 Version: 13.0.338 - National Instruments) Hidden
NI Enhanced DSC Deployment Support for LabVIEW 2011 SP1 (x32 Version: 11.0.419.0 - National Instruments) Hidden
NI Error Reporting 2013 (x32 Version: 13.0.324 - National Instruments) Hidden
NI Error Reporting Interface Installer 5.5 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI Error Reporting Interface Installer 5.5 for Windows 64-bit (Version: 5.50.49152 - National Instruments) Hidden
NI EulaDepot (x32 Version: 3.20.351 - National Instruments) Hidden
NI Example Finder 13.0 (x32 Version: 13.0.324 - National Instruments) Hidden
NI GMP Windows 32-bit Installer 13.0.0 (x32 Version: 13.0.45.0 - National Instruments) Hidden
NI GMP Windows 64-bit Installer 13.0.0 (Version: 13.0.45.0 - National Instruments) Hidden
NI Help Assistant 2.0 (64bit) (Version: 2.0.3 - National Instruments) Hidden
NI Help Assistant 2.0 (x32 Version: 2.0.3 - National Instruments) Hidden
NI Help Configuration Utility for VS2010 (x32 Version: 13.0.00167 - National Instruments) Hidden
NI Instrument IO Assistant for LabVIEW 2013 32-bit (x32 Version: 1.0.14.0 - National Instruments) Hidden
NI IVI Class Driver LabVIEW 2013 Support (x32 Version: 4.60.49152 - National Instruments) Hidden
NI IVI Class Drivers (64-bit) (Version: 6.60.49152 - National Instruments) Hidden
NI IVI Class Drivers (x32 Version: 6.60.49152 - National Instruments) Hidden
NI IVI Class Simulation Drivers (64-bit) (Version: 4.60.49152 - National Instruments) Hidden
NI IVI Class Simulation Drivers (x32 Version: 4.60.49152 - National Instruments) Hidden
NI IVI Compliance Package 4.6 (64-bit) (Version: 4.60.49152 - National Instruments) Hidden
NI IVI Compliance Package 4.6 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI IVI Engine (64-bit) (Version: 134.60.49152 - National Instruments) Hidden
NI IVI Engine (x32 Version: 134.60.49152 - National Instruments) Hidden
NI IVI Online Help (x32 Version: 4.60.49152 - National Instruments) Hidden
NI IVI Provider for MAX (x32 Version: 5.70.49152 - National Instruments) Hidden
NI LabVIEW 2010 Real-Time NBFifo (x32 Version: 10.0.214.0 - National Instruments) Hidden
NI LabVIEW 2011 Real-Time NBFifo (x32 Version: 11.0.250.0 - National Instruments) Hidden
NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 12.0.219.0 - National Instruments) Hidden
NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 13.0.336 - National Instruments) Hidden
NI LabVIEW 2012 Run-Time Engine Web Server (x32 Version: 12.5.198.0 - National Instruments) Hidden
NI LabVIEW 2012 SP1 Run-Time Engine Non-English Support. (x32 Version: 12.1.52.0 - National Instruments) Hidden
NI LabVIEW 2013 (32-bit) (x32 Version: 13.0.350 - National Instruments) Hidden
NI LabVIEW 2013 (32-bit) (x32 Version: 13.0.397 - National Instruments) Hidden
NI LabVIEW 2013 Control Design and Simulation Module (x32 Version: 13.0.228 - National Instruments) Hidden
NI LabVIEW 2013 Control Design MathScript Support (x32 Version: 13.0.228 - National Instruments) Hidden
NI LabVIEW 2013 Control Design Real-Time Support (x32 Version: 13.0.227 - National Instruments) Hidden
NI LabVIEW 2013 Control Design Shared VIs (x32 Version: 13.0.227 - National Instruments) Hidden
NI LabVIEW 2013 Deployable License (x32 Version: 13.0.303 - National Instruments) Hidden
NI LabVIEW 2013 Deployment Framework (x32 Version: 13.0.330 - National Instruments) Hidden
NI LabVIEW 2013 Digital Filter Design Toolkit (x32 Version: 13.0.56 - National Instruments) Hidden
NI LabVIEW 2013 Digital Filter Design Toolkit License (x32 Version: 13.0.69 - National Instruments) Hidden
NI LabVIEW 2013 Digital Filter Design Toolkit RT Support (x32 Version: 13.0.57 - National Instruments) Hidden
NI LabVIEW 2013 f1 (x32 Version: 13.0.328 - National Instruments) Hidden
NI LabVIEW 2013 Help (x32 Version: 13.0.338 - National Instruments) Hidden
NI LabVIEW 2013 Help File (x32 Version: 13.0.299 - National Instruments) Hidden
NI LabVIEW 2013 LEGO® MINDSTORMS® NXT Module (x32 Version: 13.0.30 - National Instruments) Hidden
NI LabVIEW 2013 License (x32 Version: 13.0.342 - National Instruments) Hidden
NI LabVIEW 2013 Manuals (x32 Version: 13.0.326 - National Instruments) Hidden
NI LabVIEW 2013 MathScript RT Module (x32 Version: 13.0.217 - National Instruments) Hidden
NI LabVIEW 2013 MathScript RT Module (x32 Version: 13.0.45 - National Instruments) Hidden
NI LabVIEW 2013 MathScript RT Module License (x32 Version: 13.0.209 - National Instruments) Hidden
NI LabVIEW 2013 MeasAppChm File (x32 Version: 13.0.299 - National Instruments) Hidden
NI LabVIEW 2013 Real-Time Error Dialog (x32 Version: 13.0.123 - National Instruments) Hidden
NI LabVIEW 2013 Run-Time Engine Non-English Support. (x32 Version: 13.0.329 - National Instruments) Hidden
NI LabVIEW 2013 Run-Time Engine Web Server (x32 Version: 13.0.321 - National Instruments) Hidden
NI LabVIEW 2013 Scripting Code Generator (x32 Version: 9.0.172 - National Instruments) Hidden
NI LabVIEW 2013 Search (x32 Version: 13.0.16 - National Instruments) Hidden
NI LabVIEW 2013 Simulation (x32 Version: 13.0.327 - National Instruments) Hidden
NI LabVIEW 2013 System Identification Toolkit (x32 Version: 13.0.57 - National Instruments) Hidden
NI LabVIEW 2013 System Identification Toolkit License (x32 Version: 13.0.66 - National Instruments) Hidden
NI LabVIEW 2013 System Identification Toolkit VIs (x32 Version: 13.0.57 - National Instruments) Hidden
NI LabVIEW 2013 Variable Web Service (x32 Version: 13.0.326 - National Instruments) Hidden
NI LabVIEW 2013 Web Server (x32 Version: 13.0.327 - National Instruments) Hidden
NI LabVIEW 64-bit Modulation Toolkit 4.3.4 (Version: 4.34.49152 - National Instruments) Hidden
NI LabVIEW Analog Modulation Toolkit 4.3.4 (x32 Version: 4.34.49154 - National Instruments) Hidden
NI LabVIEW Broker (64 bit) (Version: 6.8.10.0 - National Instruments) Hidden
NI LabVIEW Broker (x32 Version: 6.8.10.0 - National Instruments) Hidden
NI LabVIEW C Interface (x32 Version: 1.0.1 - National Instruments) Hidden
NI LabVIEW Compare Utility 13.0.0 (x32 Version: 13.0.340 - National Instruments) Hidden
NI LabVIEW EWB DeviceHandler (x32 Version: 7.0.148 - National Instruments) Hidden
NI LabVIEW MAX XML (x32 Version: 9.0.6.0 - National Instruments) Hidden
NI LabVIEW Merge Utility 13.0.0 (x32 Version: 13.0.339 - National Instruments) Hidden
NI LabVIEW Modulation Toolkit 4.3.4 (x32 Version: 4.34.49152 - National Instruments) Hidden
NI LabVIEW Runtime Engine 2010 SP1 (x32 Version: 10.1.114.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2011 SP1 (x32 Version: 11.0.448.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2012 SP1 f3 (x32 Version: 12.1.58.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2013 (x32 Version: 13.0.332 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2010 (x32 Version: 10.1.115.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2011 (x32 Version: 11.0.449.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2012 SP1 (x32 Version: 12.1.58.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2013 (x32 Version: 13.0.332 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 10.0.235.0 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 11.0.375.0 - National Instruments) Hidden
NI LabVIEW Web Services Runtime (x32 Version: 13.0.314 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Analysis Library (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Analysis Library (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Code Generator (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Network Variable Library (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Network Variable Library (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Run-Time Engine (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 TDM Streaming Library (64-bit) (Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 TDM Streaming Library (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2012 LabVIEW DLL Builder (x32 Version: 12.0.0422 - National Instruments) Hidden
NI LabWindows/CVI Run-Time Engine 2010 SP1 (Updated) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI Run-Time Engine 2010 SP1 (x32 Version: 10.0.1434 - National Instruments) Hidden
NI Launcher (x32 Version: 3.20.351 - National Instruments) Hidden
NI License Manager (x32 Version: 3.7.53 - National Instruments) Hidden
NI Logos 5.5 (64-bit) (Version: 5.5.293 - National Instruments) Hidden
NI Logos 5.5 (x32 Version: 5.5.293 - National Instruments) Hidden
NI Logos LabVIEW 2013 Support (x32 Version: 13.0.327 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.5.294 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.5.294 - National Instruments) Hidden
NI Math Kernel Libraries (64-bit) (Version: 1.0.10.0 - National Instruments) Hidden
NI Math Kernel Libraries (64-bit) (Version: 1.0.15.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.10.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.25.0 - National Instruments) Hidden
NI MAX Remote Configuration 64-bit Installer 5.5 (Version: 5.50.49152 - National Instruments) Hidden
NI MAX Remote Configuration Installer 5.5 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI MAX Support for 64 Bit Windows (Version: 5.50.49152 - National Instruments) Hidden
NI MDF Support (x32 Version: 3.20.351 - National Instruments) Hidden
NI mDNS Responder 2.2 for Windows 64-bit (Version: 2.20.49152 - National Instruments) Hidden
NI mDNS Responder 2.2.0 (x32 Version: 2.20.49152 - National Instruments) Hidden
NI Measurement & Automation Explorer 5.5.0 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI Measurement Studio 2010 Service Pack 1 Enterprise RunTime for VS2010 (x32 Version: 9.1.10106 - National Instruments) Hidden
NI Measurement Studio Common .NET Assemblies (x64) for .NET 3.5 (Version: 13.0.00190 - National Instruments) Hidden
NI Measurement Studio Common .NET Assemblies (x64) for .NET 4.0 (Version: 13.0.00190 - National Instruments) Hidden
NI Measurement Studio Common .NET Assemblies for .NET 2.0 (x32 Version: 12.0.00258 - National Instruments) Hidden
NI Measurement Studio Common .NET Assemblies for .NET 3.5 and VS2008 (x32 Version: 13.0.00190 - National Instruments) Hidden
NI Measurement Studio Common .NET Assemblies for .NET 4.0 and VS2010 (x32 Version: 13.0.00190 - National Instruments) Hidden
NI Measurement Studio ComponentWorks 3D Graph (x32 Version: 8.6.10603 - National Instruments) Hidden
NI Measurement Studio ComponentWorks UI (x32 Version: 8.6.10603 - National Instruments) Hidden
NI Measurement Studio Recipe Processor (x32 Version: 8.0.0101 - National Instruments) Hidden
NI MetaSuite Installer (x32 Version: 3.20.351 - National Instruments) Hidden
NI MXS 5.5.0 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI MXS 5.5.0 for 64 Bit Windows (Version: 5.50.49152 - National Instruments) Hidden
NI Network Discovery 5.5 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI Network Discovery 5.5 for Windows 64-bit (Version: 5.50.49152 - National Instruments) Hidden
NI NI LabVIEW 2011 SP1 Run-Time Engine Non-English Support (x32 Version: 11.0.302.0 - National Instruments) Hidden
NI OPC Support (x32 Version: 13.0.296 - National Instruments) Hidden
NI OPCEnum Shared (x32 Version: 5.5.2018 - National Instruments) Hidden
NI Portable Configuration 5.5.0 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI Portable Configuration for 64 Bit Windows 5.5.0 (Version: 5.50.49152 - National Instruments) Hidden
NI Real-Time Device Manager (x32 Version: 1.10.49152 - National Instruments) Hidden
NI Registration Wizard (x32 Version: 1.3.97.0 - National Instruments) Hidden
NI Remote Provider for MAX 5.5.0 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI Remote PXI Provider for MAX 5.5.0 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI Search Shared (x32 Version: 13.0.13 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (64-bit) (Version: 1.0.29.0 - National Instruments) Hidden
NI Security Update (KB 67L8LCQW) (x32 Version: 1.0.29.0 - National Instruments) Hidden
NI Service Locator 13.0 (x32 Version: 13.0.303 - National Instruments) Hidden
NI SignalExpress 2013 (Version: 7.0.95 - National Instruments) Hidden
NI SignalExpress 2013 (Version: 7.0.98 - National Instruments) Hidden
NI SignalExpress 2013 (x32 Version: 7.0.151 - National Instruments) Hidden
NI SignalExpress 2013 Core (x32 Version: 7.0.148 - National Instruments) Hidden
NI SignalExpress 2013 Core LabVIEW 2013 Support (x32 Version: 7.0.110 - National Instruments) Hidden
NI SignalExpress 2013 Core LabVIEW Support (x32 Version: 7.0.148 - National Instruments) Hidden
NI SignalExpress 2013 Datatypes (x32 Version: 7.0.148 - National Instruments) Hidden
NI SignalExpress 2013 Datatypes LabVIEW 2013 Support (x32 Version: 7.0.110 - National Instruments) Hidden
NI SignalExpress 2013 LabVIEW 2013 Support (x32 Version: 7.0.114 - National Instruments) Hidden
NI SignalExpress 2013 LabVIEW Support (x32 Version: 7.0.154 - National Instruments) Hidden
NI SignalExpress 2013 Licenses (x32 Version: 7.0.148 - National Instruments) Hidden
NI SignalExpress 2013 Steps (x32 Version: 7.0.149 - National Instruments) Hidden
NI SignalExpress 2013 Tools (x32 Version: 7.0.149 - National Instruments) Hidden
NI SLCP 2.0 (x32 Version: 2.0.27 - National Instruments) Hidden
NI Software Provider for MAX 5.5.0 (x32 Version: 5.50.49152 - National Instruments) Hidden
NI Sound and Vibration Frequency Analysis 2013 (x32 Version: 13.0.100 - National Instruments) Hidden
NI Sound and Vibration Frequency Analysis LabVIEW 2013 Support (x32 Version: 13.0.100 - National Instruments) Hidden
NI SSL LabVIEW 2013 Support (x32 Version: 13.0.328 - National Instruments) Hidden
NI SSL LabVIEW RTE 2012 SP1 Support (x32 Version: 12.5.8.0 - National Instruments) Hidden
NI SSL LabVIEW RTE 2013 Support (x32 Version: 13.0.317 - National Instruments) Hidden
NI SSL Support (64-bit) (Version: 13.0.319 - National Instruments) Hidden
NI SSL Support (x32 Version: 13.0.324 - National Instruments) Hidden
NI System API .NET 5.5.0 (x32 Version: 5.50.157 - National Instruments) Hidden
NI System API Client for WIF 5.5.0 (x32 Version: 5.50.419 - National Instruments) Hidden
NI System API Web-Service 32-bit 5.5.0 (x32 Version: 5.50.405 - National Instruments) Hidden
NI System API Windows 32-bit 5.5.0 (x32 Version: 5.50.589 - National Instruments) Hidden
NI System API Windows 64-bit 5.5.0 (Version: 5.50.588 - National Instruments) Hidden
NI System Configuration 5.5.0 LabVIEW Support (x32 Version: 5.50.186 - National Instruments) Hidden
NI System Configuration LV2013 Support 5.5.0 (x32 Version: 5.50.178 - National Instruments) Hidden
NI System Configuration Runtime 5.5.0 (x32 Version: 5.50.226 - National Instruments) Hidden
NI System Configuration Runtime 5.5.0 for Windows 64-bit (Version: 5.50.226 - National Instruments) Hidden
NI System Identification Assistant 2013 (x32 Version: 13.0.88 - National Instruments) Hidden
NI System Identification Assistant 2013 LabVIEW Support (x32 Version: 13.0.57 - National Instruments) Hidden
NI System State Publisher (64-bit) (Version: 13.0.299 - National Instruments) Hidden
NI System State Publisher (x32 Version: 13.0.304 - National Instruments) Hidden
NI System Web Server 13.0 (x32 Version: 13.0.330 - National Instruments) Hidden
NI System Web Server Base 13.0.0 (64-bit) (Version: 13.0.323 - National Instruments) Hidden
NI System Web Server Base 13.0.0 (x32 Version: 13.0.323 - National Instruments) Hidden
NI TDM Excel Add-In 3.5 (x32 Version: 3.5.9 - National Instruments) Hidden
NI TDM Excel Add-In 3.5 64-bit (Version: 3.5.9 - National Instruments) Hidden
NI TDM Streaming 2.5 (64-bit) (Version: 2.5.36 - National Instruments) Hidden
NI TDM Streaming 2.5 (x32 Version: 2.5.36 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 13.0.324 - National Instruments) Hidden
NI Trace Engine (x32 Version: 13.0.324 - National Instruments) Hidden
NI Uninstaller (x32 Version: 3.20.351 - National Instruments) Hidden
NI Update Service 2.3 (64-bit) (Version: 2.30.53 - National Instruments) Hidden
NI Update Service 2.3 (x32 Version: 2.30.65 - National Instruments) Hidden
NI USI 2.0.1 (x32 Version: 2.0.15249 - National Instruments) Hidden
NI USI 2.0.1 64-Bit (Version: 2.0.15249 - National Instruments) Hidden
NI Variable Engine (64-bit) (Version: 2.7.297 - National Instruments) Hidden
NI Variable Engine 2.6.0 (x32 Version: 2.7.297 - National Instruments) Hidden
NI Variable Engine LabVIEW 2013 Support (x32 Version: 13.0.327 - National Instruments) Hidden
NI VC2005MSMs x64 (Version: 8.05.0 - National Instruments) Hidden
NI VC2005MSMs x86 (x32 Version: 8.05.0 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
NI VC2010SP1MSMs x64 (Version: 10.0.100 - National Instruments) Hidden
NI VC2010SP1MSMs x86 (x32 Version: 10.0.100 - National Instruments) Hidden
NI VIPM Helper 2013 (x32 Version: 13.0.339 - National Instruments) Hidden
NI Vision 2013 (x32 Version: 13.0.74 - National Instruments) Hidden
NI Vision 2013 .NET (x32 Version: 13.0.74 - National Instruments) Hidden
NI Vision 2013 64-bit (Version: 13.0.74 - National Instruments) Hidden
NI Vision Assistant 2013 (x32 Version: 13.0.49 - National Instruments) Hidden
NI Vision Assistant 2013 .NET (x32 Version: 13.0.49 - National Instruments) Hidden
NI Vision Assistant 2013 64-bit (Version: 13.0.49 - National Instruments) Hidden
NI Vision Builder AI 2012 SP1 API Interface (x32 Version: 5.3.2.0 - National Instruments) Hidden
NI Vision Builder AI 2012 SP1 f2 (x32 Version: 5.3.2.0 - National Instruments) Hidden
NI Vision Builder AI 2012 SP1 f2 Shared Resources (x32 Version: 5.3.2.0 - National Instruments) Hidden
NI Vision Common Resources 2013 (x32 Version: 13.0.77 - National Instruments) Hidden
NI Vision Common Resources 2013 64-bit (Version: 13.0.77 - National Instruments) Hidden
NI Vision Common Resources Real-Time 2013 (x32 Version: 13.0.44 - National Instruments) Hidden
NI Vision Run-Time Engine 2013 (x32 Version: 13.0.68 - National Instruments) Hidden
NI Vision Run-Time Engine 2013 64-bit (Version: 13.0.68 - National Instruments) Hidden
NI VisionRun-Time Engine 2013 .NET (x32 Version: 13.0.68 - National Instruments) Hidden
NI Visual C++ 2010 Redistributable Package (x32 Version: 10.10.16385 - National Instruments) Hidden
NI Web Application Server 13.0 (64-bit) (Version: 13.0.319 - National Instruments) Hidden
NI Web Application Server 13.0 (x32 Version: 13.0.324 - National Instruments) Hidden
NI Web Pipeline 3.3 (64-bit) (Version: 3.30.24 - National Instruments) Hidden
NI Web Pipeline 3.3 (x32 Version: 3.30.24 - National Instruments) Hidden
NI Web-Based Configuration and Monitoring 2013 (x32 Version: 13.0.306 - National Instruments) Hidden
NI Xalan Delay Load 1.10.2 (x32 Version: 1.10.72.0 - National Instruments) Hidden
NI Xalan Delay Load 1.10.2 64-bit (Version: 1.10.73.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.3 (x32 Version: 2.7.180.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.3 64-bit (Version: 2.7.190.0 - National Instruments) Hidden
NI-APAL 2.2 Error Files for LabVIEW RT (x32 Version: 2.20.49152 - National Instruments) Hidden
NI-APAL 2.2.1 64-Bit Error Files (Version: 2.21.49152 - National Instruments) Hidden
NI-APAL 2.2.1 Error Files (x32 Version: 2.21.49152 - National Instruments) Hidden
NI-APAL 2.2.1 Error Files for LabVIEW RT (x32 Version: 2.21.49152 - National Instruments) Hidden
NI-DAQmx/LabVIEW shared documentation 9.7.5 (x32 Version: 9.75.49152 - National Instruments) Hidden
NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 9.7.5 (Version: 9.75.49152 - National Instruments) Hidden
NI-DIM 1.13.0f0 (x32 Version: 1.130.49152 - National Instruments) Hidden
NI-DIM 1.13.0f0 for 64 Bit Windows (Version: 1.130.49152 - National Instruments) Hidden
NI-Mesa (Version: 12.0.7.0 - National Instruments) Hidden
NI-Mesa (x32 Version: 12.0.7.0 - National Instruments) Hidden
NI-ORB 1.10.0f0 (x32 Version: 1.100.49152 - National Instruments) Hidden
NI-ORB 1.10.0f0 for 64 Bit Windows (Version: 1.100.49152 - National Instruments) Hidden
NI-PAL 2.9.1 64-Bit Error Files (Version: 2.91.49152 - National Instruments) Hidden
NI-PAL 2.9.1 Error Files (x32 Version: 2.91.49152 - National Instruments) Hidden
NI-PAL 2.9.1 Error Files for LabVIEW RT (x32 Version: 2.91.49152 - National Instruments) Hidden
NI-PAL 2.9.1f0 (x32 Version: 10.101.49152 - National Instruments) Hidden
NI-PAL 2.9.1f0 for 64 Bit Windows (Version: 10.101.49152 - National Instruments) Hidden
NI-PAL 2.9.1f0 for Phar Lap ETS (x32 Version: 10.101.49152 - National Instruments) Hidden
NI-RPC 4.4.0f0 (x32 Version: 4.40.49152 - National Instruments) Hidden
NI-RPC 4.4.0f0 for 64 Bit Windows (Version: 4.40.49152 - National Instruments) Hidden
NI-RPC 4.4.0f0 for Phar Lap ETS (x32 Version: 4.40.49152 - National Instruments) Hidden
Nitro Pro 7 (HKLM\...\{3E0150DE-2F78-4673-8815-A5A804F61240}) (Version: 7.4.1.21 - Nitro PDF Software)
NI-VISA Runtime 5.2.0 (x32 Version: 5.20.49152 - National Instruments) Hidden
NI-VISA x64 support 5.2.0 (Version: 5.20.49152 - National Instruments) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.2 (HKLM\...\{49C9FDFF-6056-4E8C-B9AF-B7B4D78023E2}) (Version: 4.3.2 - Oracle Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
Qtrax Player (HKLM-x32\...\{58C91689-85E3-4B25-ADEC-2697986DF817}) (Version: 1.00.0001 - Qtrax)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Reset NI Config 5.5.0 (x32 Version: 5.50.227 - National Instruments) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.1.26 - SSW Software GmbH)
Saal Design Software (x32 Version: 3.1.26 - SSW Software GmbH) Hidden
Studie zur Verbesserung von HP Deskjet 2050 J510 series Produkten (HKLM\...\{C559DE9F-9451-49E5-9176-316E36192409}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.8 - Lenovo)
Trojan Remover 6.9.1.2929 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2929 - Simply Super Software)
VI Package Manager 2013 (HKLM-x32\...\{D50AD7A0-1F67-4007-825B-CA784852A341}) (Version: 13.1.1905 - JKI)
VI Package Manager 2013 (x32 Version: 13.0.0 - National Instruments) Hidden
VISA Shared Components 64-Bit (HKLM-x32\...\VISASharedComponents) (Version:  - )
VISA Shared Components 64-Bit (Version: 1.4.0 - IVI Foundation Inc.) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9600.16408 - Microsoft Corporation) Hidden
WaveEditor (x32 Version: 1.0.1.4406 - CyberLink Corp.) Hidden
WIF Core Dependencies Windows 5.5.0 (x32 Version: 5.50.155 - National Instruments) Hidden
Windows App Certification Kit Native Components (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Azure Mobile Services SDK (x32 Version: 1.0.10815.0 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (08/16/2012 11.5.4.1001) (HKLM\...\5FAC453989A0F70D1125104F58B20CAA20CE7BC8) (Version: 08/16/2012 11.5.4.1001 - Intel Corporation)
Windows-Treiberpaket - Lenovo 1.66.00.07 (08/15/2012 1.66.00.07) (HKLM\...\E56A6B34B44A7A597FFEBE0E14D81095E0FD4D73) (Version: 08/15/2012 1.66.00.07 - Lenovo)

==================== Restore Points  =========================

22-03-2014 02:58:18 Windows Update
24-03-2014 18:01:07 Revo Uninstaller's restore point - Delta Chrome Toolbar
27-03-2014 13:08:12 Revo Uninstaller's restore point - Dev-C++ 5 beta 9 release (4.9.9.2)

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0587D0CE-D24C-4FD7-AA81-904DD4F13B08} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F11AB0C-84C2-4999-BFDD-287A6AD86F18} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-01-21] (Microsoft)
Task: {12737E1C-101D-4827-A1DD-3AC98F78B2B4} - System32\Tasks\Lenovo\Lenovo-1208 => C:\ProgramData\Lenovo-1208.vbs [2013-04-08] ()
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {24DB39E2-0F9D-46B8-B3E0-42E27DCF62E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-15] (Adobe Systems Incorporated)
Task: {25FE88A1-0E24-4BCF-852A-01EDF773FA78} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-02-19] (Lenovo)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2D9CDDD9-D6F9-4C3B-B82E-120D99244D2A} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2012-05-24] (CyberLink)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {35E84B0E-0DEC-47EE-8604-0FB9E4A54542} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-19] (Lenovo)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3BF431E6-FF7B-44EB-85D9-DEA375C5CA2B} - System32\Tasks\JKIUpdateTask => C:\Program Files (x86)\JKI\VI Package Manager\support\JKIUpdate.exe [2013-12-05] (JKI)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4D35C7C3-A1AC-4A6A-BFE8-D0C0E2D6CCD6} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-02-19] ()
Task: {4E8C385A-1A11-4812-820D-24716B28CC5F} - System32\Tasks\Driver Restore-RTMRules => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {79B79207-3F11-431E-A385-6298F6BCE945} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-19] ()
Task: {7C1C3614-0429-4182-8B85-3B74D43B5C6D} - System32\Tasks\Driver Restore-RTMScan => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8AA4D1CC-6F7A-4E5D-995A-E6774DCB1EBA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-19] ()
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9200958B-146E-4148-9A74-1F751049C7E0} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {92AADECE-C518-4466-AAC1-C0494AC5C901} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2013-05-28] (National Instruments)
Task: {9455F097-7DE2-4869-AABF-3E40B1F662F2} - System32\Tasks\Dolby => c:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {9E3DD13C-02E8-43A8-A929-A40A87AC1EEE} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] ()
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A603340F-09DA-4AE6-866B-048A25658179} - System32\Tasks\Driver Restore-RTMScanRunOnce => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe
Task: {A8772141-EF0D-4293-B822-59EA729CE72C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {ADAE9F04-2A09-437B-BFB4-EF9DC05C9701} - System32\Tasks\Driver Restore-RTMUpdater => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe
Task: {B22181FC-99D0-4DFF-94F5-51484E748E2D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-02-21] ()
Task: {B41BD854-8DE4-4D09-AA90-6127895CFC33} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-19] (Microsoft Corporation)
Task: {C122A54B-CDBB-403E-8789-656C82AAFEB2} - System32\Tasks\Intel\Intel Service Manager => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12] (Intel Corporation)
Task: {C32B3A8F-4296-44FD-93C6-7BB65B4CE964} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {C6F72C16-98C6-4ACB-938D-0C4AEF27449F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-03-19] (Microsoft Corporation)
Task: {C7977AAD-C3DC-48AD-B25A-89184B8EB5F1} - System32\Tasks\AllmyappsUpdateTask => c:\users\kathrin\appdata\roaming\allmyapps\allmyappsupdater.exe [2014-03-18] (Allmyapps SAS)
Task: {C9EA6A0D-6E60-4669-B3E2-6706DCDCC122} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E990D6CB-3DFD-4167-90A6-363FE7DC476B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {EAF4B480-8C00-4670-AEEB-6C7A48C9654D} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {EE2EF730-57E1-46F8-8B17-0E3E5DB2CFDE} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2012-07-13] (CyberLink Corp.)
Task: {EFA3D167-B5F8-401F-9A6F-3B67491703A2} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.EXE [2012-07-13] (CyberLink Corp.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AllmyappsUpdateTask.job => C:\Users\Kathrin\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-04-14 10:57 - 2013-03-07 06:25 - 00115712 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-03-19 06:28 - 2013-10-31 17:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-04-13 13:20 - 2014-01-02 18:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-02-22 19:55 - 2013-02-22 19:55 - 00462840 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-08-07 03:03 - 2013-08-07 03:03 - 01130792 _____ () C:\Program Files\Lenovo Fingerprint Reader\DataManager.dll
2013-08-07 03:04 - 2013-08-07 03:04 - 00087848 _____ () C:\Program Files\Lenovo Fingerprint Reader\ssutil.dll
2013-11-12 12:16 - 2013-10-30 10:49 - 00126968 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_43_x64.dll
2013-11-12 12:16 - 2013-07-17 16:03 - 00037880 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
2013-11-12 12:16 - 2012-11-08 07:38 - 00044608 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
2013-02-22 19:55 - 2013-02-22 19:55 - 00014328 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-12-15 04:27 - 2010-10-26 05:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2013-08-07 03:04 - 2013-08-07 03:04 - 04624168 _____ () C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-06-20 20:55 - 2013-06-20 20:55 - 02214912 _____ () C:\Program Files (x86)\National Instruments\Shared\LabVIEW Run-Time\2013\NIQtCore_2013.dll
2013-06-20 20:55 - 2013-06-20 20:55 - 08044544 _____ () C:\Program Files (x86)\National Instruments\Shared\LabVIEW Run-Time\2013\NIQtGui_2013.dll
2012-01-26 10:36 - 2012-01-26 10:36 - 00278528 ____R () C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\xerces-depdom_2_6.dll
2014-03-25 21:22 - 2014-03-25 21:22 - 00797696 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Networking\19a8d1fd6ba18245c4dde13875b6e1d3\Windows.Networking.ni.dll
2014-03-25 21:22 - 2014-03-25 21:22 - 00228864 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\944bf33aded9f0e78c282767583019d9\Windows.Foundation.ni.dll
2013-11-12 12:16 - 2012-07-05 14:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
2013-11-12 12:16 - 2013-10-30 10:49 - 00117752 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_43_Win32.dll
2012-05-24 21:19 - 2012-05-24 21:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2012-05-24 21:19 - 2012-05-24 21:19 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-12-15 04:22 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-03-18 10:31 - 2014-03-18 20:22 - 00087040 _____ () C:\Users\Kathrin\AppData\Roaming\Allmyapps\qjson.dll
2014-03-18 20:22 - 2014-03-18 20:22 - 00137728 _____ () C:\Users\Kathrin\AppData\Roaming\Allmyapps\CrashRpt1402.dll
2013-06-07 10:59 - 2013-06-07 10:59 - 01958560 _____ () C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\niwsrp.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Kathrin\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-12 12:16 - 2013-09-14 08:20 - 02922488 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-03-02 14:28 - 2014-03-02 14:28 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-07 03:04 - 2013-08-07 03:04 - 00900904 _____ () C:\Program Files\Lenovo Fingerprint Reader\x86\DataManager.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\Users\Kathrin\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Kathrin\SkyDrive (2).old:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: IWD Bus Enumerator
Description: IWD Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: iwdbus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/29/2014 07:07:34 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (03/29/2014 07:05:35 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073422302

Error: (03/29/2014 06:56:51 AM) (Source: Location Task Manager) (User: )
Description: (GetUserLpd()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (03/29/2014 06:56:51 AM) (Source: Location Task Manager) (User: )
Description: (GetUserLpd()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (03/29/2014 06:56:51 AM) (Source: Location Task Manager) (User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (03/29/2014 06:56:33 AM) (Source: Location Task Manager) (User: )
Description: (GetHomepages()): Vorgabendatei für Google Chrome konnte nicht gefunden werden. Überprüfen Sie die Installation.

Error: (03/29/2014 06:56:31 AM) (Source: Location Task Manager) (User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (03/29/2014 06:56:31 AM) (Source: Location Task Manager) (User: )
Description: (GetHomepages()): Vorgabendatei für Google Chrome konnte nicht gefunden werden. Überprüfen Sie die Installation.

Error: (03/29/2014 06:56:31 AM) (Source: Location Task Manager) (User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (03/28/2014 09:36:33 PM) (Source: Location Task Manager) (User: )
Description: (GetUserLpd()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml


System errors:
=============
Error: (03/29/2014 07:06:16 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "pcicsa.sys" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/29/2014 06:59:57 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SWIX64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (03/28/2014 09:43:48 PM) (Source: DCOM) (User: KATHRIN-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (03/28/2014 09:42:08 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/28/2014 09:42:08 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/28/2014 09:41:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater18.0.5" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/28/2014 09:41:52 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/28/2014 09:41:52 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/28/2014 09:36:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SWIX64" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (03/28/2014 09:34:07 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{7160A13D-73DA-4CEA-95B9-37356478588A}Nicht verfügbarNT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (03/29/2014 07:07:34 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Kathrin\Downloads\esetsmartinstaller_enu.exe

Error: (03/29/2014 07:05:35 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073422302

Error: (03/29/2014 06:56:51 AM) (Source: Location Task Manager)(User: )
Description: (GetUserLpd()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (03/29/2014 06:56:51 AM) (Source: Location Task Manager)(User: )
Description: (GetUserLpd()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (03/29/2014 06:56:51 AM) (Source: Location Task Manager)(User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (03/29/2014 06:56:33 AM) (Source: Location Task Manager)(User: )
Description: (GetHomepages()): Vorgabendatei für Google Chrome konnte nicht gefunden werden. Überprüfen Sie die Installation.

Error: (03/29/2014 06:56:31 AM) (Source: Location Task Manager)(User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (03/29/2014 06:56:31 AM) (Source: Location Task Manager)(User: )
Description: (GetHomepages()): Vorgabendatei für Google Chrome konnte nicht gefunden werden. Überprüfen Sie die Installation.

Error: (03/29/2014 06:56:31 AM) (Source: Location Task Manager)(User: )
Description: (CheckLpdVersion()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml

Error: (03/28/2014 09:36:33 PM) (Source: Location Task Manager)(User: )
Description: (GetUserLpd()): "user_lpd.xml" konnte nicht gefunden werden. Überprüfen Sie, ob "Lenovo Settings" installiert ist: C:\Users\Kathrin\AppData\Local\Packages\LenovoCorporation.LenovoSettings_4642shxvsv8s2\LocalState\user_lpd.xml


CodeIntegrity Errors:
===================================
  Date: 2014-03-27 14:16:29.647
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-03-27 14:16:29.553
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 56%
Total physical RAM: 3941.95 MB
Available physical RAM: 1718.91 MB
Total Pagefile: 4965.95 MB
Available Pagefile: 2561.74 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:454.72 GB) (Free:380.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 69677AFB)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 29.03.2014, 09:13   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: default-search.net als Startsarte in allen Browsern - Standard

Windows 8: default-search.net als Startsarte in allen Browsern



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.03.2014, 11:26   #5
Katy91
 
Windows 8: default-search.net als Startsarte in allen Browsern - Standard

Windows 8: default-search.net als Startsarte in allen Browsern



Hey,

so jetzt mal das mbam.txt:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 29.03.2014
Suchlauf-Zeit: 10:57:28
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.0.1000
Malware Datenbank: v2014.03.29.01
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Kathrin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 299835
Verstrichene Zeit: 34 Min, 6 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
und das vom AdwCleaner:

Code:
ATTFilter
# AdwCleaner v3.022 - Bericht erstellt am 29/03/2014 um 12:12:56
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Kathrin - KATHRIN-PC
# Gestartet von : C:\Users\Kathrin\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\wincert

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Schlüssel Gelöscht : HKCU\Software\Softonic
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ Datei : C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [25874 octets] - [24/03/2014 19:56:25]
AdwCleaner[R1].txt - [2002 octets] - [28/03/2014 04:11:41]
AdwCleaner[S0].txt - [25482 octets] - [24/03/2014 19:58:00]
AdwCleaner[S1].txt - [1692 octets] - [28/03/2014 04:12:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1752 octets] ##########
         
und jetzt noch das JRT-file

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 x64
Ran by Kathrin on 29.03.2014 at 12:18:11,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.03.2014 at 12:24:30,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Sieht irgendwie alles sehr leer aus ...


Alt 30.03.2014, 07:11   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: default-search.net als Startsarte in allen Browsern - Standard

Windows 8: default-search.net als Startsarte in allen Browsern



das frische FRST log fehlt noch
__________________
--> Windows 8: default-search.net als Startsarte in allen Browsern

Alt 31.03.2014, 10:43   #7
Katy91
 
Windows 8: default-search.net als Startsarte in allen Browsern - Standard

Windows 8: default-search.net als Startsarte in allen Browsern



Oh vergessen

Die falsche Startseite ist aber noch da ...
Hier noch das frische FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Kathrin (administrator) on KATHRIN-PC on 31-03-2014 11:40:47
Running from C:\Users\Kathrin\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(National Instruments Corporation) C:\WINDOWS\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(National Instruments, Inc.) C:\WINDOWS\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\WINDOWS\SysWOW64\lktsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Dolby Laboratories Inc.) c:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink Corp.) C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Allmyapps SAS) C:\Users\Kathrin\AppData\Roaming\Allmyapps\Allmyapps.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(Dropbox, Inc.) C:\Users\Kathrin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Bloodshed Software) C:\Program Files (x86)\Dev-Cpp\devcpp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
() C:\Program Files (x86)\Dev-Cpp\ConsolePauser.exe
(Lenovo) C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
(Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\backgroundTaskHost.exe
(Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [TpShocks] - C:\WINDOWS\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2668024 2013-01-28] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-02-28] (Lenovo Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4277000 2012-11-08] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NI Update Service] - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [857888 2013-05-28] (National Instruments)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [522232 2012-09-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1661856 2014-03-22] (Simply Super Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [Allmyapps] - C:\Users\Kathrin\AppData\Roaming\Allmyapps\Allmyapps.exe [7311224 2014-03-18] (Allmyapps SAS)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [Allmyapps Update] - C:\Users\Kathrin\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [320376 2014-03-18] (Allmyapps SAS)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [NIRegistrationWizard] - C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [847000 2013-04-19] ()
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kathrin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.default-search.net?sid=476&aid=122&itype=n&ver=11471&tm=299&src=hmp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - DefaultScope {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = 
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} vpnweb.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512] (National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.156.33.53 129.187.5.1

FireFox:
========
FF ProfilePath: C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default
FF SearchEngineOrder.1: default-search.net
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npIMAQAXControl.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2010win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2011win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2013win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-27]
FF Extension: Settings Manager - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0} [2014-03-27]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2014-03-26]
FF Extension: {0d40efba-48b4-470d-953a-3d8ace89260c} - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{0d40efba-48b4-470d-953a-3d8ace89260c}.xpi [2013-11-07]
FF Extension: Video MPEG4 Plugin Free - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{62a9e1ac-ebb8-46f8-ae9d-292c433c266f}.xpi [2013-11-09]
FF Extension: Adblock Plus - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-09]

==================== Services (Whitelisted) =================

R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [152568 2013-02-28] (Lenovo Corporation)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139944 2013-08-07] (AuthenTec, Inc)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [50440 2012-11-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [1628664 2013-02-06] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [677880 2013-02-28] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [53544 2013-06-12] (National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [63792 2013-06-12] (National Instruments Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-01-28] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [462840 2013-02-22] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [83768 2013-06-11] (National Instruments Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57696 2013-06-08] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [81248 2013-06-08] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720 2013-06-12] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-06-06] (National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976 2013-05-11] (National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [176512 2013-06-19] (National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440 2013-06-07] (National Instruments Corporation)
R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57680 2013-06-08] (National Instruments Corporation)
R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [687944 2013-06-15] (National Instruments Corporation)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-31] (Nitro PDF Software)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401704 2013-07-22] (AuthenTec, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
S2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [12968 2012-01-27] (National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [12952 2011-07-01] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [13624 2012-12-20] (National Instruments Corporation)
R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [926992 2012-12-19] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [13624 2012-12-20] (National Instruments Corporation)
R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [16984 2012-12-18] (National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [13008 2012-06-06] (National Instruments Corporation)
R2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [13008 2012-06-06] (National Instruments Corporation)
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [148352 2012-08-23] (Ricoh co.,Ltd.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-05] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-24] (Microsoft Corporation)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-12] (Lenovo Group Limited)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-29 14:30 - 2014-03-29 14:30 - 00151179 _____ () C:\Users\Kathrin\Downloads\P1.zip
2014-03-29 13:24 - 2014-03-29 13:24 - 00000616 _____ () C:\Users\Kathrin\Desktop\JRT.txt
2014-03-29 13:07 - 2014-03-29 13:07 - 00001137 _____ () C:\Users\Kathrin\Desktop\mbam.txt
2014-03-29 11:19 - 2014-03-29 11:20 - 01786856 _____ () C:\Users\Kathrin\Downloads\Programme...rar
2014-03-29 11:19 - 2014-03-29 11:19 - 01786856 _____ () C:\Users\Kathrin\Downloads\Programme.. (1).rar
2014-03-29 08:41 - 2014-03-29 08:41 - 00659990 _____ () C:\Users\Kathrin\Downloads\Aufg2.pdf.e0fpimz.partial
2014-03-29 08:11 - 2014-03-29 08:11 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357(1).exe
2014-03-29 08:06 - 2014-03-29 08:06 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2014-03-29 08:05 - 2014-03-29 08:05 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger(1).exe
2014-03-28 14:19 - 2010-01-03 20:05 - 504987648 _____ () C:\Users\Kathrin\Desktop\00001.MTS
2014-03-28 05:22 - 2014-03-28 05:23 - 00001758 _____ () C:\sc-cleaner.txt
2014-03-28 05:22 - 2014-03-28 05:22 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Kathrin\Downloads\sc-cleaner.exe
2014-03-28 05:12 - 2014-03-29 13:15 - 00001836 _____ () C:\Users\Kathrin\Desktop\AdwCleaner[S1].txt
2014-03-27 21:01 - 2014-03-27 21:01 - 00000000 ____D () C:\ProgramData\Brother
2014-03-27 15:16 - 2014-03-27 15:17 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dev-Cpp
2014-03-27 15:16 - 2014-03-27 15:16 - 00001009 _____ () C:\Users\Kathrin\Desktop\Dev-C++.lnk
2014-03-27 15:14 - 2014-03-27 15:14 - 00000000 ____D () C:\Program Files (x86)\Dev-Cpp
2014-03-27 15:13 - 2014-03-27 15:13 - 43633629 _____ () C:\Users\Kathrin\Downloads\Dev-Cpp_5.4.0_TDM-GCC_x64_4.7.1_Setup.exe
2014-03-27 12:18 - 2014-03-28 05:09 - 00000000 ____D () C:\ProgramData\systemk
2014-03-27 12:18 - 2014-03-28 05:09 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-03-27 12:17 - 2014-03-27 12:17 - 09326468 _____ () C:\Users\Kathrin\Desktop\devcpp-4.9.9.2_setup.exe
2014-03-26 00:39 - 2014-03-27 20:57 - 00029120 _____ () C:\Users\Kathrin\Desktop\Handout - Feedback.odt
2014-03-25 23:56 - 2014-03-27 11:44 - 08997900 _____ () C:\Users\Kathrin\Desktop\Präsentation Feedback.odp
2014-03-25 21:21 - 2014-03-25 21:21 - 00987442 _____ () C:\Users\Kathrin\Downloads\SecurityCheck.exe
2014-03-25 19:19 - 2014-03-25 19:19 - 02347384 _____ (ESET) C:\Users\Kathrin\Downloads\esetsmartinstaller_enu.exe
2014-03-24 21:54 - 2014-03-24 21:54 - 00000000 ____D () C:\Users\Kathrin\Documents\ARADump
2014-03-24 21:54 - 2014-03-24 21:54 - 00000000 ____D () C:\Users\Kathrin\Cyberlink
2014-03-24 21:53 - 2014-03-24 21:53 - 00526323 _____ () C:\Users\Kathrin\Downloads\web_of_trust_wot-20131118-fx.zip
2014-03-24 21:04 - 2014-03-24 21:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-24 21:02 - 2014-03-24 21:02 - 01038974 _____ (Thisisu) C:\Users\Kathrin\Downloads\JRT.exe
2014-03-24 20:56 - 2014-03-29 13:16 - 00000000 ____D () C:\AdwCleaner
2014-03-24 20:55 - 2014-03-24 20:55 - 01950720 _____ () C:\Users\Kathrin\Downloads\adwcleaner.exe
2014-03-24 20:12 - 2014-03-29 11:22 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-24 20:12 - 2014-03-29 11:21 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-24 20:12 - 2014-03-24 20:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 20:12 - 2014-03-05 10:26 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-24 20:12 - 2014-03-05 10:26 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-24 20:12 - 2014-03-05 10:26 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-24 20:10 - 2014-03-24 20:11 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Kathrin\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 19:59 - 2014-03-24 19:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kathrin\Downloads\revosetup95.exe
2014-03-24 19:59 - 2014-03-24 19:59 - 00001291 _____ () C:\Users\Kathrin\Desktop\Revo Uninstaller.lnk
2014-03-24 19:59 - 2014-03-24 19:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-22 08:46 - 2014-03-22 08:46 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition3.txt
2014-03-22 08:44 - 2014-03-22 08:44 - 00059303 _____ () C:\Users\Kathrin\Downloads\FRST2.txt
2014-03-22 08:43 - 2014-03-22 08:43 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357.exe
2014-03-22 08:41 - 2014-03-29 08:10 - 00068827 _____ () C:\Users\Kathrin\Downloads\Addition.txt
2014-03-22 08:40 - 2014-03-31 11:40 - 00030855 _____ () C:\Users\Kathrin\Downloads\FRST.txt
2014-03-22 08:40 - 2014-03-31 11:40 - 00000000 ____D () C:\FRST
2014-03-22 08:39 - 2014-03-22 08:40 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2014-03-22 08:39 - 2014-03-22 08:39 - 01145856 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST.exe
2014-03-22 08:38 - 2014-03-29 08:05 - 00000476 _____ () C:\Users\Kathrin\Downloads\defogger_disable.log
2014-03-22 08:38 - 2014-03-22 08:38 - 00000000 _____ () C:\Users\Kathrin\defogger_reenable
2014-03-22 08:37 - 2014-03-22 08:37 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger.exe
2014-03-22 08:19 - 2014-03-22 08:19 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-22 08:19 - 2014-03-22 08:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\LSC
2014-03-22 08:10 - 2014-03-22 08:10 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-22 08:08 - 2014-03-22 08:09 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\Users\Kathrin\Documents\Simply Super Software
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Simply Super Software
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-22 08:07 - 2014-03-22 08:08 - 21407864 _____ (Simply Super Software ) C:\Users\Kathrin\Downloads\trjsetup690.exe
2014-03-21 23:48 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-21 23:48 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-21 22:52 - 2014-03-21 22:52 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Lenovo
2014-03-19 08:25 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-19 08:25 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-19 08:25 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-19 08:09 - 2014-03-19 08:08 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-19 08:09 - 2014-03-19 08:08 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-19 08:09 - 2014-03-19 08:08 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-19 07:59 - 2014-03-19 07:59 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Cisco
2014-03-19 07:59 - 2014-03-19 07:59 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-19 07:59 - 2012-09-26 08:45 - 00107432 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2014-03-18 21:38 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-18 21:38 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-18 21:37 - 2014-01-08 03:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-18 21:37 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-18 21:37 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-18 21:37 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-18 21:37 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-18 21:37 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-18 21:37 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-18 21:37 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-18 21:37 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-18 21:37 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-18 21:37 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-18 21:37 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-18 21:37 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-18 21:37 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-18 21:37 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-18 21:37 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-18 21:37 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-18 21:37 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-18 21:37 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-18 21:37 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-18 21:37 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-18 21:37 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-18 21:37 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-18 21:37 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-18 21:37 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-18 21:37 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-18 21:37 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-18 21:37 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-18 21:37 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-18 21:37 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-18 21:37 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-18 21:37 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-18 21:37 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-18 21:37 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-18 21:37 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-15 14:10 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-15 14:10 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-15 14:10 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-15 14:10 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-15 14:10 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-15 14:10 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-15 14:10 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-15 14:10 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-15 14:10 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-15 14:10 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-15 14:10 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-15 14:10 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-15 14:10 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-15 14:10 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-15 14:10 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-15 14:10 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-15 14:10 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-15 14:10 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-15 14:10 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-15 14:10 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-15 14:10 - 2014-01-31 18:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-15 14:10 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-15 14:10 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-15 14:10 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-15 14:10 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-15 14:10 - 2014-01-29 11:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-15 14:10 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-15 14:10 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-15 14:10 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-15 14:10 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-15 14:10 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-15 14:10 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-15 14:10 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-15 14:10 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-15 14:10 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-15 14:10 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-15 14:10 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-15 14:10 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-15 14:10 - 2014-01-27 20:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-15 14:10 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-15 14:10 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-15 14:10 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-15 14:10 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-15 14:10 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-15 14:10 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-15 14:10 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-15 14:10 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-15 14:10 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-15 14:10 - 2014-01-27 13:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-15 14:10 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-15 14:10 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-15 14:10 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-15 14:10 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-15 14:10 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-15 14:10 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-15 14:03 - 2013-12-11 19:40 - 00002092 _____ () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-15 14:03 - 2013-12-11 19:40 - 00002092 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-15 14:03 - 2013-12-11 19:40 - 00002092 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-02 15:28 - 2014-03-02 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 14:53 - 2013-12-09 02:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-02 14:53 - 2013-12-09 01:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll

==================== One Month Modified Files and Folders =======

2014-03-31 11:41 - 2014-01-02 11:54 - 00000000 __RDO () C:\Users\Kathrin\SkyDrive
2014-03-31 11:40 - 2014-03-22 08:40 - 00030855 _____ () C:\Users\Kathrin\Downloads\FRST.txt
2014-03-31 11:40 - 2014-03-22 08:40 - 00000000 ____D () C:\FRST
2014-03-31 11:38 - 2013-11-24 22:33 - 01467103 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-31 11:32 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-31 11:32 - 2013-09-30 05:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-31 11:32 - 2013-09-30 05:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-31 11:31 - 2012-12-15 05:34 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-03-31 11:28 - 2013-04-11 20:56 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-31 11:28 - 2013-04-08 18:39 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dropbox
2014-03-31 11:20 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-29 15:11 - 2013-06-29 20:56 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-29 14:30 - 2014-03-29 14:30 - 00151179 _____ () C:\Users\Kathrin\Downloads\P1.zip
2014-03-29 13:24 - 2014-03-29 13:24 - 00000616 _____ () C:\Users\Kathrin\Desktop\JRT.txt
2014-03-29 13:17 - 2013-04-08 18:42 - 00000000 ___RD () C:\Users\Kathrin\Dropbox
2014-03-29 13:16 - 2014-03-24 20:56 - 00000000 ____D () C:\AdwCleaner
2014-03-29 13:16 - 2013-12-06 22:01 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C3BC0EC9-7B8A-46EC-AC7D-AE06DD0CCEC7}
2014-03-29 13:15 - 2014-03-28 05:12 - 00001836 _____ () C:\Users\Kathrin\Desktop\AdwCleaner[S1].txt
2014-03-29 13:15 - 2013-04-08 15:39 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Nitro PDF
2014-03-29 13:13 - 2014-01-02 12:33 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\ClassicShell
2014-03-29 13:12 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-29 13:12 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-29 13:07 - 2014-03-29 13:07 - 00001137 _____ () C:\Users\Kathrin\Desktop\mbam.txt
2014-03-29 11:59 - 2013-04-08 15:49 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4231283838-1293705952-112321423-1001
2014-03-29 11:22 - 2014-03-24 20:12 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 11:21 - 2014-03-24 20:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 11:20 - 2014-03-29 11:19 - 01786856 _____ () C:\Users\Kathrin\Downloads\Programme...rar
2014-03-29 11:19 - 2014-03-29 11:19 - 01786856 _____ () C:\Users\Kathrin\Downloads\Programme.. (1).rar
2014-03-29 08:41 - 2014-03-29 08:41 - 00659990 _____ () C:\Users\Kathrin\Downloads\Aufg2.pdf.e0fpimz.partial
2014-03-29 08:11 - 2014-03-29 08:11 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357(1).exe
2014-03-29 08:10 - 2014-03-22 08:41 - 00068827 _____ () C:\Users\Kathrin\Downloads\Addition.txt
2014-03-29 08:06 - 2014-03-29 08:06 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2014-03-29 08:05 - 2014-03-29 08:05 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger(1).exe
2014-03-29 08:05 - 2014-03-22 08:38 - 00000476 _____ () C:\Users\Kathrin\Downloads\defogger_disable.log
2014-03-28 22:41 - 2013-12-20 17:52 - 00035874 _____ () C:\WINDOWS\PFRO.log
2014-03-28 22:33 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\TAPI
2014-03-28 14:19 - 2013-12-13 00:49 - 00003612 _____ () C:\WINDOWS\setupact.log
2014-03-28 05:23 - 2014-03-28 05:22 - 00001758 _____ () C:\sc-cleaner.txt
2014-03-28 05:22 - 2014-03-28 05:22 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Kathrin\Downloads\sc-cleaner.exe
2014-03-28 05:09 - 2014-03-27 12:18 - 00000000 ____D () C:\ProgramData\systemk
2014-03-28 05:09 - 2014-03-27 12:18 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-03-28 05:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Globalization
2014-03-27 21:01 - 2014-03-27 21:01 - 00000000 ____D () C:\ProgramData\Brother
2014-03-27 20:57 - 2014-03-26 00:39 - 00029120 _____ () C:\Users\Kathrin\Desktop\Handout - Feedback.odt
2014-03-27 15:17 - 2014-03-27 15:16 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dev-Cpp
2014-03-27 15:16 - 2014-03-27 15:16 - 00001009 _____ () C:\Users\Kathrin\Desktop\Dev-C++.lnk
2014-03-27 15:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-27 15:14 - 2014-03-27 15:14 - 00000000 ____D () C:\Program Files (x86)\Dev-Cpp
2014-03-27 15:13 - 2014-03-27 15:13 - 43633629 _____ () C:\Users\Kathrin\Downloads\Dev-Cpp_5.4.0_TDM-GCC_x64_4.7.1_Setup.exe
2014-03-27 12:27 - 2014-01-02 19:54 - 00000000 ____D () C:\Users\Kathrin\Documents\Visual Studio 2013
2014-03-27 12:20 - 2013-06-08 08:59 - 00000000 ____D () C:\Users\Kathrin\Documents\Studium
2014-03-27 12:17 - 2014-03-27 12:17 - 09326468 _____ () C:\Users\Kathrin\Desktop\devcpp-4.9.9.2_setup.exe
2014-03-27 11:44 - 2014-03-25 23:56 - 08997900 _____ () C:\Users\Kathrin\Desktop\Präsentation Feedback.odp
2014-03-25 21:21 - 2014-03-25 21:21 - 00987442 _____ () C:\Users\Kathrin\Downloads\SecurityCheck.exe
2014-03-25 19:19 - 2014-03-25 19:19 - 02347384 _____ (ESET) C:\Users\Kathrin\Downloads\esetsmartinstaller_enu.exe
2014-03-24 21:54 - 2014-03-24 21:54 - 00000000 ____D () C:\Users\Kathrin\Documents\ARADump
2014-03-24 21:54 - 2014-03-24 21:54 - 00000000 ____D () C:\Users\Kathrin\Cyberlink
2014-03-24 21:54 - 2013-11-24 22:11 - 00000000 ____D () C:\Users\Kathrin
2014-03-24 21:54 - 2013-06-30 21:46 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-24 21:54 - 2013-06-30 21:19 - 00000000 ____D () C:\Users\Kathrin\Documents\CyberLink
2014-03-24 21:54 - 2013-06-30 21:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\CyberLink
2014-03-24 21:54 - 2012-12-15 05:36 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-24 21:53 - 2014-03-24 21:53 - 00526323 _____ () C:\Users\Kathrin\Downloads\web_of_trust_wot-20131118-fx.zip
2014-03-24 21:04 - 2014-03-24 21:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-24 21:02 - 2014-03-24 21:02 - 01038974 _____ (Thisisu) C:\Users\Kathrin\Downloads\JRT.exe
2014-03-24 20:55 - 2014-03-24 20:55 - 01950720 _____ () C:\Users\Kathrin\Downloads\adwcleaner.exe
2014-03-24 20:12 - 2014-03-24 20:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 20:11 - 2014-03-24 20:10 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Kathrin\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 20:02 - 2013-10-09 10:02 - 00001008 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-24 19:59 - 2014-03-24 19:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kathrin\Downloads\revosetup95.exe
2014-03-24 19:59 - 2014-03-24 19:59 - 00001291 _____ () C:\Users\Kathrin\Desktop\Revo Uninstaller.lnk
2014-03-24 19:59 - 2014-03-24 19:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 19:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-22 08:46 - 2014-03-22 08:46 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition3.txt
2014-03-22 08:44 - 2014-03-22 08:44 - 00059303 _____ () C:\Users\Kathrin\Downloads\FRST2.txt
2014-03-22 08:43 - 2014-03-22 08:43 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357.exe
2014-03-22 08:40 - 2014-03-22 08:39 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2014-03-22 08:39 - 2014-03-22 08:39 - 01145856 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST.exe
2014-03-22 08:38 - 2014-03-22 08:38 - 00000000 _____ () C:\Users\Kathrin\defogger_reenable
2014-03-22 08:37 - 2014-03-22 08:37 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger.exe
2014-03-22 08:19 - 2014-03-22 08:19 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-22 08:19 - 2014-03-22 08:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\LSC
2014-03-22 08:19 - 2013-04-08 15:49 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\LSC
2014-03-22 08:19 - 2012-12-15 05:23 - 00000000 ____D () C:\Program Files\Lenovo
2014-03-22 08:19 - 2012-12-14 21:54 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-22 08:18 - 2012-12-15 05:34 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-03-22 08:12 - 2013-04-08 15:41 - 00000000 ___RD () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-22 08:10 - 2014-03-22 08:10 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-22 08:09 - 2014-03-22 08:08 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\Users\Kathrin\Documents\Simply Super Software
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Simply Super Software
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-22 08:08 - 2014-03-22 08:07 - 21407864 _____ (Simply Super Software ) C:\Users\Kathrin\Downloads\trjsetup690.exe
2014-03-21 22:52 - 2014-03-21 22:52 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Lenovo
2014-03-20 22:43 - 2013-06-28 16:12 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-03-20 22:43 - 2013-04-11 21:00 - 00049952 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-03-20 21:17 - 2013-04-08 15:41 - 00000000 ___RD () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-19 10:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-19 08:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-19 08:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-19 08:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-19 08:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-19 08:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-19 08:39 - 2013-08-31 10:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-19 08:37 - 2013-04-08 22:13 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-19 08:10 - 2013-11-18 21:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-19 08:08 - 2014-03-19 08:09 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-19 08:08 - 2014-03-19 08:09 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-19 08:08 - 2014-03-19 08:09 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-19 08:08 - 2013-08-31 09:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-19 07:59 - 2014-03-19 07:59 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Cisco
2014-03-19 07:59 - 2014-03-19 07:59 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-19 07:59 - 2013-04-14 11:50 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-19 07:43 - 2013-04-13 14:20 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-18 21:29 - 2013-08-22 16:44 - 00513320 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-18 21:28 - 2013-06-30 14:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 21:28 - 2013-06-30 14:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-18 21:28 - 2013-04-08 23:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 21:22 - 2013-04-29 14:51 - 00000412 _____ () C:\WINDOWS\Tasks\AllmyappsUpdateTask.job
2014-03-15 14:11 - 2013-06-29 20:56 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-15 14:03 - 2012-12-15 05:35 - 00000000 ____D () C:\WINDOWS\System32\Tasks\TVT
2014-03-15 14:03 - 2012-12-15 05:23 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-03-05 10:26 - 2014-03-24 20:12 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-05 10:26 - 2014-03-24 20:12 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-05 10:26 - 2014-03-24 20:12 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-05 00:53 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-05 00:53 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 15:28 - 2014-03-02 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 14:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-02 14:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-02 14:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-02 14:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-02 14:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-01 08:05 - 2014-03-15 14:10 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 06:58 - 2014-03-15 14:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 06:30 - 2014-03-15 14:10 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 06:17 - 2014-03-15 14:10 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 05:54 - 2014-03-15 14:10 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 05:47 - 2014-03-15 14:10 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 05:42 - 2014-03-15 14:10 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 05:18 - 2014-03-15 14:10 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 05:14 - 2014-03-15 14:10 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 05:10 - 2014-03-15 14:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 05:03 - 2014-03-15 14:10 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 04:57 - 2014-03-15 14:10 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 04:38 - 2014-03-15 14:10 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 04:32 - 2014-03-15 14:10 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 04:27 - 2014-03-15 14:10 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 04:25 - 2014-03-15 14:10 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 04:25 - 2014-03-15 14:10 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\ProgramData\Lenovo-1208.vbs


Some content of TEMP:
====================
C:\Users\Kathrin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kathrin\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Kathrin\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-15 14:10] - [2014-01-31 18:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-03-29 10:39

==================== End Of Log ============================
         
--- --- ---

Alt 01.04.2014, 08:58   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: default-search.net als Startsarte in allen Browsern - Standard

Windows 8: default-search.net als Startsarte in allen Browsern



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.default-search.net?sid=476&aid=122&itype=n&ver=11471&tm=299&src=hmp
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = 
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = 
FF SearchEngineOrder.1: default-search.net
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p=
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.04.2014, 16:42   #9
Katy91
 
Windows 8: default-search.net als Startsarte in allen Browsern - Standard

Windows 8: default-search.net als Startsarte in allen Browsern



Hallo,
jetzt ist mir ein Missgeschick passiert.
Hab irgendwie, das txt-file vom ESET nicht gesichert
Hat aber auch nur einen Fund ergeben war irgendwas mit yontoo oder so glaub ich wars...

Wenn du den Test dringend brauchst mach ichs nochmal, dauert halt sehr lange

Hier die Files die ich hab:

checkup:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.80  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
AVG AntiVirus Free Edition 2014   
Windows Defender                  
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Trojan Remover 6.9.1.2929   
 Java 7 Update 51  
 JavaScript Tooling    
 Visual Studio Extensions for Windows Library for JavaScript 
 Adobe Flash Player 	12.0.0.77  
 Adobe Reader XI  
 Mozilla Firefox (27.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
 Intel Intel(R) Small Business Advantage Service Intel.SmallBusinessAdvantage.WindowsService.exe 
 Intel Intel(R) Small Business Advantage UI IntelSmallBusinessAdvantage.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Fixlog:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Kathrin at 2014-04-01 13:23:59 Run:1
Running from C:\Users\Kathrin\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.default-search.net?sid=476&aid=122&itype=n&ver=11471&tm=299&src=hmp
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = 
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = 
FF SearchEngineOrder.1: default-search.net
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p=
         
*****************

HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{26606CFE-7D75-400A-BF9E-7710D8C0607B} => Key deleted successfully.
HKCR\CLSID\{26606CFE-7D75-400A-BF9E-7710D8C0607B} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => Key not found.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox Keyword.URL deleted successfully.

==== End of Fixlog ====
         
FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Kathrin (administrator) on KATHRIN-PC on 01-04-2014 17:36:47
Running from C:\Users\Kathrin\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(National Instruments Corporation) C:\WINDOWS\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(National Instruments, Inc.) C:\WINDOWS\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\WINDOWS\SysWOW64\lktsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Allmyapps SAS) C:\Users\Kathrin\AppData\Roaming\Allmyapps\Allmyapps.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(Dropbox, Inc.) C:\Users\Kathrin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Igor Pavlov) C:\Program Files (x86)\7-Zip\7zFM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(Bloodshed Software) C:\Program Files (x86)\Dev-Cpp\devcpp.exe
(Igor Pavlov) C:\Program Files (x86)\7-Zip\7zFM.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
() C:\Users\Kathrin\Downloads\SecurityCheck(1).exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
(Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [TpShocks] - C:\WINDOWS\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2668024 2013-01-28] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-02-28] (Lenovo Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4277000 2012-11-08] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NI Update Service] - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [857888 2013-05-28] (National Instruments)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [522232 2012-09-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1661856 2014-03-22] (Simply Super Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [Allmyapps] - C:\Users\Kathrin\AppData\Roaming\Allmyapps\Allmyapps.exe [7311224 2014-03-18] (Allmyapps SAS)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [Allmyapps Update] - C:\Users\Kathrin\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [320376 2014-03-18] (Allmyapps SAS)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [NIRegistrationWizard] - C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [847000 2013-04-19] ()
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kathrin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - DefaultScope {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKCU - DefaultScope {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} vpnweb.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512] (National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npIMAQAXControl.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2010win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2011win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2013win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-27]
FF Extension: {0d40efba-48b4-470d-953a-3d8ace89260c} - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{0d40efba-48b4-470d-953a-3d8ace89260c}.xpi [2013-11-07]
FF Extension: Video MPEG4 Plugin Free - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{62a9e1ac-ebb8-46f8-ae9d-292c433c266f}.xpi [2013-11-09]
FF Extension: Adblock Plus - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-09]

==================== Services (Whitelisted) =================

R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [152568 2013-02-28] (Lenovo Corporation)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139944 2013-08-07] (AuthenTec, Inc)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [50440 2012-11-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [1628664 2013-02-06] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [677880 2013-02-28] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [53544 2013-06-12] (National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [63792 2013-06-12] (National Instruments Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-01-28] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [462840 2013-02-22] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [83768 2013-06-11] (National Instruments Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57696 2013-06-08] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [81248 2013-06-08] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720 2013-06-12] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-06-06] (National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976 2013-05-11] (National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [176512 2013-06-19] (National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440 2013-06-07] (National Instruments Corporation)
R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57680 2013-06-08] (National Instruments Corporation)
R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [687944 2013-06-15] (National Instruments Corporation)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-31] (Nitro PDF Software)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401704 2013-07-22] (AuthenTec, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
S2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [12968 2012-01-27] (National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [12952 2011-07-01] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [13624 2012-12-20] (National Instruments Corporation)
R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [926992 2012-12-19] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [13624 2012-12-20] (National Instruments Corporation)
R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [16984 2012-12-18] (National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [13008 2012-06-06] (National Instruments Corporation)
R2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [13008 2012-06-06] (National Instruments Corporation)
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [148352 2012-08-23] (Ricoh co.,Ltd.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-05] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-24] (Microsoft Corporation)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-12] (Lenovo Group Limited)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-01 17:32 - 2014-04-01 17:32 - 00987442 _____ () C:\Users\Kathrin\Downloads\SecurityCheck(1).exe
2014-04-01 13:25 - 2014-04-01 13:25 - 02347384 _____ (ESET) C:\Users\Kathrin\Downloads\esetsmartinstaller_enu(1).exe
2014-03-31 21:39 - 2014-03-29 10:00 - 00001686 _____ () C:\Users\Kathrin\Desktop\tafunc.c
2014-03-31 21:39 - 2014-03-29 09:47 - 00001833 _____ () C:\Users\Kathrin\Desktop\textanaly_m.c
2014-03-31 21:39 - 2014-03-29 09:43 - 00000272 _____ () C:\Users\Kathrin\Desktop\textanaly.h
2014-03-31 19:47 - 2014-03-31 19:47 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Kathrin\Downloads\sc-cleaner(1).exe
2014-03-29 14:30 - 2014-03-29 14:30 - 00151179 _____ () C:\Users\Kathrin\Downloads\P1.zip
2014-03-29 11:19 - 2014-03-29 11:20 - 01786856 _____ () C:\Users\Kathrin\Downloads\Programme...rar
2014-03-29 11:19 - 2014-03-29 11:19 - 01786856 _____ () C:\Users\Kathrin\Downloads\Programme.. (1).rar
2014-03-29 08:41 - 2014-03-29 08:41 - 00659990 _____ () C:\Users\Kathrin\Downloads\Aufg2.pdf.e0fpimz.partial
2014-03-29 08:11 - 2014-03-29 08:11 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357(1).exe
2014-03-29 08:06 - 2014-03-29 08:06 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2014-03-29 08:05 - 2014-03-29 08:05 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger(1).exe
2014-03-28 14:19 - 2010-01-03 20:05 - 504987648 _____ () C:\Users\Kathrin\Desktop\00001.MTS
2014-03-28 05:22 - 2014-03-31 19:47 - 00001758 _____ () C:\sc-cleaner.txt
2014-03-28 05:22 - 2014-03-28 05:22 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Kathrin\Downloads\sc-cleaner.exe
2014-03-27 21:01 - 2014-03-27 21:01 - 00000000 ____D () C:\ProgramData\Brother
2014-03-27 15:16 - 2014-03-27 15:17 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dev-Cpp
2014-03-27 15:16 - 2014-03-27 15:16 - 00001009 _____ () C:\Users\Kathrin\Desktop\Dev-C++.lnk
2014-03-27 15:14 - 2014-03-27 15:14 - 00000000 ____D () C:\Program Files (x86)\Dev-Cpp
2014-03-27 15:13 - 2014-03-27 15:13 - 43633629 _____ () C:\Users\Kathrin\Downloads\Dev-Cpp_5.4.0_TDM-GCC_x64_4.7.1_Setup.exe
2014-03-27 12:18 - 2014-03-28 05:09 - 00000000 ____D () C:\ProgramData\systemk
2014-03-27 12:18 - 2014-03-28 05:09 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-03-26 00:39 - 2014-03-27 20:57 - 00029120 _____ () C:\Users\Kathrin\Desktop\Handout - Feedback.odt
2014-03-25 23:56 - 2014-03-27 11:44 - 08997900 _____ () C:\Users\Kathrin\Desktop\Präsentation Feedback.odp
2014-03-25 21:21 - 2014-03-25 21:21 - 00987442 _____ () C:\Users\Kathrin\Downloads\SecurityCheck.exe
2014-03-25 19:19 - 2014-03-25 19:19 - 02347384 _____ (ESET) C:\Users\Kathrin\Downloads\esetsmartinstaller_enu.exe
2014-03-24 21:54 - 2014-03-24 21:54 - 00000000 ____D () C:\Users\Kathrin\Documents\ARADump
2014-03-24 21:54 - 2014-03-24 21:54 - 00000000 ____D () C:\Users\Kathrin\Cyberlink
2014-03-24 21:53 - 2014-03-24 21:53 - 00526323 _____ () C:\Users\Kathrin\Downloads\web_of_trust_wot-20131118-fx.zip
2014-03-24 21:04 - 2014-03-24 21:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-24 21:02 - 2014-03-24 21:02 - 01038974 _____ (Thisisu) C:\Users\Kathrin\Downloads\JRT.exe
2014-03-24 20:56 - 2014-03-29 13:16 - 00000000 ____D () C:\AdwCleaner
2014-03-24 20:55 - 2014-03-24 20:55 - 01950720 _____ () C:\Users\Kathrin\Downloads\adwcleaner.exe
2014-03-24 20:12 - 2014-03-29 11:22 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-24 20:12 - 2014-03-29 11:21 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-24 20:12 - 2014-03-24 20:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 20:12 - 2014-03-05 10:26 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-24 20:12 - 2014-03-05 10:26 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-24 20:12 - 2014-03-05 10:26 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-24 20:10 - 2014-03-24 20:11 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Kathrin\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 19:59 - 2014-03-24 19:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kathrin\Downloads\revosetup95.exe
2014-03-24 19:59 - 2014-03-24 19:59 - 00001291 _____ () C:\Users\Kathrin\Desktop\Revo Uninstaller.lnk
2014-03-24 19:59 - 2014-03-24 19:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-22 08:46 - 2014-03-22 08:46 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition3.txt
2014-03-22 08:44 - 2014-03-22 08:44 - 00059303 _____ () C:\Users\Kathrin\Downloads\FRST2.txt
2014-03-22 08:43 - 2014-03-22 08:43 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357.exe
2014-03-22 08:41 - 2014-03-29 08:10 - 00068827 _____ () C:\Users\Kathrin\Downloads\Addition.txt
2014-03-22 08:40 - 2014-04-01 17:36 - 00029439 _____ () C:\Users\Kathrin\Downloads\FRST.txt
2014-03-22 08:40 - 2014-04-01 17:36 - 00000000 ____D () C:\FRST
2014-03-22 08:39 - 2014-03-22 08:40 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2014-03-22 08:39 - 2014-03-22 08:39 - 01145856 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST.exe
2014-03-22 08:38 - 2014-03-29 08:05 - 00000476 _____ () C:\Users\Kathrin\Downloads\defogger_disable.log
2014-03-22 08:38 - 2014-03-22 08:38 - 00000000 _____ () C:\Users\Kathrin\defogger_reenable
2014-03-22 08:37 - 2014-03-22 08:37 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger.exe
2014-03-22 08:19 - 2014-03-22 08:19 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-22 08:19 - 2014-03-22 08:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\LSC
2014-03-22 08:10 - 2014-03-22 08:10 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-22 08:08 - 2014-03-22 08:09 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\Users\Kathrin\Documents\Simply Super Software
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Simply Super Software
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-22 08:07 - 2014-03-22 08:08 - 21407864 _____ (Simply Super Software ) C:\Users\Kathrin\Downloads\trjsetup690.exe
2014-03-21 23:48 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-21 23:48 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-21 22:52 - 2014-03-21 22:52 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Lenovo
2014-03-19 08:25 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-19 08:25 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-19 08:25 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-19 08:09 - 2014-03-19 08:08 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-19 08:09 - 2014-03-19 08:08 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-19 08:09 - 2014-03-19 08:08 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-19 07:59 - 2014-03-19 07:59 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Cisco
2014-03-19 07:59 - 2014-03-19 07:59 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-19 07:59 - 2012-09-26 08:45 - 00107432 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2014-03-18 21:38 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-18 21:38 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-18 21:37 - 2014-01-08 03:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-18 21:37 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-18 21:37 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-18 21:37 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-18 21:37 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-18 21:37 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-18 21:37 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-18 21:37 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-18 21:37 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-18 21:37 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-18 21:37 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-18 21:37 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-18 21:37 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-18 21:37 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-18 21:37 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-18 21:37 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-18 21:37 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-18 21:37 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-18 21:37 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-18 21:37 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-18 21:37 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-18 21:37 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-18 21:37 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-18 21:37 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-18 21:37 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-18 21:37 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-18 21:37 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-18 21:37 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-18 21:37 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-18 21:37 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-18 21:37 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-18 21:37 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-18 21:37 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-18 21:37 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-18 21:37 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-15 14:10 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-15 14:10 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-15 14:10 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-15 14:10 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-15 14:10 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-15 14:10 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-15 14:10 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-15 14:10 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-15 14:10 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-15 14:10 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-15 14:10 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-15 14:10 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-15 14:10 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-15 14:10 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-15 14:10 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-15 14:10 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-15 14:10 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-15 14:10 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-15 14:10 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-15 14:10 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-15 14:10 - 2014-01-31 18:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-15 14:10 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-15 14:10 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-15 14:10 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-15 14:10 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-15 14:10 - 2014-01-29 11:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-15 14:10 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-15 14:10 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-15 14:10 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-15 14:10 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-15 14:10 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-15 14:10 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-15 14:10 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-15 14:10 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-15 14:10 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-15 14:10 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-15 14:10 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-15 14:10 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-15 14:10 - 2014-01-27 20:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-15 14:10 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-15 14:10 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-15 14:10 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-15 14:10 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-15 14:10 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-15 14:10 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-15 14:10 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-15 14:10 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-15 14:10 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-15 14:10 - 2014-01-27 13:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-15 14:10 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-15 14:10 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-15 14:10 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-15 14:10 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-15 14:10 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-15 14:10 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-15 14:03 - 2013-12-11 19:40 - 00002092 _____ () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-15 14:03 - 2013-12-11 19:40 - 00002092 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-15 14:03 - 2013-12-11 19:40 - 00002092 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-02 15:28 - 2014-03-02 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 14:53 - 2013-12-09 02:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-02 14:53 - 2013-12-09 01:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll

==================== One Month Modified Files and Folders =======

2014-04-01 17:37 - 2014-03-22 08:40 - 00029439 _____ () C:\Users\Kathrin\Downloads\FRST.txt
2014-04-01 17:36 - 2014-03-22 08:40 - 00000000 ____D () C:\FRST
2014-04-01 17:32 - 2014-04-01 17:32 - 00987442 _____ () C:\Users\Kathrin\Downloads\SecurityCheck(1).exe
2014-04-01 17:26 - 2014-01-02 12:33 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\ClassicShell
2014-04-01 17:16 - 2013-11-24 22:33 - 01967644 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-01 17:11 - 2013-06-29 20:56 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-01 17:06 - 2013-04-08 15:49 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4231283838-1293705952-112321423-1001
2014-04-01 17:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-01 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-01 13:27 - 2013-04-11 20:56 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-01 13:26 - 2013-10-09 10:02 - 00001008 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-01 13:26 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-04-01 13:25 - 2014-04-01 13:25 - 02347384 _____ (ESET) C:\Users\Kathrin\Downloads\esetsmartinstaller_enu(1).exe
2014-04-01 13:24 - 2013-12-06 22:01 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C3BC0EC9-7B8A-46EC-AC7D-AE06DD0CCEC7}
2014-04-01 13:22 - 2012-12-15 05:34 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-04-01 13:21 - 2014-01-02 11:54 - 00000000 __RDO () C:\Users\Kathrin\SkyDrive
2014-04-01 13:21 - 2013-04-08 18:42 - 00000000 ___RD () C:\Users\Kathrin\Dropbox
2014-04-01 13:21 - 2013-04-08 18:39 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dropbox
2014-04-01 13:20 - 2013-04-08 15:39 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Nitro PDF
2014-03-31 21:32 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-31 21:32 - 2013-09-30 05:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-31 21:32 - 2013-09-30 05:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-31 19:47 - 2014-03-31 19:47 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Kathrin\Downloads\sc-cleaner(1).exe
2014-03-31 19:47 - 2014-03-28 05:22 - 00001758 _____ () C:\sc-cleaner.txt
2014-03-29 14:30 - 2014-03-29 14:30 - 00151179 _____ () C:\Users\Kathrin\Downloads\P1.zip
2014-03-29 13:16 - 2014-03-24 20:56 - 00000000 ____D () C:\AdwCleaner
2014-03-29 13:12 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-29 13:12 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-29 11:22 - 2014-03-24 20:12 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 11:21 - 2014-03-24 20:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 11:20 - 2014-03-29 11:19 - 01786856 _____ () C:\Users\Kathrin\Downloads\Programme...rar
2014-03-29 11:19 - 2014-03-29 11:19 - 01786856 _____ () C:\Users\Kathrin\Downloads\Programme.. (1).rar
2014-03-29 10:00 - 2014-03-31 21:39 - 00001686 _____ () C:\Users\Kathrin\Desktop\tafunc.c
2014-03-29 09:47 - 2014-03-31 21:39 - 00001833 _____ () C:\Users\Kathrin\Desktop\textanaly_m.c
2014-03-29 09:43 - 2014-03-31 21:39 - 00000272 _____ () C:\Users\Kathrin\Desktop\textanaly.h
2014-03-29 08:41 - 2014-03-29 08:41 - 00659990 _____ () C:\Users\Kathrin\Downloads\Aufg2.pdf.e0fpimz.partial
2014-03-29 08:11 - 2014-03-29 08:11 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357(1).exe
2014-03-29 08:10 - 2014-03-22 08:41 - 00068827 _____ () C:\Users\Kathrin\Downloads\Addition.txt
2014-03-29 08:06 - 2014-03-29 08:06 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2014-03-29 08:05 - 2014-03-29 08:05 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger(1).exe
2014-03-29 08:05 - 2014-03-22 08:38 - 00000476 _____ () C:\Users\Kathrin\Downloads\defogger_disable.log
2014-03-28 22:41 - 2013-12-20 17:52 - 00035874 _____ () C:\WINDOWS\PFRO.log
2014-03-28 22:33 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\TAPI
2014-03-28 14:19 - 2013-12-13 00:49 - 00003612 _____ () C:\WINDOWS\setupact.log
2014-03-28 05:22 - 2014-03-28 05:22 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Kathrin\Downloads\sc-cleaner.exe
2014-03-28 05:09 - 2014-03-27 12:18 - 00000000 ____D () C:\ProgramData\systemk
2014-03-28 05:09 - 2014-03-27 12:18 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-03-28 05:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Globalization
2014-03-27 21:01 - 2014-03-27 21:01 - 00000000 ____D () C:\ProgramData\Brother
2014-03-27 20:57 - 2014-03-26 00:39 - 00029120 _____ () C:\Users\Kathrin\Desktop\Handout - Feedback.odt
2014-03-27 15:17 - 2014-03-27 15:16 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dev-Cpp
2014-03-27 15:16 - 2014-03-27 15:16 - 00001009 _____ () C:\Users\Kathrin\Desktop\Dev-C++.lnk
2014-03-27 15:14 - 2014-03-27 15:14 - 00000000 ____D () C:\Program Files (x86)\Dev-Cpp
2014-03-27 15:13 - 2014-03-27 15:13 - 43633629 _____ () C:\Users\Kathrin\Downloads\Dev-Cpp_5.4.0_TDM-GCC_x64_4.7.1_Setup.exe
2014-03-27 12:27 - 2014-01-02 19:54 - 00000000 ____D () C:\Users\Kathrin\Documents\Visual Studio 2013
2014-03-27 12:20 - 2013-06-08 08:59 - 00000000 ____D () C:\Users\Kathrin\Documents\Studium
2014-03-27 11:44 - 2014-03-25 23:56 - 08997900 _____ () C:\Users\Kathrin\Desktop\Präsentation Feedback.odp
2014-03-25 21:21 - 2014-03-25 21:21 - 00987442 _____ () C:\Users\Kathrin\Downloads\SecurityCheck.exe
2014-03-25 19:19 - 2014-03-25 19:19 - 02347384 _____ (ESET) C:\Users\Kathrin\Downloads\esetsmartinstaller_enu.exe
2014-03-24 21:54 - 2014-03-24 21:54 - 00000000 ____D () C:\Users\Kathrin\Documents\ARADump
2014-03-24 21:54 - 2014-03-24 21:54 - 00000000 ____D () C:\Users\Kathrin\Cyberlink
2014-03-24 21:54 - 2013-11-24 22:11 - 00000000 ____D () C:\Users\Kathrin
2014-03-24 21:54 - 2013-06-30 21:46 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-24 21:54 - 2013-06-30 21:19 - 00000000 ____D () C:\Users\Kathrin\Documents\CyberLink
2014-03-24 21:54 - 2013-06-30 21:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\CyberLink
2014-03-24 21:54 - 2012-12-15 05:36 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-24 21:53 - 2014-03-24 21:53 - 00526323 _____ () C:\Users\Kathrin\Downloads\web_of_trust_wot-20131118-fx.zip
2014-03-24 21:04 - 2014-03-24 21:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-24 21:02 - 2014-03-24 21:02 - 01038974 _____ (Thisisu) C:\Users\Kathrin\Downloads\JRT.exe
2014-03-24 20:55 - 2014-03-24 20:55 - 01950720 _____ () C:\Users\Kathrin\Downloads\adwcleaner.exe
2014-03-24 20:12 - 2014-03-24 20:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 20:11 - 2014-03-24 20:10 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Kathrin\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 19:59 - 2014-03-24 19:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kathrin\Downloads\revosetup95.exe
2014-03-24 19:59 - 2014-03-24 19:59 - 00001291 _____ () C:\Users\Kathrin\Desktop\Revo Uninstaller.lnk
2014-03-24 19:59 - 2014-03-24 19:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-22 08:46 - 2014-03-22 08:46 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition3.txt
2014-03-22 08:44 - 2014-03-22 08:44 - 00059303 _____ () C:\Users\Kathrin\Downloads\FRST2.txt
2014-03-22 08:43 - 2014-03-22 08:43 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357.exe
2014-03-22 08:40 - 2014-03-22 08:39 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2014-03-22 08:39 - 2014-03-22 08:39 - 01145856 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST.exe
2014-03-22 08:38 - 2014-03-22 08:38 - 00000000 _____ () C:\Users\Kathrin\defogger_reenable
2014-03-22 08:37 - 2014-03-22 08:37 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger.exe
2014-03-22 08:19 - 2014-03-22 08:19 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-22 08:19 - 2014-03-22 08:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\LSC
2014-03-22 08:19 - 2013-04-08 15:49 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\LSC
2014-03-22 08:19 - 2012-12-15 05:23 - 00000000 ____D () C:\Program Files\Lenovo
2014-03-22 08:19 - 2012-12-14 21:54 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-22 08:18 - 2012-12-15 05:34 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-03-22 08:12 - 2013-04-08 15:41 - 00000000 ___RD () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-22 08:10 - 2014-03-22 08:10 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-22 08:09 - 2014-03-22 08:08 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\Users\Kathrin\Documents\Simply Super Software
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Simply Super Software
2014-03-22 08:08 - 2014-03-22 08:08 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-22 08:08 - 2014-03-22 08:07 - 21407864 _____ (Simply Super Software ) C:\Users\Kathrin\Downloads\trjsetup690.exe
2014-03-21 22:52 - 2014-03-21 22:52 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Lenovo
2014-03-20 22:43 - 2013-06-28 16:12 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-03-20 22:43 - 2013-04-11 21:00 - 00049952 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-03-20 21:17 - 2013-04-08 15:41 - 00000000 ___RD () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-19 10:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-19 08:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-19 08:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-19 08:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-19 08:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-19 08:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-19 08:39 - 2013-08-31 10:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-19 08:37 - 2013-04-08 22:13 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-19 08:10 - 2013-11-18 21:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-19 08:08 - 2014-03-19 08:09 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-19 08:08 - 2014-03-19 08:09 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-19 08:08 - 2014-03-19 08:09 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-19 08:08 - 2013-08-31 09:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-19 07:59 - 2014-03-19 07:59 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Cisco
2014-03-19 07:59 - 2014-03-19 07:59 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-19 07:59 - 2013-04-14 11:50 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-19 07:43 - 2013-04-13 14:20 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-18 21:29 - 2013-08-22 16:44 - 00513320 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-18 21:28 - 2013-06-30 14:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 21:28 - 2013-06-30 14:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-18 21:28 - 2013-04-08 23:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 21:22 - 2013-04-29 14:51 - 00000412 _____ () C:\WINDOWS\Tasks\AllmyappsUpdateTask.job
2014-03-15 14:11 - 2013-06-29 20:56 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-15 14:03 - 2012-12-15 05:35 - 00000000 ____D () C:\WINDOWS\System32\Tasks\TVT
2014-03-15 14:03 - 2012-12-15 05:23 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-03-05 10:26 - 2014-03-24 20:12 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-05 10:26 - 2014-03-24 20:12 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-05 10:26 - 2014-03-24 20:12 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-05 00:53 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-05 00:53 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 15:28 - 2014-03-02 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 14:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-02 14:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-02 14:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-02 14:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-02 14:57 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism

Files to move or delete:
====================
C:\ProgramData\Lenovo-1208.vbs


Some content of TEMP:
====================
C:\Users\Kathrin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kathrin\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Kathrin\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-15 14:10] - [2014-01-31 18:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-03-31 20:08

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Achja das Problem ist verschwunden, kannst du mir auch grünes licht geben?
Brauch ich keine Angst mehr haben, dass im Hintergrund noch etwas arbeitet?

Danke

Viele Grüße
Kathrin

Alt 02.04.2014, 12:53   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8: default-search.net als Startsarte in allen Browsern - Standard

Windows 8: default-search.net als Startsarte in allen Browsern



Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 8: default-search.net als Startsarte in allen Browsern
adobe, avg, browser, defender, desktop, error, fehlermeldung, firefox, flash player, homepage, hotspot, internet, internet explorer, mozilla, national, object, problem, prozess, realtek, registry, scan, secure search, security, software, super, svchost.exe, system, taskmanager, vtoolbarupdater, windows



Ähnliche Themen: Windows 8: default-search.net als Startsarte in allen Browsern


  1. windows 8: search finder bei öffnen von browsern
    Plagegeister aller Art und deren Bekämpfung - 10.09.2015 (5)
  2. Windows 7 Kein Internetzugriff in allen Browsern, aber Skype, IMAP usw. funktioniert
    Log-Analyse und Auswertung - 03.09.2015 (7)
  3. Ständige Werbung in allen Browsern unter Windows 10
    Log-Analyse und Auswertung - 15.08.2015 (11)
  4. Windows 7: Mystartsearch in allen Browsern, Search Protect im Hintergrund
    Log-Analyse und Auswertung - 20.12.2014 (5)
  5. Ungewollte Startseite in den Browsern - http://www.default-search.net - wie entferne ich das?
    Plagegeister aller Art und deren Bekämpfung - 23.09.2014 (17)
  6. Windows 7 sehr lange Ladezeiten der Internetseiten unter allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 15.08.2014 (11)
  7. Windows 7: „server nicht gefunden“ bei allen Browsern, Trojaner-verdacht wegen Pishingpopup
    Log-Analyse und Auswertung - 19.07.2014 (46)
  8. Pop-Up Fenster in allen Browsern - Win 7
    Log-Analyse und Auswertung - 23.06.2014 (5)
  9. Windows 8.1: Facebook zeigt in allen Browsern keine Neuigkeiten mehr an
    Log-Analyse und Auswertung - 30.04.2014 (6)
  10. Windows 8.1 64 bit: Java Update Fake in allen Browsern (z.B. von mostshinstar.com)
    Log-Analyse und Auswertung - 26.04.2014 (23)
  11. Windows 7: Mögl. Virus verursacht Werbelinks in allen Browsern + verlangsamte Geschwindigkeit
    Plagegeister aller Art und deren Bekämpfung - 09.03.2014 (9)
  12. Windows 7: 'Nation Zoom' auto-öffnet sich in allen Browsern
    Log-Analyse und Auswertung - 07.01.2014 (14)
  13. Werbung in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 27.11.2013 (12)
  14. Windows Vista: Werbung von a2ZLyrics in allen Browsern
    Log-Analyse und Auswertung - 09.11.2013 (11)
  15. Instant Savings in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (17)
  16. Werbung in allen Browsern
    Log-Analyse und Auswertung - 06.12.2012 (22)
  17. Probleme mit allen Browsern
    Log-Analyse und Auswertung - 01.10.2006 (9)

Zum Thema Windows 8: default-search.net als Startsarte in allen Browsern - Hallo, seit neuestens erscheint bei mir als Startseite im Firefox wie auch im Internet Explorer als Startseite default-search.net. Ich kann zwar die Startseite abändern, aber das bekämpft das Problem ja - Windows 8: default-search.net als Startsarte in allen Browsern...
Archiv
Du betrachtest: Windows 8: default-search.net als Startsarte in allen Browsern auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.