| |
| |||||||
Log-Analyse und Auswertung: Windows 8: default-search.net als Startsarte in allen BrowsernWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
29.03.2014, 07:27
| #1 |
 |  Windows 8: default-search.net als Startsarte in allen Browsern Hallo, seit neuestens erscheint bei mir als Startseite im Firefox wie auch im Internet Explorer als Startseite default-search.net. Ich kann zwar die Startseite abändern, aber das bekämpft das Problem ja bestimmt nicht. Hier die Files die ihr braucht um mir zu helfen: FRST: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Kathrin (administrator) on KATHRIN-PC on 29-03-2014 07:09:20
Running from C:\Users\Kathrin\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(National Instruments Corporation) C:\WINDOWS\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(National Instruments, Inc.) C:\WINDOWS\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\WINDOWS\SysWOW64\lktsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
(National Instruments Corporation) C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(CyberLink Corp.) C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Allmyapps SAS) C:\Users\Kathrin\AppData\Roaming\Allmyapps\Allmyapps.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Dropbox, Inc.) C:\Users\Kathrin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
() C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe
(Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [TpShocks] - C:\WINDOWS\system32\TpShocks.exe [222720 2012-08-24] (Lenovo.)
HKLM\...\Run: [LnvMobHotspotClient] - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [2668024 2013-01-28] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [594936 2013-02-28] (Lenovo Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11577216 2012-08-27] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [64000 2012-08-10] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4277000 2012-11-08] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NI Update Service] - C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [857888 2013-05-28] (National Instruments)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [522232 2012-09-26] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TrojanScanner] - C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1661856 2014-03-22] (Simply Super Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [Allmyapps] - C:\Users\Kathrin\AppData\Roaming\Allmyapps\Allmyapps.exe [7311224 2014-03-18] (Allmyapps SAS)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [Allmyapps Update] - C:\Users\Kathrin\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [320376 2014-03-18] (Allmyapps SAS)
HKU\S-1-5-21-4231283838-1293705952-112321423-1001\...\Run: [NIRegistrationWizard] - C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [847000 2013-04-19] ()
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kathrin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.default-search.net?sid=476&aid=122&itype=n&ver=11471&tm=299&src=hmp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM - DefaultScope {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALCJS
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {26606CFE-7D75-400A-BF9E-7710D8C0607B} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} vpnweb.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26512] (National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [28560] (National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default
FF SearchEngineOrder.1: default-search.net
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=122&itype=n&ver=11471&tm=299&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll (AuthenTec, Inc)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npIMAQAXControl.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2010win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2011win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2013win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-27]
FF Extension: Settings Manager - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0} [2014-03-27]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2014-03-25]
FF Extension: {0d40efba-48b4-470d-953a-3d8ace89260c} - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{0d40efba-48b4-470d-953a-3d8ace89260c}.xpi [2013-11-07]
FF Extension: Video MPEG4 Plugin Free - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{62a9e1ac-ebb8-46f8-ae9d-292c433c266f}.xpi [2013-11-09]
FF Extension: Adblock Plus - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\bi4gxvxo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-09]
==================== Services (Whitelisted) =================
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [152568 2013-02-28] (Lenovo Corporation)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139944 2013-08-07] (AuthenTec, Inc)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [50440 2012-11-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [1628664 2013-02-06] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [559504 2012-08-16] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [677880 2013-02-28] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [53544 2013-06-12] (National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [63792 2013-06-12] (National Instruments Corporation)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [465912 2013-01-28] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [462840 2013-02-22] ()
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [83768 2013-06-10] (National Instruments Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57696 2013-06-08] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [81248 2013-06-08] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [380720 2013-06-12] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
R2 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-06-06] (National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [260976 2013-05-11] (National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [176512 2013-06-19] (National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [90440 2013-06-07] (National Instruments Corporation)
R2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57680 2013-06-08] (National Instruments Corporation)
R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [687944 2013-06-15] (National Instruments Corporation)
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-07-31] (Nitro PDF Software)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401704 2013-07-22] (AuthenTec, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
S2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [X]
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [12968 2012-01-27] (National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [12952 2011-07-01] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [13624 2012-12-19] (National Instruments Corporation)
R0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [926992 2012-12-19] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [13624 2012-12-19] (National Instruments Corporation)
R0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [16984 2012-12-18] (National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [13008 2012-06-06] (National Instruments Corporation)
R2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [13008 2012-06-06] (National Instruments Corporation)
R3 RCUVCAVS; C:\Windows\system32\DRIVERS\RCUVCAVS.sys [148352 2012-08-23] (Ricoh co.,Ltd.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-05] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-24] (Microsoft Corporation)
S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-12] (Lenovo Group Limited)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-29 07:06 - 2014-03-29 07:06 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2014-03-29 07:05 - 2014-03-29 07:05 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger(1).exe
2014-03-28 13:19 - 2010-01-03 19:05 - 504987648 _____ () C:\Users\Kathrin\Desktop\00001.MTS
2014-03-28 04:22 - 2014-03-28 04:23 - 00001758 _____ () C:\sc-cleaner.txt
2014-03-28 04:22 - 2014-03-28 04:22 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Kathrin\Downloads\sc-cleaner.exe
2014-03-27 20:01 - 2014-03-27 20:01 - 00000000 ____D () C:\ProgramData\Brother
2014-03-27 14:16 - 2014-03-27 14:17 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dev-Cpp
2014-03-27 14:16 - 2014-03-27 14:16 - 00001009 _____ () C:\Users\Kathrin\Desktop\Dev-C++.lnk
2014-03-27 14:14 - 2014-03-27 14:14 - 00000000 ____D () C:\Program Files (x86)\Dev-Cpp
2014-03-27 14:13 - 2014-03-27 14:13 - 43633629 _____ () C:\Users\Kathrin\Downloads\Dev-Cpp_5.4.0_TDM-GCC_x64_4.7.1_Setup.exe
2014-03-27 11:18 - 2014-03-28 04:09 - 00000000 ____D () C:\ProgramData\systemk
2014-03-27 11:18 - 2014-03-28 04:09 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-03-27 11:17 - 2014-03-27 11:17 - 09326468 _____ () C:\Users\Kathrin\Desktop\devcpp-4.9.9.2_setup.exe
2014-03-25 23:39 - 2014-03-27 19:57 - 00029120 _____ () C:\Users\Kathrin\Desktop\Handout - Feedback.odt
2014-03-25 22:56 - 2014-03-27 10:44 - 08997900 _____ () C:\Users\Kathrin\Desktop\Präsentation Feedback.odp
2014-03-25 20:21 - 2014-03-25 20:21 - 00987442 _____ () C:\Users\Kathrin\Downloads\SecurityCheck.exe
2014-03-25 18:19 - 2014-03-25 18:19 - 02347384 _____ (ESET) C:\Users\Kathrin\Downloads\esetsmartinstaller_enu.exe
2014-03-24 20:54 - 2014-03-24 20:54 - 00000000 ____D () C:\Users\Kathrin\Documents\ARADump
2014-03-24 20:54 - 2014-03-24 20:54 - 00000000 ____D () C:\Users\Kathrin\Cyberlink
2014-03-24 20:53 - 2014-03-24 20:53 - 00526323 _____ () C:\Users\Kathrin\Downloads\web_of_trust_wot-20131118-fx.zip
2014-03-24 20:04 - 2014-03-24 20:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-24 20:02 - 2014-03-24 20:02 - 01038974 _____ (Thisisu) C:\Users\Kathrin\Downloads\JRT.exe
2014-03-24 19:56 - 2014-03-28 04:13 - 00000000 ____D () C:\AdwCleaner
2014-03-24 19:55 - 2014-03-24 19:55 - 01950720 _____ () C:\Users\Kathrin\Downloads\adwcleaner.exe
2014-03-24 19:12 - 2014-03-28 21:10 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-24 19:12 - 2014-03-24 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 19:12 - 2014-03-24 19:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-03-24 19:12 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-24 19:12 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-24 19:12 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-24 19:10 - 2014-03-24 19:11 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Kathrin\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 18:59 - 2014-03-24 18:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kathrin\Downloads\revosetup95.exe
2014-03-24 18:59 - 2014-03-24 18:59 - 00001291 _____ () C:\Users\Kathrin\Desktop\Revo Uninstaller.lnk
2014-03-24 18:59 - 2014-03-24 18:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-22 07:46 - 2014-03-22 07:46 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition3.txt
2014-03-22 07:44 - 2014-03-22 07:44 - 00059303 _____ () C:\Users\Kathrin\Downloads\FRST2.txt
2014-03-22 07:43 - 2014-03-22 07:43 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357.exe
2014-03-22 07:41 - 2014-03-22 07:45 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition.txt
2014-03-22 07:40 - 2014-03-29 07:09 - 00029875 _____ () C:\Users\Kathrin\Downloads\FRST.txt
2014-03-22 07:40 - 2014-03-29 07:09 - 00000000 ____D () C:\FRST
2014-03-22 07:39 - 2014-03-22 07:40 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2014-03-22 07:39 - 2014-03-22 07:39 - 01145856 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST.exe
2014-03-22 07:38 - 2014-03-29 07:05 - 00000476 _____ () C:\Users\Kathrin\Downloads\defogger_disable.log
2014-03-22 07:38 - 2014-03-22 07:38 - 00000000 _____ () C:\Users\Kathrin\defogger_reenable
2014-03-22 07:37 - 2014-03-22 07:37 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger.exe
2014-03-22 07:19 - 2014-03-22 07:19 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-22 07:19 - 2014-03-22 07:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\LSC
2014-03-22 07:10 - 2014-03-22 07:10 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-22 07:08 - 2014-03-22 07:09 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\Users\Kathrin\Documents\Simply Super Software
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Simply Super Software
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-22 07:07 - 2014-03-22 07:08 - 21407864 _____ (Simply Super Software ) C:\Users\Kathrin\Downloads\trjsetup690.exe
2014-03-21 22:48 - 2014-02-22 13:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-21 22:48 - 2014-02-22 12:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-21 21:52 - 2014-03-21 21:52 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Lenovo
2014-03-19 07:25 - 2013-10-31 01:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-19 07:25 - 2013-10-31 01:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-19 07:25 - 2013-10-31 01:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-19 07:09 - 2014-03-19 07:08 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-19 07:09 - 2014-03-19 07:08 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-19 07:09 - 2014-03-19 07:08 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-19 06:59 - 2014-03-19 06:59 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Cisco
2014-03-19 06:59 - 2014-03-19 06:59 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-19 06:59 - 2012-09-26 07:45 - 00107432 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2014-03-18 20:38 - 2013-12-14 07:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-18 20:38 - 2013-12-09 09:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-18 20:37 - 2014-01-08 02:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-18 20:37 - 2014-01-08 02:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-18 20:37 - 2014-01-08 02:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-18 20:37 - 2014-01-04 16:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-18 20:37 - 2014-01-04 16:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-18 20:37 - 2014-01-04 15:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-18 20:37 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-18 20:37 - 2014-01-03 00:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-18 20:37 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-18 20:37 - 2014-01-01 02:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-18 20:37 - 2014-01-01 02:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-18 20:37 - 2014-01-01 01:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-18 20:37 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-18 20:37 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-18 20:37 - 2014-01-01 00:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-18 20:37 - 2014-01-01 00:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-18 20:37 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-18 20:37 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-18 20:37 - 2013-12-31 00:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-18 20:37 - 2013-12-31 00:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-18 20:37 - 2013-12-31 00:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-18 20:37 - 2013-12-27 16:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-18 20:37 - 2013-12-27 09:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-18 20:37 - 2013-12-27 09:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-18 20:37 - 2013-12-27 09:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-18 20:37 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-18 20:37 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-18 20:37 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-18 20:37 - 2013-12-21 08:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-18 20:37 - 2013-12-17 08:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-18 20:37 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-18 20:37 - 2013-12-13 11:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-18 20:37 - 2013-12-13 07:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-18 20:37 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-18 20:37 - 2013-12-09 05:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-15 13:10 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-15 13:10 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-15 13:10 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-15 13:10 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-15 13:10 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-15 13:10 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-15 13:10 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-15 13:10 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-15 13:10 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-15 13:10 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-15 13:10 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-15 13:10 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-15 13:10 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-15 13:10 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-15 13:10 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-15 13:10 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-15 13:10 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-15 13:10 - 2014-02-11 04:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-15 13:10 - 2014-02-11 03:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-15 13:10 - 2014-02-11 03:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-15 13:10 - 2014-01-31 17:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-15 13:10 - 2014-01-31 17:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-15 13:10 - 2014-01-31 17:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-15 13:10 - 2014-01-31 14:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-15 13:10 - 2014-01-31 10:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-15 13:10 - 2014-01-29 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-15 13:10 - 2014-01-29 09:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-15 13:10 - 2014-01-29 09:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-15 13:10 - 2014-01-29 09:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-15 13:10 - 2014-01-29 09:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-15 13:10 - 2014-01-29 08:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-15 13:10 - 2014-01-29 08:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-15 13:10 - 2014-01-29 08:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-15 13:10 - 2014-01-29 07:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-15 13:10 - 2014-01-29 01:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-15 13:10 - 2014-01-27 20:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-15 13:10 - 2014-01-27 20:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-15 13:10 - 2014-01-27 20:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-15 13:10 - 2014-01-27 19:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-15 13:10 - 2014-01-27 19:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-15 13:10 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-15 13:10 - 2014-01-27 19:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-15 13:10 - 2014-01-27 19:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-15 13:10 - 2014-01-27 18:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-15 13:10 - 2014-01-27 18:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-15 13:10 - 2014-01-27 18:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-15 13:10 - 2014-01-27 16:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-15 13:10 - 2014-01-27 16:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-15 13:10 - 2014-01-27 12:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-15 13:10 - 2014-01-18 00:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-15 13:10 - 2014-01-17 22:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-15 13:10 - 2013-12-21 15:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-15 13:10 - 2013-12-21 09:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-15 13:10 - 2013-12-20 11:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-15 13:10 - 2013-12-20 11:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-15 13:03 - 2013-12-11 18:40 - 00002092 _____ () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-15 13:03 - 2013-12-11 18:40 - 00002092 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-15 13:03 - 2013-12-11 18:40 - 00002092 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Update Search.lnk
2014-03-02 14:28 - 2014-03-02 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 13:53 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-02 13:53 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
==================== One Month Modified Files and Folders =======
2014-03-29 07:09 - 2014-03-22 07:40 - 00029875 _____ () C:\Users\Kathrin\Downloads\FRST.txt
2014-03-29 07:09 - 2014-03-22 07:40 - 00000000 ____D () C:\FRST
2014-03-29 07:06 - 2014-03-29 07:06 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2014-03-29 07:06 - 2013-11-24 21:33 - 01442381 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-29 07:05 - 2014-03-29 07:05 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger(1).exe
2014-03-29 07:05 - 2014-03-22 07:38 - 00000476 _____ () C:\Users\Kathrin\Downloads\defogger_disable.log
2014-03-29 07:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-29 06:59 - 2012-12-15 04:34 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-03-29 06:58 - 2013-04-08 17:39 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dropbox
2014-03-29 06:57 - 2014-01-02 10:54 - 00000000 __RDO () C:\Users\Kathrin\SkyDrive
2014-03-29 06:57 - 2013-04-08 17:42 - 00000000 ___RD () C:\Users\Kathrin\Dropbox
2014-03-29 06:56 - 2013-04-08 14:39 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Nitro PDF
2014-03-28 21:43 - 2014-01-02 11:33 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\ClassicShell
2014-03-28 21:41 - 2013-12-20 16:52 - 00035874 _____ () C:\WINDOWS\PFRO.log
2014-03-28 21:41 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-28 21:33 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-28 21:33 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\TAPI
2014-03-28 21:11 - 2013-06-29 19:56 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-28 21:10 - 2014-03-24 19:12 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-28 19:30 - 2013-12-06 21:01 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C3BC0EC9-7B8A-46EC-AC7D-AE06DD0CCEC7}
2014-03-28 19:04 - 2013-04-08 14:49 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4231283838-1293705952-112321423-1001
2014-03-28 18:42 - 2013-04-11 19:56 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-28 13:20 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-28 13:20 - 2013-09-30 04:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-28 13:20 - 2013-09-30 04:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-28 13:19 - 2013-12-12 23:49 - 00003612 _____ () C:\WINDOWS\setupact.log
2014-03-28 04:23 - 2014-03-28 04:22 - 00001758 _____ () C:\sc-cleaner.txt
2014-03-28 04:22 - 2014-03-28 04:22 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Kathrin\Downloads\sc-cleaner.exe
2014-03-28 04:13 - 2014-03-24 19:56 - 00000000 ____D () C:\AdwCleaner
2014-03-28 04:09 - 2014-03-27 11:18 - 00000000 ____D () C:\ProgramData\systemk
2014-03-28 04:09 - 2014-03-27 11:18 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-03-28 04:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Globalization
2014-03-27 20:01 - 2014-03-27 20:01 - 00000000 ____D () C:\ProgramData\Brother
2014-03-27 19:57 - 2014-03-25 23:39 - 00029120 _____ () C:\Users\Kathrin\Desktop\Handout - Feedback.odt
2014-03-27 14:17 - 2014-03-27 14:16 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Dev-Cpp
2014-03-27 14:16 - 2014-03-27 14:16 - 00001009 _____ () C:\Users\Kathrin\Desktop\Dev-C++.lnk
2014-03-27 14:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-27 14:14 - 2014-03-27 14:14 - 00000000 ____D () C:\Program Files (x86)\Dev-Cpp
2014-03-27 14:13 - 2014-03-27 14:13 - 43633629 _____ () C:\Users\Kathrin\Downloads\Dev-Cpp_5.4.0_TDM-GCC_x64_4.7.1_Setup.exe
2014-03-27 11:27 - 2014-01-02 18:54 - 00000000 ____D () C:\Users\Kathrin\Documents\Visual Studio 2013
2014-03-27 11:20 - 2013-06-08 07:59 - 00000000 ____D () C:\Users\Kathrin\Documents\Studium
2014-03-27 11:17 - 2014-03-27 11:17 - 09326468 _____ () C:\Users\Kathrin\Desktop\devcpp-4.9.9.2_setup.exe
2014-03-27 10:44 - 2014-03-25 22:56 - 08997900 _____ () C:\Users\Kathrin\Desktop\Präsentation Feedback.odp
2014-03-25 20:21 - 2014-03-25 20:21 - 00987442 _____ () C:\Users\Kathrin\Downloads\SecurityCheck.exe
2014-03-25 18:19 - 2014-03-25 18:19 - 02347384 _____ (ESET) C:\Users\Kathrin\Downloads\esetsmartinstaller_enu.exe
2014-03-24 20:54 - 2014-03-24 20:54 - 00000000 ____D () C:\Users\Kathrin\Documents\ARADump
2014-03-24 20:54 - 2014-03-24 20:54 - 00000000 ____D () C:\Users\Kathrin\Cyberlink
2014-03-24 20:54 - 2013-11-24 21:11 - 00000000 ____D () C:\Users\Kathrin
2014-03-24 20:54 - 2013-06-30 20:46 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-24 20:54 - 2013-06-30 20:19 - 00000000 ____D () C:\Users\Kathrin\Documents\CyberLink
2014-03-24 20:54 - 2013-06-30 20:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\CyberLink
2014-03-24 20:54 - 2012-12-15 04:36 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-24 20:53 - 2014-03-24 20:53 - 00526323 _____ () C:\Users\Kathrin\Downloads\web_of_trust_wot-20131118-fx.zip
2014-03-24 20:04 - 2014-03-24 20:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-24 20:02 - 2014-03-24 20:02 - 01038974 _____ (Thisisu) C:\Users\Kathrin\Downloads\JRT.exe
2014-03-24 19:55 - 2014-03-24 19:55 - 01950720 _____ () C:\Users\Kathrin\Downloads\adwcleaner.exe
2014-03-24 19:12 - 2014-03-24 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-24 19:12 - 2014-03-24 19:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-03-24 19:11 - 2014-03-24 19:10 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Kathrin\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-24 19:02 - 2013-10-09 09:02 - 00001008 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-24 18:59 - 2014-03-24 18:59 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kathrin\Downloads\revosetup95.exe
2014-03-24 18:59 - 2014-03-24 18:59 - 00001291 _____ () C:\Users\Kathrin\Desktop\Revo Uninstaller.lnk
2014-03-24 18:59 - 2014-03-24 18:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 18:59 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-22 07:46 - 2014-03-22 07:46 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition3.txt
2014-03-22 07:45 - 2014-03-22 07:41 - 00069995 _____ () C:\Users\Kathrin\Downloads\Addition.txt
2014-03-22 07:44 - 2014-03-22 07:44 - 00059303 _____ () C:\Users\Kathrin\Downloads\FRST2.txt
2014-03-22 07:43 - 2014-03-22 07:43 - 00380416 _____ () C:\Users\Kathrin\Downloads\Gmer-19357.exe
2014-03-22 07:40 - 2014-03-22 07:39 - 02157056 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2014-03-22 07:39 - 2014-03-22 07:39 - 01145856 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST.exe
2014-03-22 07:38 - 2014-03-22 07:38 - 00000000 _____ () C:\Users\Kathrin\defogger_reenable
2014-03-22 07:37 - 2014-03-22 07:37 - 00050477 _____ () C:\Users\Kathrin\Downloads\Defogger.exe
2014-03-22 07:19 - 2014-03-22 07:19 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-22 07:19 - 2014-03-22 07:19 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\LSC
2014-03-22 07:19 - 2013-04-08 14:49 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\LSC
2014-03-22 07:19 - 2012-12-15 04:23 - 00000000 ____D () C:\Program Files\Lenovo
2014-03-22 07:19 - 2012-12-14 20:54 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-22 07:18 - 2012-12-15 04:34 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-03-22 07:12 - 2013-04-08 14:41 - 00000000 ___RD () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-22 07:10 - 2014-03-22 07:10 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-22 07:09 - 2014-03-22 07:08 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\Users\Kathrin\Documents\Simply Super Software
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\Users\Kathrin\AppData\Roaming\Simply Super Software
2014-03-22 07:08 - 2014-03-22 07:08 - 00000000 ____D () C:\ProgramData\Simply Super Software
2014-03-22 07:08 - 2014-03-22 07:07 - 21407864 _____ (Simply Super Software ) C:\Users\Kathrin\Downloads\trjsetup690.exe
2014-03-21 21:52 - 2014-03-21 21:52 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Lenovo
2014-03-20 21:43 - 2013-06-28 15:12 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-03-20 21:43 - 2013-04-11 20:00 - 00049952 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-03-20 20:17 - 2013-04-08 14:41 - 00000000 ___RD () C:\Users\Kathrin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-19 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-19 07:40 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-19 07:40 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-19 07:40 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-19 07:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-19 07:40 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-19 07:39 - 2013-08-31 09:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-19 07:37 - 2013-04-08 21:13 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-19 07:10 - 2013-11-18 20:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-19 07:08 - 2014-03-19 07:09 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-03-19 07:08 - 2014-03-19 07:09 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-03-19 07:08 - 2014-03-19 07:09 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-03-19 07:08 - 2013-08-31 08:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-19 06:59 - 2014-03-19 06:59 - 00000000 ____D () C:\Users\Kathrin\AppData\Local\Cisco
2014-03-19 06:59 - 2014-03-19 06:59 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-19 06:59 - 2013-04-14 10:50 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-19 06:43 - 2013-04-13 13:20 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-18 20:29 - 2013-08-22 15:44 - 00513320 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-18 20:28 - 2013-06-30 13:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 20:28 - 2013-06-30 13:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-18 20:28 - 2013-04-08 22:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-18 20:22 - 2013-04-29 13:51 - 00000412 _____ () C:\WINDOWS\Tasks\AllmyappsUpdateTask.job
2014-03-15 13:11 - 2013-06-29 19:56 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-15 13:03 - 2012-12-15 04:35 - 00000000 ____D () C:\WINDOWS\System32\Tasks\TVT
2014-03-15 13:03 - 2012-12-15 04:23 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-03-05 09:26 - 2014-03-24 19:12 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-24 19:12 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-24 19:12 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 14:28 - 2014-03-02 14:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-02 13:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-02 13:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-02 13:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-02 13:57 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-02 13:57 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-01 07:05 - 2014-03-15 13:10 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 05:58 - 2014-03-15 13:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 05:30 - 2014-03-15 13:10 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 05:17 - 2014-03-15 13:10 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 04:54 - 2014-03-15 13:10 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 04:47 - 2014-03-15 13:10 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 04:42 - 2014-03-15 13:10 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 04:18 - 2014-03-15 13:10 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 04:14 - 2014-03-15 13:10 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-15 13:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 04:03 - 2014-03-15 13:10 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 03:57 - 2014-03-15 13:10 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-15 13:10 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-15 13:10 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-15 13:10 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-15 13:10 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-15 13:10 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
Files to move or delete:
====================
C:\ProgramData\Lenovo-1208.vbs
Some content of TEMP:
====================
C:\Users\Kathrin\AppData\Local\Temp\Quarantine.exe
C:\Users\Kathrin\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Kathrin\AppData\Local\Temp\uninst1.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-15 13:10] - [2014-01-31 17:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-03-25 21:22
==================== End Of Log ============================
Wenn sich jemand dem Thema annimmt, stelle ich das gerne noch gestückelt ans antowrt rein. Gmer zeigt beim Start folgende Fehlermeldung: Code:
ATTFilter C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei
zugreifen, da sie von einem anderen Prozess verwendet wird.
Danke schonmal im Vorraus. Viele Grüße Katy |
| Themen zu Windows 8: default-search.net als Startsarte in allen Browsern |
| adobe, avg, browser, defender, desktop, error, fehlermeldung, firefox, flash player, homepage, hotspot, internet, internet explorer, mozilla, national, object, problem, prozess, realtek, registry, scan, secure search, security, software, super, svchost.exe, system, taskmanager, vtoolbarupdater, windows, windowsapps |
Baum-Darstellung