Browser leitet mich ständig um - wie kann ich das ändern

TectRoyal · 31.03.2014, 14:30

Hallo,

wir sind ein 2-Mann Unternehmen und auf den PC angewiesen.

Seit ich am Samstag einen neuen Rechner gekauft und Inbetrieb genommen habe, habe ich FIREFOX Version 28 von Mozilla.org heruntergeladen. Seitdem werde ich dauernd auf irgendwelche Seiten umgeleitet - anbei einige Seiten, die sich da öffnen

hxxp://tracking.teebik.com/tracking/redirect/....
hxxp://gip.driverdiv.net/sd/dw32.html?u=....
hxxp://s.m2pub.com/ul_cb/player.html?a=23942126&context....
hxxp://www.lpcloudbox408.com/2044495A6C7B764D4D5F6C7A51....

Mein PC: LENOVO, 2 TB Platte, i7-Prozessor, Betr.System Windows 8.1 vorinstalliert, gekauft OFFICE HOME & BUSINESS 2013, Virenscanner McAffee (vorinstalliert) aber nur für 30 Tage (bisher noch nicht geändert) - ich will wieder Kaspersky nutzen.

Ist hier im Forum jemand, der mir damit helfen kann?

Vielen Dank im voraus.

Herzliche Grüße

Alexander Nazaruk
(TectRoyal)

cosinus · 31.03.2014, 14:38

Hallo und

Zitat:

habe ich FIREFOX Version 28 von Mozilla.org heruntergeladen. Seitdem werde ich dauernd auf irgendwelche Seiten umgeleitet

Glaub ich nicht, dass direkt danach das kam. Mozilla packt in seine Firefox Binaries (setup.exe) keine stinkende Junkware. Ich wette du hast irgendeinen Blödsinn von Softonic oder so noch installiert.

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

deeprybka · 31.03.2014, 14:39

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab.
Poste die Logfiles direkt in deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweise: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Das dauert dann zwar ein paar Stunden länger, garantiert aber, dass Du kompetente Hilfe und geprüfte Antworten bekommst. Siehe hier...

Ich bedanke mich für Deine Geduld!

Schritt 1 (Scan mit FRST)
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

deeprybka · 31.03.2014, 14:40

wieder zu langsam...gegen Dich verliere ich nicht nur im Schach...

TectRoyal · 31.03.2014, 17:32

Hallo cosinus,

erstmal vielen Dank für Dein Hilfsangebot. Du, ich habe keine Logs aus dem Virenscanner - der McAffee hat nichts gefunden auf dem Rechner.
Ich lade jetzt das Tool runter, das Du angegeben hast (Farbar's Recovery Scan Tool (FRST)) - habe einen 64 bit Rechner.

Leider habe ich hier ein sehr langsames Internet (2000er), sodass alles ein bisschen dauert.

Wenn Du mal Lust hast, Schach zu spielen, ich hätte auch daran Interesse (hatte mal ELO 1900 ist aber schon ein Jahrzehnt her) -> das aber nur am Rande.

Gruß
Alexander

Hier ist die FRST.txt (93K) - die Addition sende ich mit 2. Antwort.
Ich verstehe leider nicht, wie man ein Zip Archiv mit 7-Zip anlegt (sorry):

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Alexander (administrator) on ARBEITSPLATZ01 on 31-03-2014 18:09:38
Running from C:\Users\Alexander\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
() C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurf157.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
() C:\Windows\jmesoft\Service.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
() C:\Program Files (x86)\Mobogenie\MgAssist.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pokki) C:\Users\Alexander\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Smartbar) C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.exe
(Pokki) C:\Users\Alexander\AppData\Local\Pokki\Engine\HostAppService.exe
(Revizer) C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe
(Pokki) C:\Users\Alexander\AppData\Local\Pokki\Engine\HostAppService.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
() C:\Windows\jmesoft\JME_LOAD.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] - C:\WINDOWS\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo)
HKLM-x32\...\Run: [jmesoft] - C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-16] ()
HKLM-x32\...\Run: [LVT] - C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo App Shop] - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-19] (Intel Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [764096 2014-03-29] ()
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2014-03-29] (RealNetworks, Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2712879693-1085652998-2071342517-1001\...\Run: [Pokki] - C:\WINDOWS\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-2712879693-1085652998-2071342517-1001\...\Run: [Browser Infrastructure Helper] - C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.exe [21536 2014-02-09] (Smartbar)
HKU\S-1-5-21-2712879693-1085652998-2071342517-1001\...\Run: [BlockNSurf] - C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe [104448 2014-03-29] (Revizer)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [96768 2014-03-05] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [85504 2014-03-05] (Skytech Co., Ltd.)
Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWc,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWc,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}
SearchScopes: HKLM - {5613BAD6-6C53-43C6-88B2-BE3DA76414A8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWQ,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWQ,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWc,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWc,&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {5613BAD6-6C53-43C6-88B2-BE3DA76414A8} URL = 
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 217.237.150.188 217.237.151.142

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\l8jk90oa.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qone8.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Redirect Cleaner - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\l8jk90oa.default\Extensions\redirectcleaner@example.net.xpi [2014-03-31]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\bxld4o2l.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-01-17]
FF HKCU\...\Firefox\Extensions: [{e919e40d-669b-4732-9991-dbcf47582d16}] - C:\Program Files (x86)\BlockAndSurf-soft\157.xpi
FF Extension: No Name - C:\Program Files (x86)\BlockAndSurf-soft\157.xpi [2014-03-29]

==================== Services (Whitelisted) =================

S2 0152681396185619mcinstcleanup; C:\WINDOWS\TEMP\015268~1.EXE [834664 2013-07-30] (McAfee, Inc.)
R2 BlockAndSurf; C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurf157.exe [196096 2014-03-29] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [515584 2014-03-17] (Cherished Technololgy LIMITED)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] ()
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [585032 2013-09-17] (LENOVO INCORPORATED.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
R2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [70848 2014-03-29] ()
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [496640 2014-03-29] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [103656 2013-10-21] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-01-18] (Microsoft Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-29] (StdLib)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-31 18:09 - 2014-03-31 18:14 - 00026223 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-03-31 18:09 - 2014-03-31 18:09 - 00000000 ____D () C:\FRST
2014-03-31 18:06 - 2014-03-31 18:06 - 02157056 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2014-03-31 12:26 - 2014-03-31 12:33 - 00000000 ____D () C:\Users\Alexander\Documents\ELOFA Änderung SDB
2014-03-30 23:22 - 2014-03-31 16:09 - 00003360 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 23:22 - 2014-03-31 16:09 - 00003308 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 19:14 - 2014-03-30 19:14 - 00000000 ____D () C:\Users\Alexander\Documents\OneNote-Notizbücher
2014-03-30 11:50 - 2014-03-30 11:52 - 00000000 ____D () C:\Users\Alexander\Documents\Office2013 Schulungsdateien
2014-03-30 09:55 - 2014-03-30 09:59 - 00003382 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:55 - 2014-03-30 09:59 - 00003330 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:55 - 2014-03-30 09:55 - 00003402 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 21:15 - 2014-03-29 21:15 - 00099919 _____ () C:\Users\Alexander\Downloads\videocacheview265_Download.zip
2014-03-29 21:06 - 2014-03-29 21:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Macromedia
2014-03-29 21:04 - 2014-03-29 21:04 - 00002197 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-03-29 19:05 - 2014-03-29 19:07 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Mozilla
2014-03-29 19:05 - 2014-03-29 19:05 - 00001174 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-29 19:05 - 2014-03-29 19:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 18:49 - 2014-03-29 18:49 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-29 18:49 - 2014-03-29 18:49 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\LSC
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\tmp
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\hps
2014-03-29 17:01 - 2014-03-29 17:01 - 00011264 ___SH () C:\Users\Alexander\Desktop\Thumbs.db
2014-03-29 16:45 - 2014-03-29 16:45 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Microsoft Help
2014-03-29 16:06 - 2014-03-29 16:06 - 00086904 _____ () C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-29 16:06 - 2014-03-29 16:06 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\PDF Architect
2014-03-29 16:01 - 2014-03-29 16:04 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-29 16:01 - 2014-03-29 16:01 - 00001058 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00001020 _____ () C:\Users\Alexander\Desktop\PDF Architect.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Users\Alexander\Documents\PDF Architect Files
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\pdfforge
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-29 16:01 - 2013-04-09 15:13 - 00110264 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2014-03-29 16:01 - 2013-01-09 15:52 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2014-03-29 16:01 - 2012-05-05 11:54 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2014-03-29 16:01 - 2012-05-05 11:54 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMAPI32.OCX
2014-03-29 16:01 - 2012-05-05 11:54 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIDE.DLL
2014-03-29 16:01 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2014-03-29 16:01 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2014-03-29 16:01 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2014-03-29 15:54 - 2014-03-29 15:57 - 69734576 _____ (pdfforge ) C:\Users\Alexander\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\FileOpen
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\ProgramData\FileOpen
2014-03-29 15:26 - 2014-03-30 14:00 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro PDF
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Local\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\ProgramData\ATI
2014-03-29 15:18 - 2014-03-29 15:18 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\WebApp
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\Documents\CyberLink
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\CyberLink
2014-03-29 12:08 - 2014-03-29 12:08 - 00000000 ____D () C:\Users\Alexander\Desktop\Alte Firefox-Daten
2014-03-29 11:58 - 2014-03-31 16:18 - 00000000 ____D () C:\Users\Alexander\Documents\Outlook-Dateien
2014-03-29 11:37 - 2014-03-31 16:09 - 00005174 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSPLATZ01-Alexander Arbeitsplatz01
2014-03-29 11:37 - 2014-03-29 11:37 - 00003116 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 11:15 - 2013-09-23 14:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-03-29 10:53 - 2014-03-29 10:53 - 00003570 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-03-29 10:30 - 2014-03-29 10:30 - 00061112 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLibG64.sys
2014-03-29 09:43 - 2014-03-29 09:43 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\SupTab
2014-03-29 09:43 - 2014-03-29 09:43 - 00000000 ____D () C:\ProgramData\WPM
2014-03-29 09:43 - 2014-03-29 09:43 - 00000000 ____D () C:\ProgramData\IePluginService
2014-03-29 09:43 - 2014-03-29 09:43 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-03-29 09:41 - 2014-03-29 09:44 - 00001130 _____ () C:\Users\Alexander\Desktop\Flash Player Pro.lnk
2014-03-29 09:41 - 2014-03-29 09:44 - 00000000 ____D () C:\Program Files (x86)\Flash Player Pro
2014-03-29 09:41 - 2014-03-29 09:41 - 00000000 ____D () C:\Users\Alexander\Documents\Flash Player Pro
2014-03-29 09:39 - 2014-03-29 09:39 - 00000000 ____D () C:\Users\Alexander\AppData\Local\SearchProtect
2014-03-29 09:39 - 2014-03-29 09:39 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-29 09:38 - 2014-03-29 09:38 - 00229664 _____ (Premium Installer ) C:\Users\Alexander\Downloads\Media_Player_Setup.exe
2014-03-29 09:36 - 2014-03-29 09:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-29 09:36 - 2014-03-02 15:05 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-29 09:32 - 2014-03-29 09:32 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-29 09:32 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-29 09:32 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-29 09:32 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-29 09:32 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-29 09:32 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-29 09:32 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-29 09:32 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-29 09:32 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-29 09:32 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-29 09:32 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-29 09:32 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-29 09:32 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-29 09:32 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-29 09:32 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-29 09:32 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-29 09:32 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-29 09:32 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-29 09:32 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-29 09:32 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-03-29 09:32 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-29 09:32 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-03-29 09:32 - 2014-02-06 12:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-29 09:32 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-29 09:32 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-03-29 09:32 - 2014-02-06 12:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-03-29 09:32 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-03-29 09:32 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-03-29 09:32 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-29 09:32 - 2014-02-06 12:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-29 09:32 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-03-29 09:32 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-29 09:32 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-29 09:32 - 2014-02-06 11:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-03-29 09:32 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-03-29 09:32 - 2014-02-06 11:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-03-29 09:32 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-29 09:32 - 2014-02-06 11:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-03-29 09:31 - 2014-03-29 10:48 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-03-29 09:31 - 2014-03-29 10:48 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-03-29 09:31 - 2014-03-29 09:55 - 00000380 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-03-29 09:31 - 2014-03-29 09:31 - 00002818 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-03-29 09:29 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-29 09:29 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-29 09:29 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-29 09:29 - 2014-01-31 18:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-29 09:29 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-29 09:29 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-29 09:29 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-29 09:29 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-29 09:29 - 2014-01-29 11:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-29 09:29 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-29 09:29 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-29 09:29 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-29 09:29 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-29 09:29 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-29 09:29 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-29 09:29 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-29 09:29 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-29 09:29 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-29 09:29 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-29 09:29 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-29 09:29 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-29 09:29 - 2014-01-27 20:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-29 09:29 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-29 09:29 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-29 09:29 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-29 09:29 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-29 09:29 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-29 09:29 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-29 09:29 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-29 09:29 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-29 09:29 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-29 09:29 - 2014-01-27 13:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-29 09:29 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-29 09:29 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-29 09:29 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-29 09:29 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-29 09:28 - 2014-01-08 03:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-29 09:28 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-29 09:28 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-29 09:28 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-29 09:28 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-29 09:28 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-29 09:28 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-29 09:28 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-29 09:28 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-29 09:28 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-29 09:28 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-29 09:28 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-29 09:28 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-29 09:28 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-29 09:28 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-29 09:28 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-29 09:28 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-29 09:28 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-29 09:28 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-29 09:28 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-29 09:28 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-29 09:28 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-29 09:28 - 2013-12-27 11:21 - 13192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-03-29 09:28 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-29 09:28 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-29 09:28 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-29 09:28 - 2013-12-27 09:27 - 11688448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-03-29 09:28 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-29 09:28 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-29 09:28 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-29 09:28 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-29 09:28 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-29 09:28 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-29 09:28 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-29 09:28 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-29 09:28 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-29 09:28 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-29 09:28 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-29 09:28 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-29 09:28 - 2013-12-09 01:43 - 01104896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-03-29 09:28 - 2013-12-09 01:25 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-03-29 09:27 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-29 09:27 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-29 09:26 - 2013-11-27 17:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-03-29 09:26 - 2013-11-27 13:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-03-29 09:26 - 2013-11-27 10:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-29 09:26 - 2013-11-27 10:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-29 09:26 - 2013-11-27 10:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-03-29 09:26 - 2013-11-27 10:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-03-29 09:26 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-29 09:26 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-29 09:26 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-29 09:23 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-29 09:23 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-29 09:22 - 2013-12-09 02:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-03-29 09:22 - 2013-12-09 02:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-03-29 09:22 - 2013-11-27 17:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-03-29 09:22 - 2013-11-27 17:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-03-29 09:22 - 2013-11-27 16:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-03-29 09:22 - 2013-11-27 15:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-03-29 09:22 - 2013-11-27 14:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-03-29 09:22 - 2013-11-27 12:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-03-29 09:22 - 2013-11-27 11:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-03-29 09:22 - 2013-11-27 11:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-03-29 09:22 - 2013-11-27 11:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-03-29 09:22 - 2013-11-27 11:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-03-29 09:22 - 2013-11-27 10:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-03-29 09:22 - 2013-11-27 10:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-03-29 09:22 - 2013-11-27 10:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-03-29 09:22 - 2013-11-26 15:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-03-29 09:22 - 2013-11-26 15:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-03-29 09:22 - 2013-11-26 13:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-03-29 09:22 - 2013-11-25 03:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-03-29 09:22 - 2013-11-25 03:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-03-29 09:22 - 2013-11-25 01:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-03-29 09:22 - 2013-11-25 01:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-03-29 09:22 - 2013-11-23 14:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-03-29 09:22 - 2013-11-23 09:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-03-29 09:22 - 2013-11-23 09:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-03-29 09:22 - 2013-11-23 09:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-03-29 09:22 - 2013-11-23 06:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-03-29 09:22 - 2013-11-23 05:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-03-29 09:22 - 2013-11-23 05:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-03-29 09:22 - 2013-11-21 08:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-03-29 09:22 - 2013-11-21 08:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-03-29 09:22 - 2013-11-15 16:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-03-29 09:22 - 2013-11-15 16:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-03-29 09:22 - 2013-11-15 16:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-03-29 09:22 - 2013-11-15 15:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-03-29 09:22 - 2013-10-31 02:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-03-29 09:22 - 2013-10-31 01:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-03-29 09:20 - 2013-12-11 09:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-03-29 09:17 - 2013-11-11 04:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-03-29 09:17 - 2013-11-09 08:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-03-29 09:17 - 2013-11-09 07:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-03-29 09:17 - 2013-11-08 12:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-03-29 09:17 - 2013-11-08 06:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-03-29 09:17 - 2013-11-08 06:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-03-29 09:17 - 2013-11-08 06:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-03-29 09:17 - 2013-11-08 05:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-03-29 09:17 - 2013-11-08 05:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-03-29 09:17 - 2013-11-05 16:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-03-29 09:17 - 2013-11-05 15:17 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-03-29 09:17 - 2013-11-04 15:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-03-29 09:17 - 2013-11-04 13:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-03-29 09:17 - 2013-11-04 12:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-03-29 09:17 - 2013-11-04 04:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-03-29 09:17 - 2013-11-04 03:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-03-29 09:17 - 2013-11-01 13:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-03-29 09:17 - 2013-11-01 08:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-03-29 09:17 - 2013-11-01 07:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-03-29 09:17 - 2013-10-31 02:58 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-03-29 09:17 - 2013-10-31 02:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-03-29 09:17 - 2013-10-31 02:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-03-29 09:17 - 2013-10-31 02:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-03-29 09:17 - 2013-10-26 03:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-03-29 09:17 - 2013-10-24 11:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-03-29 09:17 - 2013-10-24 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-03-29 09:17 - 2013-10-17 13:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-03-29 09:17 - 2013-10-17 12:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-03-29 09:17 - 2013-10-05 16:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-03-29 09:17 - 2013-10-05 16:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-03-29 09:17 - 2013-10-05 14:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-03-29 09:17 - 2013-10-05 14:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-03-29 09:16 - 2014-03-29 09:16 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:16 - 00000324 _____ () C:\Users\Alexander\AppData\Roaming\aps.uninstall.scan.results
2014-03-29 09:15 - 2014-03-29 09:15 - 00272896 _____ (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00201872 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5016.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5032.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00001295 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-03-29 09:14 - 2014-03-29 15:34 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Real
2014-03-29 09:14 - 2014-03-29 09:15 - 00000000 ____D () C:\Program Files (x86)\Real
2014-03-29 09:13 - 2014-03-31 16:09 - 00000446 _____ () C:\WINDOWS\Tasks\BlockAndSurf_wd.job
2014-03-29 09:13 - 2014-03-31 16:09 - 00000442 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-03-29 09:13 - 2014-03-29 09:30 - 00000000 ____D () C:\Program Files (x86)\BlockAndSurf-soft
2014-03-29 09:13 - 2014-03-29 09:13 - 00003090 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-03-29 09:13 - 2014-03-29 09:13 - 00003034 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf_wd
2014-03-29 09:13 - 2014-03-29 09:13 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-29 09:09 - 2014-03-29 09:21 - 00000000 ____D () C:\ProgramData\Real
2014-03-29 09:09 - 2014-03-28 17:38 - 01172776 _____ (AnyProtect.com) C:\Users\Alexander\AppData\Local\AnyProtectScannerSetup.exe
2014-03-29 09:07 - 2014-01-07 07:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-03-29 09:07 - 2014-01-07 06:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-03-29 09:07 - 2013-12-09 02:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-03-29 09:07 - 2013-12-09 01:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-03-29 09:07 - 2013-11-21 08:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-03-29 09:07 - 2013-11-21 07:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-03-29 09:07 - 2013-10-19 10:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-03-29 09:07 - 2013-10-19 09:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-03-29 09:04 - 2013-12-09 04:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-03-29 09:04 - 2013-12-09 03:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-03-29 09:04 - 2013-10-15 10:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-03-29 09:04 - 2013-10-15 10:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-03-29 09:03 - 2014-03-29 19:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Mozilla
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-29 08:57 - 2014-03-29 09:32 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-03-29 08:57 - 2014-03-29 09:15 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Mobogenie
2014-03-29 08:57 - 2014-03-29 09:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\cache
2014-03-29 08:57 - 2014-03-29 08:57 - 00001046 _____ () C:\Users\Alexander\Desktop\Mobogenie.lnk
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\Documents\Mobogenie
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\.android
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 _____ () C:\Users\Alexander\daemonprocess.txt
2014-03-29 08:53 - 2014-03-29 08:54 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LPT
2014-03-29 08:53 - 2014-03-29 08:53 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Smartbar
2014-03-29 08:50 - 2014-03-31 16:10 - 00002183 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startmenü.lnk
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-03-29 01:33 - 2014-03-29 01:33 - 00000000 ____D () C:\Users\Alexander\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-29 01:18 - 2014-03-29 01:18 - 00000000 __RHD () C:\MSOCache
2014-03-29 01:05 - 2014-03-29 21:05 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-03-29 01:05 - 2014-03-29 18:49 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LSC
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-03-29 00:58 - 2014-03-29 10:57 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-29 00:58 - 2014-03-29 10:56 - 00962240 _____ (Microsoft Corporation) C:\Users\Alexander\Downloads\Setup.X86.de-DE_HomeBusinessRetail_5cf0bcd6-92ef-4fef-b9b2-43d327b58416_TX_DB_.exe
2014-03-29 00:45 - 2014-03-31 17:09 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 00:45 - 2014-03-31 00:40 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{514E0437-3AB4-468C-B646-7FAA7ADECD18}
2014-03-29 00:42 - 2014-03-31 16:09 - 00000000 __RDO () C:\Users\Alexander\SkyDrive
2014-03-29 00:41 - 2014-03-29 08:50 - 00002337 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Public\Pokki
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Intel Corporation
2014-03-29 00:40 - 2014-03-31 16:09 - 00000369 _____ () C:\Users\Alexander\AppData\Local\RegisteredPackageInformation.xml
2014-03-29 00:40 - 2014-03-30 19:14 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-29 00:40 - 2014-03-30 11:52 - 00000000 ____D () C:\Users\Alexander\AppData\Local\VirtualStore
2014-03-29 00:40 - 2014-03-29 10:53 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-29 00:40 - 2014-03-29 09:42 - 00001677 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-29 00:40 - 2014-03-29 01:04 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Adobe
2014-03-29 00:40 - 2014-03-29 00:42 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Lenovo
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Lenovo
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Power2Go
2014-03-29 00:39 - 2014-03-31 16:11 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Pokki
2014-03-29 00:39 - 2014-03-31 10:29 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Packages
2014-03-29 00:39 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander
2014-03-29 00:39 - 2014-03-29 00:39 - 00000020 ___SH () C:\Users\Alexander\ntuser.ini
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Vorlagen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Startmenü
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Netzwerkumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Lokale Einstellungen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Eigene Dateien
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Druckumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Musik
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Bilder
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Verlauf
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 ____D () C:\ProgramData\eBay
2014-03-29 00:39 - 2014-01-17 19:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Macromedia
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-29 00:30 - 2014-03-31 13:38 - 01599294 _____ () C:\WINDOWS\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2014-03-31 18:14 - 2014-03-31 18:09 - 00026223 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-03-31 18:09 - 2014-03-31 18:09 - 00000000 ____D () C:\FRST
2014-03-31 18:06 - 2014-03-31 18:06 - 02157056 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2014-03-31 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-31 17:09 - 2014-03-29 00:45 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-31 16:18 - 2014-03-29 11:58 - 00000000 ____D () C:\Users\Alexander\Documents\Outlook-Dateien
2014-03-31 16:11 - 2014-03-29 00:39 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Pokki
2014-03-31 16:11 - 2014-01-17 19:35 - 00001871 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2014-03-31 16:10 - 2014-03-29 08:50 - 00002183 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startmenü.lnk
2014-03-31 16:09 - 2014-03-30 23:22 - 00003360 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-31 16:09 - 2014-03-30 23:22 - 00003308 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-31 16:09 - 2014-03-29 11:37 - 00005174 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSPLATZ01-Alexander Arbeitsplatz01
2014-03-31 16:09 - 2014-03-29 09:13 - 00000446 _____ () C:\WINDOWS\Tasks\BlockAndSurf_wd.job
2014-03-31 16:09 - 2014-03-29 09:13 - 00000442 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-03-31 16:09 - 2014-03-29 00:42 - 00000000 __RDO () C:\Users\Alexander\SkyDrive
2014-03-31 16:09 - 2014-03-29 00:40 - 00000369 _____ () C:\Users\Alexander\AppData\Local\RegisteredPackageInformation.xml
2014-03-31 13:38 - 2014-03-29 00:30 - 01599294 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-31 12:35 - 2014-01-18 04:01 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-31 12:35 - 2014-01-18 04:01 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-31 12:35 - 2013-08-31 17:40 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-31 12:33 - 2014-03-31 12:26 - 00000000 ____D () C:\Users\Alexander\Documents\ELOFA Änderung SDB
2014-03-31 10:29 - 2014-03-29 00:39 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Packages
2014-03-31 09:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-31 07:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-31 00:40 - 2014-03-29 00:45 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{514E0437-3AB4-468C-B646-7FAA7ADECD18}
2014-03-30 19:14 - 2014-03-30 19:14 - 00000000 ____D () C:\Users\Alexander\Documents\OneNote-Notizbücher
2014-03-30 19:14 - 2014-03-29 00:40 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-30 15:20 - 2014-01-17 19:34 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-03-30 14:22 - 2013-08-22 16:46 - 00018232 _____ () C:\WINDOWS\setupact.log
2014-03-30 14:00 - 2014-03-29 15:26 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro PDF
2014-03-30 11:52 - 2014-03-30 11:50 - 00000000 ____D () C:\Users\Alexander\Documents\Office2013 Schulungsdateien
2014-03-30 11:52 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\VirtualStore
2014-03-30 09:59 - 2014-03-30 09:55 - 00003382 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:59 - 2014-03-30 09:55 - 00003330 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:55 - 2014-03-30 09:55 - 00003402 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:52 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-30 09:51 - 2013-08-31 17:36 - 00008972 _____ () C:\WINDOWS\PFRO.log
2014-03-29 21:41 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-29 21:15 - 2014-03-29 21:15 - 00099919 _____ () C:\Users\Alexander\Downloads\videocacheview265_Download.zip
2014-03-29 21:06 - 2014-03-29 21:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Macromedia
2014-03-29 21:05 - 2014-03-29 01:05 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-03-29 21:04 - 2014-03-29 21:04 - 00002197 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-03-29 20:44 - 2014-01-17 19:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-03-29 19:07 - 2014-03-29 19:05 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Mozilla
2014-03-29 19:05 - 2014-03-29 19:05 - 00001174 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-29 19:05 - 2014-03-29 19:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 19:05 - 2014-03-29 09:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 18:56 - 2014-01-17 19:16 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-29 18:56 - 2014-01-17 19:16 - 00000000 ____D () C:\Program Files\lenovo
2014-03-29 18:49 - 2014-03-29 18:49 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-29 18:49 - 2014-03-29 18:49 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\LSC
2014-03-29 18:49 - 2014-03-29 01:05 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LSC
2014-03-29 18:48 - 2014-01-17 19:40 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\tmp
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\hps
2014-03-29 17:01 - 2014-03-29 17:01 - 00011264 ___SH () C:\Users\Alexander\Desktop\Thumbs.db
2014-03-29 16:45 - 2014-03-29 16:45 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Microsoft Help
2014-03-29 16:06 - 2014-03-29 16:06 - 00086904 _____ () C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-29 16:06 - 2014-03-29 16:06 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\PDF Architect
2014-03-29 16:04 - 2014-03-29 16:01 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-29 16:01 - 2014-03-29 16:01 - 00001058 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00001020 _____ () C:\Users\Alexander\Desktop\PDF Architect.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Users\Alexander\Documents\PDF Architect Files
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\pdfforge
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-29 15:57 - 2014-03-29 15:54 - 69734576 _____ (pdfforge ) C:\Users\Alexander\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\FileOpen
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\ProgramData\FileOpen
2014-03-29 15:34 - 2014-03-29 09:14 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Real
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Local\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\ProgramData\ATI
2014-03-29 15:18 - 2014-03-29 15:18 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\WebApp
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\Documents\CyberLink
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\CyberLink
2014-03-29 15:17 - 2014-01-17 19:37 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-29 12:08 - 2014-03-29 12:08 - 00000000 ____D () C:\Users\Alexander\Desktop\Alte Firefox-Daten
2014-03-29 11:37 - 2014-03-29 11:37 - 00003116 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 11:09 - 2014-01-17 19:34 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-03-29 11:08 - 2014-01-17 19:34 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-29 11:08 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-03-29 10:57 - 2014-03-29 00:58 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-29 10:56 - 2014-03-29 00:58 - 00962240 _____ (Microsoft Corporation) C:\Users\Alexander\Downloads\Setup.X86.de-DE_HomeBusinessRetail_5cf0bcd6-92ef-4fef-b9b2-43d327b58416_TX_DB_.exe
2014-03-29 10:53 - 2014-03-29 10:53 - 00003570 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-03-29 10:53 - 2014-03-29 00:40 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-29 10:48 - 2014-03-29 09:31 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-03-29 10:48 - 2014-03-29 09:31 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-03-29 10:48 - 2013-08-22 16:44 - 00379704 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-29 10:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-29 10:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-29 10:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-29 10:30 - 2014-03-29 10:30 - 00061112 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLibG64.sys
2014-03-29 09:55 - 2014-03-29 09:31 - 00000380 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-03-29 09:44 - 2014-03-29 09:41 - 00001130 _____ () C:\Users\Alexander\Desktop\Flash Player Pro.lnk
2014-03-29 09:44 - 2014-03-29 09:41 - 00000000 ____D () C:\Program Files (x86)\Flash Player Pro
2014-03-29 09:43 - 2014-03-29 09:43 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\SupTab
2014-03-29 09:43 - 2014-03-29 09:43 - 00000000 ____D () C:\ProgramData\WPM
2014-03-29 09:43 - 2014-03-29 09:43 - 00000000 ____D () C:\ProgramData\IePluginService
2014-03-29 09:43 - 2014-03-29 09:43 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-03-29 09:42 - 2014-03-29 00:40 - 00001677 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-29 09:41 - 2014-03-29 09:41 - 00000000 ____D () C:\Users\Alexander\Documents\Flash Player Pro
2014-03-29 09:39 - 2014-03-29 09:39 - 00000000 ____D () C:\Users\Alexander\AppData\Local\SearchProtect
2014-03-29 09:39 - 2014-03-29 09:39 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-29 09:38 - 2014-03-29 09:38 - 00229664 _____ (Premium Installer ) C:\Users\Alexander\Downloads\Media_Player_Setup.exe
2014-03-29 09:37 - 2014-03-29 09:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-29 09:36 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-29 09:32 - 2014-03-29 09:32 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-29 09:32 - 2014-03-29 08:57 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-03-29 09:31 - 2014-03-29 09:31 - 00002818 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-03-29 09:30 - 2014-03-29 09:13 - 00000000 ____D () C:\Program Files (x86)\BlockAndSurf-soft
2014-03-29 09:21 - 2014-03-29 09:09 - 00000000 ____D () C:\ProgramData\Real
2014-03-29 09:16 - 2014-03-29 09:16 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\RealNetworks
2014-03-29 09:16 - 2014-03-29 09:15 - 00000324 _____ () C:\Users\Alexander\AppData\Roaming\aps.uninstall.scan.results
2014-03-29 09:15 - 2014-03-29 09:15 - 00272896 _____ (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00201872 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5016.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5032.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00001295 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:14 - 00000000 ____D () C:\Program Files (x86)\Real
2014-03-29 09:15 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Mobogenie
2014-03-29 09:14 - 2014-01-17 19:35 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2014-03-29 09:14 - 2014-01-17 19:35 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2014-03-29 09:13 - 2014-03-29 09:13 - 00003090 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-03-29 09:13 - 2014-03-29 09:13 - 00003034 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf_wd
2014-03-29 09:13 - 2014-03-29 09:13 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-29 09:13 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-03-29 09:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Mozilla
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-29 09:00 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\AppData\Local\cache
2014-03-29 08:57 - 2014-03-29 08:57 - 00001046 _____ () C:\Users\Alexander\Desktop\Mobogenie.lnk
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\Documents\Mobogenie
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\.android
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 _____ () C:\Users\Alexander\daemonprocess.txt
2014-03-29 08:57 - 2014-03-29 00:39 - 00000000 ____D () C:\Users\Alexander
2014-03-29 08:54 - 2014-03-29 08:53 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LPT
2014-03-29 08:53 - 2014-03-29 08:53 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Smartbar
2014-03-29 08:50 - 2014-03-29 00:41 - 00002337 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-03-29 07:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-29 07:15 - 2013-08-22 15:36 - 00000000 ___HD () C:\Users\Default
2014-03-29 01:33 - 2014-03-29 01:33 - 00000000 ____D () C:\Users\Alexander\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-29 01:18 - 2014-03-29 01:18 - 00000000 __RHD () C:\MSOCache
2014-03-29 01:04 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Adobe
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-03-29 00:42 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Lenovo
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Public\Pokki
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Intel Corporation
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Lenovo
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Power2Go
2014-03-29 00:40 - 2014-01-18 04:46 - 00080744 ____H () C:\WINDOWS\modules.log
2014-03-29 00:39 - 2014-03-29 00:39 - 00000020 ___SH () C:\Users\Alexander\ntuser.ini
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Vorlagen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Startmenü
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Netzwerkumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Lokale Einstellungen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Eigene Dateien
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Druckumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Musik
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Bilder
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Verlauf
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 ____D () C:\ProgramData\eBay
2014-03-29 00:39 - 2013-08-31 18:36 - 00000000 ____D () C:\WINDOWS\Panther
2014-03-29 00:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-03-28 17:38 - 2014-03-29 09:09 - 01172776 _____ (AnyProtect.com) C:\Users\Alexander\AppData\Local\AnyProtectScannerSetup.exe
2014-03-05 00:53 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-05 00:53 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 15:05 - 2014-03-29 09:36 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-01 08:05 - 2014-03-29 09:32 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 06:58 - 2014-03-29 09:32 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 06:30 - 2014-03-29 09:32 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 06:17 - 2014-03-29 09:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 05:54 - 2014-03-29 09:32 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 05:47 - 2014-03-29 09:32 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 05:42 - 2014-03-29 09:32 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 05:18 - 2014-03-29 09:32 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 05:14 - 2014-03-29 09:32 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 05:10 - 2014-03-29 09:32 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 05:03 - 2014-03-29 09:32 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 04:57 - 2014-03-29 09:32 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 04:38 - 2014-03-29 09:32 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 04:32 - 2014-03-29 09:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 04:27 - 2014-03-29 09:32 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 04:25 - 2014-03-29 09:32 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 04:25 - 2014-03-29 09:32 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\6_Offer_13.exe
C:\Users\Alexander\AppData\Local\Temp\COMAP.EXE
C:\Users\Alexander\AppData\Local\Temp\D1396075956.exe
C:\Users\Alexander\AppData\Local\Temp\dlLogic.exe
C:\Users\Alexander\AppData\Local\Temp\GCVerifier.dll
C:\Users\Alexander\AppData\Local\Temp\lowproc.exe
C:\Users\Alexander\AppData\Local\Temp\Media_Player_Setup.exe
C:\Users\Alexander\AppData\Local\Temp\Mobogenie_INT.exe
C:\Users\Alexander\AppData\Local\Temp\nsc2FF.exe
C:\Users\Alexander\AppData\Local\Temp\nsr187.exe
C:\Users\Alexander\AppData\Local\Temp\nst1F83.exe
C:\Users\Alexander\AppData\Local\Temp\nsz2178.exe
C:\Users\Alexander\AppData\Local\Temp\octD6F1.tmp.exe
C:\Users\Alexander\AppData\Local\Temp\stubhelper.dll
C:\Users\Alexander\AppData\Local\Temp\verifier.exe
C:\Users\Alexander\AppData\Local\Temp\_cwjlrug.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-29 09:29] - [2014-01-31 18:15] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2013-08-31 17:36

==================== End Of Log ============================

--- --- ---

--- --- ---

Herzlichen Gruß
Alexander (TectRoyal)

TectRoyal · 31.03.2014, 17:38

und da ist der Addition Log (39K):

Code:

ATTFilter

 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Alexander at 2014-03-31 18:14:18
Running from C:\Users\Alexander\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
AMD Accelerated Video Transcoding (Version: 13.15.100.31001 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1001.1804.30597 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{E722C305-F584-0E98-E742-8884D07EB1CC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
BlockAndSurf (HKLM-x32\...\c4ee05be-ade6-438d-8333-4dec7508a8bd) (Version:  - BlockAndSurf software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1001.1804.30597 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1001.1804.30597 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2013.1001.1804.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1001.1803.30597 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1001.1804.30597 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4107 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
FamilySafetyGuide (HKLM-x32\...\{9A268503-5AB0-479E-9690-929BDEC55C00}) (Version: 1.00.0711 - lenovo)
Flash Player Pro V5.86 (HKLM-x32\...\Flash Player Pro_is1) (Version: 5.86 - FlashPlayerPro.com)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.1.2.2 - Genesys Logic)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo)
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.6.14.0 - Lenovo Group Limited)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.3.0 - Lenovo)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{C51863E5-EB09-43A5-9D43-26A32587EEAC}) (Version: 2.4.002.00 - Lenovo Group Limited)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft Office Home and Business 2013 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Nitro Pro 8 (HKLM\...\{84DAF9F1-513C-49F8-89D2-63CB3F4A7E39}) (Version: 8.5.7.1 - Nitro)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7005 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.10.97 - Conduit) <==== ATTENTION
Shopping Helper Smartbar (HKLM-x32\...\{AC6E9B2A-A7E6-4B17-8A6C-29D519673E12}) (Version: 10.215.63.15249 - ReSoft Ltd.) <==== ATTENTION
Startmenü (HKCU\...\Pokki) (Version: 0.269.2.430 - Pokki)
WPM17.8.0.3442 (HKLM-x32\...\WPM) (Version: 17.8.0.3442 - Cherished Technololgy LIMITED) <==== ATTENTION

==================== Restore Points  =========================

28-03-2014 22:31:54 Windows Modules Installer

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {05E1DFA4-6ED2-4186-A780-6B5AA8B66890} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {07EB16C2-9696-47FD-9B21-DBE44D956DD4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-19] (Lenovo)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1747F984-D989-4FCF-AAA5-595DE082C00A} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-02-19] (Lenovo)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2DF49F53-D479-4992-9C94-070674009889} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-03-14] (Lenovo)
Task: {34A904F7-E31D-4F7F-9D9B-DF9EB6703CC9} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\BlockAndSurf-soft\BnSup.exe [2014-03-29] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {444D6DE6-A10F-4D71-A258-05192CA28D49} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4AACBB93-5DDB-4ED8-92AE-72AB0B69EFB7} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4B9576B3-6725-47FE-AEA7-D64AB20634AF} - System32\Tasks\BlockAndSurf_wd => C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurf_wd.exe
Task: {6766BD9C-BEC2-4FBB-91CB-92C52527655D} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {83EE18CD-BE8F-459D-8B56-70DA81E34612} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-02] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {93C4B129-6903-4277-95EA-7A6BA707343F} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSPLATZ01-Alexander Arbeitsplatz01 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-03-29] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A7F18A53-4BE0-4AFF-9706-170951FD6589} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-02-19] ()
Task: {B3F0329E-2BCA-4977-BC0B-5819F17EF0A4} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B572A00D-8756-428C-83EE-A833C5F3AD21} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {C204D107-5878-427A-A845-AFC2BAEFE969} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {C5DC333E-18D5-4F73-938A-6257477615B3} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-09-17] ()
Task: {C7276967-9FE1-4764-9ED8-F3444EC02C63} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-02-19] (Lenovo)
Task: {C896F85B-B453-4600-9F16-ED048CE459EE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D1F0C021-0BF3-4A79-B5F5-604C87576885} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\SystemAgent\AutoUpdate.exe [2013-09-17] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB3DC54F-A1B4-4021-88AB-05A134698FB6} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E89514B0-8906-4813-945F-6CDE57DECF63} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-02-19] ()
Task: {EAB6C5BC-0E81-495F-B9F8-2E8F743B2DE0} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2712879693-1085652998-2071342517-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {EB5C6E42-B56D-4BB8-928F-C5B77CD98FD9} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2014-02-19] (Lenovo)
Task: {FA933DE3-73AF-45E5-9138-E4C482187604} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\WINDOWS\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\BlockAndSurf-soft\BnSup.exe
Task: C:\WINDOWS\Tasks\BlockAndSurf_wd.job => C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurf_wd.exe

==================== Loaded Modules (whitelisted) =============

2014-03-29 09:13 - 2014-03-29 09:13 - 00196096 _____ () C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurf157.exe
2014-03-29 09:03 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-29 00:58 - 2014-01-02 19:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-01-17 19:15 - 2011-08-16 21:46 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2014-03-29 08:57 - 2014-03-29 08:59 - 00070848 _____ () C:\Program Files (x86)\Mobogenie\MgAssist.exe
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-01-17 19:38 - 2013-05-14 20:53 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-08-22 14:31 - 2013-08-22 14:31 - 00204288 _____ () C:\WINDOWS\system32\SaMinDr8.dll
2014-03-29 08:57 - 2014-03-29 08:59 - 00764096 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2014-01-17 19:15 - 2011-08-16 21:46 - 00024576 _____ () C:\Windows\jmesoft\JME_LOAD.exe
2014-01-17 19:14 - 2013-09-12 11:39 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-29 08:57 - 2014-03-29 08:59 - 00065728 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-03-29 08:57 - 2014-03-29 08:59 - 00474816 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2014-03-29 09:19 - 2014-03-29 11:18 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00033824 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00063520 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\srau.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00166432 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 02310688 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00058400 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\spbl.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00152608 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00013344 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\siem.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00054304 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\sppsm.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00728096 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00082464 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00014368 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00017440 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00052256 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\srut.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00020512 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\srsbs.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00059424 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00037408 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\srbu.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00014368 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\sgml.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00053280 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00014880 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\srpdm.dll
2014-02-09 13:40 - 2014-02-09 13:40 - 00048160 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-02-09 13:37 - 2014-02-09 13:37 - 00026144 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00025632 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00193056 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\sgmu.dll
2014-02-09 13:37 - 2014-02-09 13:37 - 00061440 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-02-09 13:41 - 2014-02-09 13:41 - 00247328 _____ () C:\Users\Alexander\AppData\Local\Smartbar\Application\srns.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 00569856 _____ () C:\Users\Alexander\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 01400846 _____ () C:\Users\Alexander\AppData\Local\Pokki\Engine\avcodec-54.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 00151054 _____ () C:\Users\Alexander\AppData\Local\Pokki\Engine\avutil-51.dll
2014-01-17 18:32 - 2014-01-17 18:32 - 00222734 _____ () C:\Users\Alexander\AppData\Local\Pokki\Engine\avformat-54.dll
2014-03-29 09:03 - 2014-03-29 10:57 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-01-17 19:15 - 2011-05-17 14:27 - 00028672 _____ () C:\Windows\jmesoft\hidhook.dll
2009-12-04 17:59 - 2009-12-04 17:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-04 18:04 - 2009-12-04 18:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2014-03-29 09:21 - 2014-03-29 11:28 - 01030312 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2014-03-29 09:20 - 2014-03-29 11:29 - 00321704 _____ () C:\Program Files\Microsoft Office 15\root\office15\msfad.dll
2014-03-29 19:05 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-29 00:58 - 2014-03-29 11:13 - 01286256 _____ () C:\Program Files\Microsoft Office 15\root\office15\PPRESOURCES.DLL

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Alexander\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/30/2014 10:07:36 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/30/2014 09:55:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/29/2014 09:56:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/29/2014 09:34:46 AM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.4.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17a0

Startzeit: 01cf4b20a581d85d

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 99253da2-b714-11e3-8257-c03fd538b4d3

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/29/2014 09:15:57 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/29/2014 09:15:51 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/29/2014 09:15:04 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/29/2014 09:05:47 AM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.4.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1aa0

Startzeit: 01cf4b1c9984689a

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 8d15e0d3-b710-11e3-8257-c03fd538b4d3

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/29/2014 08:53:29 AM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.4.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 684

Startzeit: 01cf4b1ae0158a0a

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: d4a1f0ec-b70e-11e3-8257-c03fd538b4d3

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/29/2014 01:34:27 AM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.4.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 14b4

Startzeit: 01cf4add8c9e60db

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 801e5f2f-b6d1-11e3-8256-c03fd538b4d3

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (03/31/2014 05:04:05 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "ADMIN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{35A189F7-5541-4AA3-AD13-9B24B5D97546}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/31/2014 04:19:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "pcicsa.sys" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/31/2014 03:04:07 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "ADMIN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{35A189F7-5541-4AA3-AD13-9B24B5D97546}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/31/2014 01:52:08 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "ADMIN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{35A189F7-5541-4AA3-AD13-9B24B5D97546}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/31/2014 00:27:59 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "ADMIN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{35A189F7-5541-4AA3-AD13-9B24B5D97546}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/31/2014 09:52:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "pcicsa.sys" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/30/2014 11:31:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "pcicsa.sys" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/30/2014 01:15:23 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (03/30/2014 10:02:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "pcicsa.sys" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/30/2014 09:52:33 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1243


Microsoft Office Sessions:
=========================
Error: (03/30/2014 10:07:36 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (03/30/2014 09:55:58 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (03/29/2014 09:56:33 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (03/29/2014 09:34:46 AM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.4.9600.1638417a001cf4b20a581d85d4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe99253da2-b714-11e3-8257-c03fd538b4d3microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (03/29/2014 09:15:57 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (03/29/2014 09:15:51 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (03/29/2014 09:15:04 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Program Files (x86)\Real\RealPlayer\realplay.exe

Error: (03/29/2014 09:05:47 AM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.4.9600.163841aa001cf4b1c9984689a4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe8d15e0d3-b710-11e3-8257-c03fd538b4d3microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (03/29/2014 08:53:29 AM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.4.9600.1638468401cf4b1ae0158a0a4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exed4a1f0ec-b70e-11e3-8257-c03fd538b4d3microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (03/29/2014 01:34:27 AM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.4.9600.1638414b401cf4add8c9e60db4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe801e5f2f-b6d1-11e3-8256-c03fd538b4d3microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 12236.27 MB
Available physical RAM: 8597.38 MB
Total Pagefile: 14668.27 MB
Available Pagefile: 9615 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:920.8 GB) (Free:884.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (TectRoyal 2014) (Fixed) (Total:915.95 GB) (Free:893.16 GB) NTFS
Drive f: (TR FILESAFE) (Removable) (Total:119.21 GB) (Free:119.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 5CF5C1CF)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 119 GB) (Disk ID: 4BD5CF4E)
Partition 1: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Herzlichen Gruß
Alexander

Während der FRST lief wurde eine Fehlermeldung generiert, die auf den Fehlercode 0x80030002:%1 referenziert. Die betroffene Datei ist "install.rdf", Typ: RDF Datei, Änderungsdatum 15.1.2014 10:45 (da hatte ich den Rechner noch garnicht) Größe 1013 Bytes.
Gruß Alexander

cosinus · 31.03.2014, 17:43

Schach spielen Jürgen und ich bei chessmail.de, kannst mich ja mal einladen wenn du Zeit hast

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

TectRoyal · 31.03.2014, 19:13

Hallo Cosinus,

nun habe ich den Adware und den JRT laufen lassen, danach den FRST und alle Ergebnisse sind in der ZIP-Datei. Und wie kriege ich die jetzt hier in die Msg rein?

Tut mir leid, dass ich mich so dubbelig anstelle, aber die neue Windows 8.1 Umgebung kenne ich überhaupt nicht mehr.

Leider werde ich immer noch umgeleitet, wenn ich z.B. auf diese Seite (Forum) gehe. Macht es denn Sinn den Firefox zu deinstallieren und neu zu laden?

Herzliche Grüße
Alexander

cosinus · 31.03.2014, 22:06

Bitte keine Logs hier anhängen. Alles wurde gesagt wie du die Ergebnisse posten sollst zB das hier (Logs notfalls aufteilen und über mehrere Beiträge posten)

TectRoyal · 01.04.2014, 10:52

Guten Morgen Cosinus,

nun, dann poste ich mal hier hinein (so viel ist es heute auch nicht):

Ergebnis: ADW(R0):
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 31/03/2014 um 19:37:31
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Alexander - ARBEITSPLATZ01
# Gestartet von : C:\Users\Alexander\Downloads\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : IePluginService
Dienst Gefunden : MgAssistService
Dienst Gefunden : Wpm

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qone8.xml
Datei Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Datei Gefunden : C:\Users\Alexander\Desktop\Mobogenie.lnk
Ordner Gefunden C:\Program Files (x86)\Mobogenie
Ordner Gefunden C:\Program Files (x86)\SearchProtect
Ordner Gefunden C:\Program Files (x86)\SupTab
Ordner Gefunden C:\ProgramData\IePluginService
Ordner Gefunden C:\ProgramData\WPM
Ordner Gefunden C:\Users\ALEXAN~1\AppData\Local\Temp\Smartbar
Ordner Gefunden C:\Users\Alexander\AppData\Local\Mobogenie
Ordner Gefunden C:\Users\Alexander\AppData\Local\Pokki
Ordner Gefunden C:\Users\Alexander\AppData\Local\SearchProtect
Ordner Gefunden C:\Users\Alexander\AppData\Local\Smartbar
Ordner Gefunden C:\Users\Alexander\AppData\LocalLow\Smartbar
Ordner Gefunden C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Ordner Gefunden C:\Users\Alexander\AppData\Roaming\pdfforge
Ordner Gefunden C:\Users\Alexander\AppData\Roaming\SupTab
Ordner Gefunden C:\Users\Alexander\Documents\Mobogenie

***** [ Verknüpfungen ] *****

Verknüpfung Gefunden : C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://start.qone8.com/?type=sc&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N )
Verknüpfung Gefunden : C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://start.qone8.com/?type=sc&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N )

***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
Schlüssel Gefunden : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Schlüssel Gefunden : HKCU\Software\Classes\Directory\shell\pokki
Schlüssel Gefunden : HKCU\Software\Classes\Drive\shell\pokki
Schlüssel Gefunden : HKCU\Software\Classes\lnkfile\shell\pokki
Schlüssel Gefunden : HKCU\Software\Classes\pokki
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gefunden : HKCU\Software\Pokki
Schlüssel Gefunden : HKCU\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\smartbarbackup
Schlüssel Gefunden : HKCU\Software\smartbarlog
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\Pokki
Schlüssel Gefunden : [x64] HKCU\Software\SmartBar
Schlüssel Gefunden : [x64] HKCU\Software\smartbarbackup
Schlüssel Gefunden : [x64] HKCU\Software\smartbarlog
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm
Schlüssel Gefunden : HKLM\Software\qone8Software
Schlüssel Gefunden : HKLM\Software\SearchProtect
Schlüssel Gefunden : HKLM\Software\supTab
Schlüssel Gefunden : HKLM\Software\supWPM
Schlüssel Gefunden : HKLM\Software\Uniblue
Schlüssel Gefunden : HKLM\Software\Wpm
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWc,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWc,&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWc,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWc,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWc,&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUeW4YgMJteX2qhG-UU0UlKkhA58Myi_TmVOYeh5ConiBNqWGuag42VFoDTBOdJu3fiT80keJYjVKP6FSWjWPtMMJzoxn3AyYm-xHliORhpw3mY_LIsY6HmLUGkJu2OWQ,&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.qone8.com/?type=hp&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.qone8.com/web/?type=ds&ts=1396078966&from=adks&uid=ST2000DM001-1CH164_Z1E6ME3NXXXXZ1E6ME3N&q={searchTerms}

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\l8jk90oa.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [13528 octets] - [31/03/2014 19:37:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13589 octets] ##########

--- --- ---

Ergebnis ADW(S0):
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 31/03/2014 um 19:37:52
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Alexander - ARBEITSPLATZ01
# Gestartet von : C:\Users\Alexander\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : IePluginService
Dienst Gelöscht : MgAssistService
Dienst Gelöscht : Wpm

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Users\Alexander\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Alexander\AppData\Local\Pokki
Ordner Gelöscht : C:\Users\Alexander\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Alexander\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\ALEXAN~1\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Alexander\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Ordner Gelöscht : C:\Users\Alexander\Documents\Mobogenie
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
Datei Gelöscht : C:\Users\Alexander\Desktop\Mobogenie.lnk
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qone8.xml

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Alexander\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Directory\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Drive\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\lnkfile\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKLM\Software\qone8Software
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\l8jk90oa.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [13762 octets] - [31/03/2014 19:37:31]
AdwCleaner[S0].txt - [10369 octets] - [31/03/2014 19:37:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10430 octets] ##########

--- --- ---

Ergebnis JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8.1 x64
Ran by Alexander on 31.03.2014 at 19:47:44,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.03.2014 at 19:52:13,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ergebnis FSRT: sende ich in einer zweiter Message

Herzliche Grüße
TectRoyal (Alexander)

Nun das Ergebnis vom FRST:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Alexander (administrator) on ARBEITSPLATZ01 on 31-03-2014 20:02:57
Running from C:\Users\Alexander\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
() C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurf157.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\jmesoft\Service.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Revizer) C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
() C:\Windows\jmesoft\JME_LOAD.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] - C:\WINDOWS\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo)
HKLM-x32\...\Run: [jmesoft] - C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-16] ()
HKLM-x32\...\Run: [LVT] - C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo App Shop] - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-19] (Intel Corporation)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2014-03-29] (RealNetworks, Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2712879693-1085652998-2071342517-1001\...\Run: [BlockNSurf] - C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe [104448 2014-03-29] (Revizer)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {5613BAD6-6C53-43C6-88B2-BE3DA76414A8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKCU - {5613BAD6-6C53-43C6-88B2-BE3DA76414A8} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 217.237.150.188 217.237.151.142

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\l8jk90oa.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Redirect Cleaner - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\l8jk90oa.default\Extensions\redirectcleaner@example.net.xpi [2014-03-31]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-01-17]
FF HKCU\...\Firefox\Extensions: [{e919e40d-669b-4732-9991-dbcf47582d16}] - C:\Program Files (x86)\BlockAndSurf-soft\157.xpi
FF Extension: No Name - C:\Program Files (x86)\BlockAndSurf-soft\157.xpi [2014-03-29]

==================== Services (Whitelisted) =================

R2 BlockAndSurf; C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurf157.exe [196096 2014-03-29] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] ()
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [585032 2013-09-17] (LENOVO INCORPORATED.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [103656 2013-10-21] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-01-18] (Microsoft Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-29] (StdLib)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-31 19:47 - 2014-03-31 19:47 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-31 19:37 - 2014-03-31 19:39 - 00000000 ____D () C:\AdwCleaner
2014-03-31 18:56 - 2014-03-31 18:56 - 01038974 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-03-31 18:55 - 2014-03-31 18:55 - 01950720 _____ () C:\Users\Alexander\Downloads\adwcleaner.exe
2014-03-31 18:23 - 2014-03-31 18:23 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-31 18:22 - 2014-03-31 18:22 - 01110476 _____ () C:\Users\Alexander\Downloads\7z920.exe
2014-03-31 18:14 - 2014-03-31 18:15 - 00039726 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-03-31 18:09 - 2014-03-31 20:02 - 00019157 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-03-31 18:09 - 2014-03-31 20:02 - 00000000 ____D () C:\FRST
2014-03-31 18:06 - 2014-03-31 18:06 - 02157056 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2014-03-31 12:26 - 2014-03-31 12:33 - 00000000 ____D () C:\Users\Alexander\Documents\ELOFA Änderung SDB
2014-03-30 23:22 - 2014-03-31 19:57 - 00003360 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 23:22 - 2014-03-31 19:57 - 00003308 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 19:14 - 2014-03-30 19:14 - 00000000 ____D () C:\Users\Alexander\Documents\OneNote-Notizbücher
2014-03-30 11:50 - 2014-03-30 11:52 - 00000000 ____D () C:\Users\Alexander\Documents\Office2013 Schulungsdateien
2014-03-30 09:55 - 2014-03-30 09:59 - 00003382 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:55 - 2014-03-30 09:59 - 00003330 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:55 - 2014-03-30 09:55 - 00003402 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 21:15 - 2014-03-29 21:15 - 00099919 _____ () C:\Users\Alexander\Downloads\videocacheview265_Download.zip
2014-03-29 21:06 - 2014-03-29 21:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Macromedia
2014-03-29 21:04 - 2014-03-29 21:04 - 00002197 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-03-29 19:05 - 2014-03-29 19:07 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Mozilla
2014-03-29 19:05 - 2014-03-29 19:05 - 00001174 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-29 19:05 - 2014-03-29 19:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 18:49 - 2014-03-29 18:49 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-29 18:49 - 2014-03-29 18:49 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\LSC
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\tmp
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\hps
2014-03-29 17:01 - 2014-03-29 17:01 - 00011264 ___SH () C:\Users\Alexander\Desktop\Thumbs.db
2014-03-29 16:45 - 2014-03-31 18:47 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Microsoft Help
2014-03-29 16:06 - 2014-03-29 16:06 - 00086904 _____ () C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-29 16:06 - 2014-03-29 16:06 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\PDF Architect
2014-03-29 16:01 - 2014-03-29 16:04 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-29 16:01 - 2014-03-29 16:01 - 00001058 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00001020 _____ () C:\Users\Alexander\Desktop\PDF Architect.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Users\Alexander\Documents\PDF Architect Files
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-29 16:01 - 2013-04-09 15:13 - 00110264 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2014-03-29 16:01 - 2013-01-09 15:52 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2014-03-29 16:01 - 2012-05-05 11:54 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2014-03-29 16:01 - 2012-05-05 11:54 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMAPI32.OCX
2014-03-29 16:01 - 2012-05-05 11:54 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIDE.DLL
2014-03-29 16:01 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2014-03-29 16:01 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2014-03-29 16:01 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2014-03-29 15:54 - 2014-03-29 15:57 - 69734576 _____ (pdfforge ) C:\Users\Alexander\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\FileOpen
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\ProgramData\FileOpen
2014-03-29 15:26 - 2014-03-30 14:00 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro PDF
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Local\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\ProgramData\ATI
2014-03-29 15:18 - 2014-03-29 15:18 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\WebApp
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\Documents\CyberLink
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\CyberLink
2014-03-29 12:08 - 2014-03-29 12:08 - 00000000 ____D () C:\Users\Alexander\Desktop\Alte Firefox-Daten
2014-03-29 11:58 - 2014-03-31 19:57 - 00000000 ____D () C:\Users\Alexander\Documents\Outlook-Dateien
2014-03-29 11:37 - 2014-03-31 19:57 - 00005176 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSPLATZ01-Alexander Arbeitsplatz01
2014-03-29 11:37 - 2014-03-29 11:37 - 00003116 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 11:15 - 2013-09-23 14:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-03-29 10:53 - 2014-03-29 10:53 - 00003570 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-03-29 10:30 - 2014-03-29 10:30 - 00061112 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLibG64.sys
2014-03-29 09:41 - 2014-03-29 09:44 - 00001130 _____ () C:\Users\Alexander\Desktop\Flash Player Pro.lnk
2014-03-29 09:41 - 2014-03-29 09:44 - 00000000 ____D () C:\Program Files (x86)\Flash Player Pro
2014-03-29 09:41 - 2014-03-29 09:41 - 00000000 ____D () C:\Users\Alexander\Documents\Flash Player Pro
2014-03-29 09:38 - 2014-03-29 09:38 - 00229664 _____ (Premium Installer ) C:\Users\Alexander\Downloads\Media_Player_Setup.exe
2014-03-29 09:36 - 2014-03-29 09:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-29 09:36 - 2014-03-02 15:05 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-29 09:32 - 2014-03-29 09:32 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-29 09:32 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-29 09:32 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-29 09:32 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-29 09:32 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-29 09:32 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-29 09:32 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-29 09:32 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-29 09:32 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-29 09:32 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-29 09:32 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-29 09:32 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-29 09:32 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-29 09:32 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-29 09:32 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-29 09:32 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-29 09:32 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-29 09:32 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-29 09:32 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-29 09:32 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-03-29 09:32 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-29 09:32 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-03-29 09:32 - 2014-02-06 12:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-29 09:32 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-29 09:32 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-03-29 09:32 - 2014-02-06 12:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-03-29 09:32 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-03-29 09:32 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-03-29 09:32 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-29 09:32 - 2014-02-06 12:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-29 09:32 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-03-29 09:32 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-29 09:32 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-29 09:32 - 2014-02-06 11:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-03-29 09:32 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-03-29 09:32 - 2014-02-06 11:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-03-29 09:32 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-29 09:32 - 2014-02-06 11:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-03-29 09:31 - 2014-03-29 10:48 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-03-29 09:31 - 2014-03-29 10:48 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-03-29 09:31 - 2014-03-29 09:55 - 00000380 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-03-29 09:31 - 2014-03-29 09:31 - 00002818 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-03-29 09:29 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-29 09:29 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-29 09:29 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-29 09:29 - 2014-01-31 18:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-29 09:29 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-29 09:29 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-29 09:29 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-29 09:29 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-29 09:29 - 2014-01-29 11:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-29 09:29 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-29 09:29 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-29 09:29 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-29 09:29 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-29 09:29 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-29 09:29 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-29 09:29 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-29 09:29 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-29 09:29 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-29 09:29 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-29 09:29 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-29 09:29 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-29 09:29 - 2014-01-27 20:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-29 09:29 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-29 09:29 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-29 09:29 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-29 09:29 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-29 09:29 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-29 09:29 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-29 09:29 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-29 09:29 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-29 09:29 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-29 09:29 - 2014-01-27 13:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-29 09:29 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-29 09:29 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-29 09:29 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-29 09:29 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-29 09:28 - 2014-01-08 03:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-29 09:28 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-29 09:28 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-29 09:28 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-29 09:28 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-29 09:28 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-29 09:28 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-29 09:28 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-29 09:28 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-29 09:28 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-29 09:28 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-29 09:28 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-29 09:28 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-29 09:28 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-29 09:28 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-29 09:28 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-29 09:28 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-29 09:28 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-29 09:28 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-29 09:28 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-29 09:28 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-29 09:28 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-29 09:28 - 2013-12-27 11:21 - 13192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-03-29 09:28 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-29 09:28 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-29 09:28 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-29 09:28 - 2013-12-27 09:27 - 11688448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-03-29 09:28 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-29 09:28 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-29 09:28 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-29 09:28 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-29 09:28 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-29 09:28 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-29 09:28 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-29 09:28 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-29 09:28 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-29 09:28 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-29 09:28 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-29 09:28 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-29 09:28 - 2013-12-09 01:43 - 01104896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-03-29 09:28 - 2013-12-09 01:25 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-03-29 09:27 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-29 09:27 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-29 09:26 - 2013-11-27 17:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-03-29 09:26 - 2013-11-27 13:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-03-29 09:26 - 2013-11-27 10:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-29 09:26 - 2013-11-27 10:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-29 09:26 - 2013-11-27 10:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-03-29 09:26 - 2013-11-27 10:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-03-29 09:26 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-29 09:26 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-29 09:26 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-29 09:23 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-29 09:23 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-29 09:22 - 2013-12-09 02:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-03-29 09:22 - 2013-12-09 02:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-03-29 09:22 - 2013-11-27 17:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-03-29 09:22 - 2013-11-27 17:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-03-29 09:22 - 2013-11-27 16:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-03-29 09:22 - 2013-11-27 15:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-03-29 09:22 - 2013-11-27 14:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-03-29 09:22 - 2013-11-27 12:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-03-29 09:22 - 2013-11-27 11:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-03-29 09:22 - 2013-11-27 11:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-03-29 09:22 - 2013-11-27 11:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-03-29 09:22 - 2013-11-27 11:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-03-29 09:22 - 2013-11-27 10:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-03-29 09:22 - 2013-11-27 10:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-03-29 09:22 - 2013-11-27 10:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-03-29 09:22 - 2013-11-26 15:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-03-29 09:22 - 2013-11-26 15:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-03-29 09:22 - 2013-11-26 13:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-03-29 09:22 - 2013-11-25 03:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-03-29 09:22 - 2013-11-25 03:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-03-29 09:22 - 2013-11-25 01:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-03-29 09:22 - 2013-11-25 01:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-03-29 09:22 - 2013-11-23 14:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-03-29 09:22 - 2013-11-23 09:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-03-29 09:22 - 2013-11-23 09:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-03-29 09:22 - 2013-11-23 09:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-03-29 09:22 - 2013-11-23 06:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-03-29 09:22 - 2013-11-23 05:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-03-29 09:22 - 2013-11-23 05:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-03-29 09:22 - 2013-11-21 08:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-03-29 09:22 - 2013-11-21 08:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-03-29 09:22 - 2013-11-15 16:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-03-29 09:22 - 2013-11-15 16:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-03-29 09:22 - 2013-11-15 16:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-03-29 09:22 - 2013-11-15 15:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-03-29 09:22 - 2013-10-31 02:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-03-29 09:22 - 2013-10-31 01:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-03-29 09:20 - 2013-12-11 09:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-03-29 09:17 - 2013-11-11 04:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-03-29 09:17 - 2013-11-09 08:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-03-29 09:17 - 2013-11-09 07:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-03-29 09:17 - 2013-11-08 12:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-03-29 09:17 - 2013-11-08 06:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-03-29 09:17 - 2013-11-08 06:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-03-29 09:17 - 2013-11-08 06:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-03-29 09:17 - 2013-11-08 05:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-03-29 09:17 - 2013-11-08 05:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-03-29 09:17 - 2013-11-05 16:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-03-29 09:17 - 2013-11-05 15:17 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-03-29 09:17 - 2013-11-04 15:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-03-29 09:17 - 2013-11-04 13:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-03-29 09:17 - 2013-11-04 12:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-03-29 09:17 - 2013-11-04 04:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-03-29 09:17 - 2013-11-04 03:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-03-29 09:17 - 2013-11-01 13:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-03-29 09:17 - 2013-11-01 08:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-03-29 09:17 - 2013-11-01 07:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-03-29 09:17 - 2013-10-31 02:58 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-03-29 09:17 - 2013-10-31 02:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-03-29 09:17 - 2013-10-31 02:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-03-29 09:17 - 2013-10-31 02:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-03-29 09:17 - 2013-10-26 03:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-03-29 09:17 - 2013-10-24 11:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-03-29 09:17 - 2013-10-24 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-03-29 09:17 - 2013-10-17 13:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-03-29 09:17 - 2013-10-17 12:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-03-29 09:17 - 2013-10-05 16:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-03-29 09:17 - 2013-10-05 16:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-03-29 09:17 - 2013-10-05 14:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-03-29 09:17 - 2013-10-05 14:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-03-29 09:16 - 2014-03-29 09:16 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:16 - 00000324 _____ () C:\Users\Alexander\AppData\Roaming\aps.uninstall.scan.results
2014-03-29 09:15 - 2014-03-29 09:15 - 00272896 _____ (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00201872 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5016.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5032.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00001295 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-03-29 09:14 - 2014-03-29 15:34 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Real
2014-03-29 09:14 - 2014-03-29 09:15 - 00000000 ____D () C:\Program Files (x86)\Real
2014-03-29 09:13 - 2014-03-31 19:57 - 00000442 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-03-29 09:13 - 2014-03-31 19:56 - 00000446 _____ () C:\WINDOWS\Tasks\BlockAndSurf_wd.job
2014-03-29 09:13 - 2014-03-29 09:30 - 00000000 ____D () C:\Program Files (x86)\BlockAndSurf-soft
2014-03-29 09:13 - 2014-03-29 09:13 - 00003090 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-03-29 09:13 - 2014-03-29 09:13 - 00003034 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf_wd
2014-03-29 09:13 - 2014-03-29 09:13 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-29 09:09 - 2014-03-29 09:21 - 00000000 ____D () C:\ProgramData\Real
2014-03-29 09:09 - 2014-03-28 17:38 - 01172776 _____ (AnyProtect.com) C:\Users\Alexander\AppData\Local\AnyProtectScannerSetup.exe
2014-03-29 09:07 - 2014-01-07 07:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-03-29 09:07 - 2014-01-07 06:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-03-29 09:07 - 2013-12-09 02:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-03-29 09:07 - 2013-12-09 01:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-03-29 09:07 - 2013-11-21 08:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-03-29 09:07 - 2013-11-21 07:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-03-29 09:07 - 2013-10-19 10:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-03-29 09:07 - 2013-10-19 09:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-03-29 09:04 - 2013-12-09 04:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-03-29 09:04 - 2013-12-09 03:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-03-29 09:04 - 2013-10-15 10:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-03-29 09:04 - 2013-10-15 10:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-03-29 09:03 - 2014-03-29 19:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Mozilla
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-29 08:57 - 2014-03-29 09:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\cache
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\.android
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 _____ () C:\Users\Alexander\daemonprocess.txt
2014-03-29 08:53 - 2014-03-29 08:54 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LPT
2014-03-29 08:50 - 2014-03-31 16:10 - 00002183 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startmenü.lnk
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-03-29 01:33 - 2014-03-29 01:33 - 00000000 ____D () C:\Users\Alexander\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-29 01:18 - 2014-03-29 01:18 - 00000000 __RHD () C:\MSOCache
2014-03-29 01:05 - 2014-03-29 21:05 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-03-29 01:05 - 2014-03-29 18:49 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LSC
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-03-29 00:58 - 2014-03-29 10:57 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-29 00:58 - 2014-03-29 10:56 - 00962240 _____ (Microsoft Corporation) C:\Users\Alexander\Downloads\Setup.X86.de-DE_HomeBusinessRetail_5cf0bcd6-92ef-4fef-b9b2-43d327b58416_TX_DB_.exe
2014-03-29 00:45 - 2014-03-31 20:01 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 00:45 - 2014-03-31 20:00 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{514E0437-3AB4-468C-B646-7FAA7ADECD18}
2014-03-29 00:42 - 2014-03-31 19:57 - 00000000 __RDO () C:\Users\Alexander\SkyDrive
2014-03-29 00:41 - 2014-03-29 08:50 - 00002337 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Public\Pokki
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Intel Corporation
2014-03-29 00:40 - 2014-03-31 19:56 - 00000369 _____ () C:\Users\Alexander\AppData\Local\RegisteredPackageInformation.xml
2014-03-29 00:40 - 2014-03-31 19:39 - 00001026 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-29 00:40 - 2014-03-30 19:14 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-29 00:40 - 2014-03-30 11:52 - 00000000 ____D () C:\Users\Alexander\AppData\Local\VirtualStore
2014-03-29 00:40 - 2014-03-29 10:53 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-29 00:40 - 2014-03-29 01:04 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Adobe
2014-03-29 00:40 - 2014-03-29 00:42 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Lenovo
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Lenovo
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Power2Go
2014-03-29 00:39 - 2014-03-31 10:29 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Packages
2014-03-29 00:39 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander
2014-03-29 00:39 - 2014-03-29 00:39 - 00000020 ___SH () C:\Users\Alexander\ntuser.ini
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Vorlagen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Startmenü
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Netzwerkumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Lokale Einstellungen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Eigene Dateien
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Druckumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Musik
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Bilder
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Verlauf
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 ____D () C:\ProgramData\eBay
2014-03-29 00:39 - 2014-01-17 19:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Macromedia
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-29 00:30 - 2014-03-31 13:38 - 01599294 _____ () C:\WINDOWS\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2014-03-31 20:03 - 2014-03-31 18:09 - 00019157 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-03-31 20:02 - 2014-03-31 18:09 - 00000000 ____D () C:\FRST
2014-03-31 20:01 - 2014-03-29 00:45 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-31 20:01 - 2014-01-17 19:35 - 00001871 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2014-03-31 20:00 - 2014-03-29 00:45 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{514E0437-3AB4-468C-B646-7FAA7ADECD18}
2014-03-31 20:00 - 2014-01-18 04:01 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-31 20:00 - 2014-01-18 04:01 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-31 20:00 - 2013-08-31 17:40 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-31 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-31 19:57 - 2014-03-30 23:22 - 00003360 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-31 19:57 - 2014-03-30 23:22 - 00003308 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-31 19:57 - 2014-03-29 11:58 - 00000000 ____D () C:\Users\Alexander\Documents\Outlook-Dateien
2014-03-31 19:57 - 2014-03-29 11:37 - 00005176 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSPLATZ01-Alexander Arbeitsplatz01
2014-03-31 19:57 - 2014-03-29 09:13 - 00000442 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-03-31 19:57 - 2014-03-29 00:42 - 00000000 __RDO () C:\Users\Alexander\SkyDrive
2014-03-31 19:56 - 2014-03-29 09:13 - 00000446 _____ () C:\WINDOWS\Tasks\BlockAndSurf_wd.job
2014-03-31 19:56 - 2014-03-29 00:40 - 00000369 _____ () C:\Users\Alexander\AppData\Local\RegisteredPackageInformation.xml
2014-03-31 19:55 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-31 19:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-31 19:47 - 2014-03-31 19:47 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-31 19:41 - 2014-01-17 19:34 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-03-31 19:40 - 2013-08-31 17:36 - 00009586 _____ () C:\WINDOWS\PFRO.log
2014-03-31 19:39 - 2014-03-31 19:37 - 00000000 ____D () C:\AdwCleaner
2014-03-31 19:39 - 2014-03-29 00:40 - 00001026 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-31 18:56 - 2014-03-31 18:56 - 01038974 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-03-31 18:55 - 2014-03-31 18:55 - 01950720 _____ () C:\Users\Alexander\Downloads\adwcleaner.exe
2014-03-31 18:47 - 2014-03-29 16:45 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Microsoft Help
2014-03-31 18:23 - 2014-03-31 18:23 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-31 18:22 - 2014-03-31 18:22 - 01110476 _____ () C:\Users\Alexander\Downloads\7z920.exe
2014-03-31 18:15 - 2014-03-31 18:14 - 00039726 _____ () C:\Users\Alexander\Downloads\Addition.txt
2014-03-31 18:06 - 2014-03-31 18:06 - 02157056 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2014-03-31 16:10 - 2014-03-29 08:50 - 00002183 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startmenü.lnk
2014-03-31 13:38 - 2014-03-29 00:30 - 01599294 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-31 12:33 - 2014-03-31 12:26 - 00000000 ____D () C:\Users\Alexander\Documents\ELOFA Änderung SDB
2014-03-31 10:29 - 2014-03-29 00:39 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Packages
2014-03-31 09:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-31 07:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-30 19:14 - 2014-03-30 19:14 - 00000000 ____D () C:\Users\Alexander\Documents\OneNote-Notizbücher
2014-03-30 19:14 - 2014-03-29 00:40 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-30 14:22 - 2013-08-22 16:46 - 00018232 _____ () C:\WINDOWS\setupact.log
2014-03-30 14:00 - 2014-03-29 15:26 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro PDF
2014-03-30 11:52 - 2014-03-30 11:50 - 00000000 ____D () C:\Users\Alexander\Documents\Office2013 Schulungsdateien
2014-03-30 11:52 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\VirtualStore
2014-03-30 09:59 - 2014-03-30 09:55 - 00003382 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:59 - 2014-03-30 09:55 - 00003330 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:55 - 2014-03-30 09:55 - 00003402 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 21:15 - 2014-03-29 21:15 - 00099919 _____ () C:\Users\Alexander\Downloads\videocacheview265_Download.zip
2014-03-29 21:06 - 2014-03-29 21:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Macromedia
2014-03-29 21:05 - 2014-03-29 01:05 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-03-29 21:04 - 2014-03-29 21:04 - 00002197 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-03-29 20:44 - 2014-01-17 19:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-03-29 19:07 - 2014-03-29 19:05 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Mozilla
2014-03-29 19:05 - 2014-03-29 19:05 - 00001174 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-29 19:05 - 2014-03-29 19:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 19:05 - 2014-03-29 09:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 18:56 - 2014-01-17 19:16 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-29 18:56 - 2014-01-17 19:16 - 00000000 ____D () C:\Program Files\lenovo
2014-03-29 18:49 - 2014-03-29 18:49 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-29 18:49 - 2014-03-29 18:49 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\LSC
2014-03-29 18:49 - 2014-03-29 01:05 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LSC
2014-03-29 18:48 - 2014-01-17 19:40 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\tmp
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\hps
2014-03-29 17:01 - 2014-03-29 17:01 - 00011264 ___SH () C:\Users\Alexander\Desktop\Thumbs.db
2014-03-29 16:06 - 2014-03-29 16:06 - 00086904 _____ () C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-29 16:06 - 2014-03-29 16:06 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\PDF Architect
2014-03-29 16:04 - 2014-03-29 16:01 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-29 16:01 - 2014-03-29 16:01 - 00001058 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00001020 _____ () C:\Users\Alexander\Desktop\PDF Architect.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Users\Alexander\Documents\PDF Architect Files
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-29 15:57 - 2014-03-29 15:54 - 69734576 _____ (pdfforge ) C:\Users\Alexander\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\FileOpen
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\ProgramData\FileOpen
2014-03-29 15:34 - 2014-03-29 09:14 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Real
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Local\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\ProgramData\ATI
2014-03-29 15:18 - 2014-03-29 15:18 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\WebApp
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\Documents\CyberLink
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\CyberLink
2014-03-29 15:17 - 2014-01-17 19:37 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-29 12:08 - 2014-03-29 12:08 - 00000000 ____D () C:\Users\Alexander\Desktop\Alte Firefox-Daten
2014-03-29 11:37 - 2014-03-29 11:37 - 00003116 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 11:09 - 2014-01-17 19:34 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-03-29 11:08 - 2014-01-17 19:34 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-29 11:08 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-03-29 10:57 - 2014-03-29 00:58 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-29 10:56 - 2014-03-29 00:58 - 00962240 _____ (Microsoft Corporation) C:\Users\Alexander\Downloads\Setup.X86.de-DE_HomeBusinessRetail_5cf0bcd6-92ef-4fef-b9b2-43d327b58416_TX_DB_.exe
2014-03-29 10:53 - 2014-03-29 10:53 - 00003570 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-03-29 10:53 - 2014-03-29 00:40 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-29 10:48 - 2014-03-29 09:31 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-03-29 10:48 - 2014-03-29 09:31 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-03-29 10:48 - 2013-08-22 16:44 - 00379704 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-29 10:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-29 10:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-29 10:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-29 10:30 - 2014-03-29 10:30 - 00061112 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLibG64.sys
2014-03-29 09:55 - 2014-03-29 09:31 - 00000380 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-03-29 09:44 - 2014-03-29 09:41 - 00001130 _____ () C:\Users\Alexander\Desktop\Flash Player Pro.lnk
2014-03-29 09:44 - 2014-03-29 09:41 - 00000000 ____D () C:\Program Files (x86)\Flash Player Pro
2014-03-29 09:41 - 2014-03-29 09:41 - 00000000 ____D () C:\Users\Alexander\Documents\Flash Player Pro
2014-03-29 09:38 - 2014-03-29 09:38 - 00229664 _____ (Premium Installer ) C:\Users\Alexander\Downloads\Media_Player_Setup.exe
2014-03-29 09:37 - 2014-03-29 09:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-29 09:36 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-29 09:32 - 2014-03-29 09:32 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-29 09:31 - 2014-03-29 09:31 - 00002818 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-03-29 09:30 - 2014-03-29 09:13 - 00000000 ____D () C:\Program Files (x86)\BlockAndSurf-soft
2014-03-29 09:21 - 2014-03-29 09:09 - 00000000 ____D () C:\ProgramData\Real
2014-03-29 09:16 - 2014-03-29 09:16 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\RealNetworks
2014-03-29 09:16 - 2014-03-29 09:15 - 00000324 _____ () C:\Users\Alexander\AppData\Roaming\aps.uninstall.scan.results
2014-03-29 09:15 - 2014-03-29 09:15 - 00272896 _____ (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00201872 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5016.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5032.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00001295 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:14 - 00000000 ____D () C:\Program Files (x86)\Real
2014-03-29 09:14 - 2014-01-17 19:35 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2014-03-29 09:14 - 2014-01-17 19:35 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2014-03-29 09:13 - 2014-03-29 09:13 - 00003090 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-03-29 09:13 - 2014-03-29 09:13 - 00003034 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf_wd
2014-03-29 09:13 - 2014-03-29 09:13 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-29 09:13 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-03-29 09:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Mozilla
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-29 09:00 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\AppData\Local\cache
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\.android
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 _____ () C:\Users\Alexander\daemonprocess.txt
2014-03-29 08:57 - 2014-03-29 00:39 - 00000000 ____D () C:\Users\Alexander
2014-03-29 08:54 - 2014-03-29 08:53 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LPT
2014-03-29 08:50 - 2014-03-29 00:41 - 00002337 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-03-29 07:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-29 07:15 - 2013-08-22 15:36 - 00000000 ___HD () C:\Users\Default
2014-03-29 01:33 - 2014-03-29 01:33 - 00000000 ____D () C:\Users\Alexander\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-29 01:18 - 2014-03-29 01:18 - 00000000 __RHD () C:\MSOCache
2014-03-29 01:04 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Adobe
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-03-29 00:42 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Lenovo
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Public\Pokki
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Intel Corporation
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Lenovo
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Power2Go
2014-03-29 00:40 - 2014-01-18 04:46 - 00080744 ____H () C:\WINDOWS\modules.log
2014-03-29 00:39 - 2014-03-29 00:39 - 00000020 ___SH () C:\Users\Alexander\ntuser.ini
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Vorlagen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Startmenü
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Netzwerkumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Lokale Einstellungen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Eigene Dateien
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Druckumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Musik
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Bilder
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Verlauf
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 ____D () C:\ProgramData\eBay
2014-03-29 00:39 - 2013-08-31 18:36 - 00000000 ____D () C:\WINDOWS\Panther
2014-03-29 00:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-03-28 17:38 - 2014-03-29 09:09 - 01172776 _____ (AnyProtect.com) C:\Users\Alexander\AppData\Local\AnyProtectScannerSetup.exe
2014-03-05 00:53 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-05 00:53 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 15:05 - 2014-03-29 09:36 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-01 08:05 - 2014-03-29 09:32 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 06:58 - 2014-03-29 09:32 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 06:30 - 2014-03-29 09:32 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 06:17 - 2014-03-29 09:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 05:54 - 2014-03-29 09:32 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 05:47 - 2014-03-29 09:32 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 05:42 - 2014-03-29 09:32 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 05:18 - 2014-03-29 09:32 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 05:14 - 2014-03-29 09:32 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 05:10 - 2014-03-29 09:32 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 05:03 - 2014-03-29 09:32 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 04:57 - 2014-03-29 09:32 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 04:38 - 2014-03-29 09:32 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 04:32 - 2014-03-29 09:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 04:27 - 2014-03-29 09:32 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 04:25 - 2014-03-29 09:32 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 04:25 - 2014-03-29 09:32 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

Some content of TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\6_Offer_13.exe
C:\Users\Alexander\AppData\Local\Temp\COMAP.EXE
C:\Users\Alexander\AppData\Local\Temp\D1396075956.exe
C:\Users\Alexander\AppData\Local\Temp\dlLogic.exe
C:\Users\Alexander\AppData\Local\Temp\GCVerifier.dll
C:\Users\Alexander\AppData\Local\Temp\lowproc.exe
C:\Users\Alexander\AppData\Local\Temp\Media_Player_Setup.exe
C:\Users\Alexander\AppData\Local\Temp\Mobogenie_INT.exe
C:\Users\Alexander\AppData\Local\Temp\nsc2FF.exe
C:\Users\Alexander\AppData\Local\Temp\nsr187.exe
C:\Users\Alexander\AppData\Local\Temp\nst1F83.exe
C:\Users\Alexander\AppData\Local\Temp\nsz2178.exe
C:\Users\Alexander\AppData\Local\Temp\octD6F1.tmp.exe
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe
C:\Users\Alexander\AppData\Local\Temp\stubhelper.dll
C:\Users\Alexander\AppData\Local\Temp\verifier.exe
C:\Users\Alexander\AppData\Local\Temp\_cwjlrug.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-29 09:29] - [2014-01-31 18:15] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2013-08-31 17:36

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Hallo Cosinus,

hoffentlich kannst Du damit was anfangen. Ich habe irgendwie nicht den Eindruck, dass das Umleiten auf den Browsern aufgehört hätte. Aber vielleicht siehst Du ja noch eine Chance.

Herzl. Grüße
Alexander

cosinus · 01.04.2014, 11:53

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKU\S-1-5-21-2712879693-1085652998-2071342517-1001\...\Run: [BlockNSurf] - C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe [104448 2014-03-29] (Revizer)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
FF HKCU\...\Firefox\Extensions: [{e919e40d-669b-4732-9991-dbcf47582d16}] - C:\Program Files (x86)\BlockAndSurf-soft\157.xpi
FF Extension: No Name - C:\Program Files (x86)\BlockAndSurf-soft\157.xpi [2014-03-29]
R2 BlockAndSurf; C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurf157.exe [196096 2014-03-29] ()
C:\Users\Alexander\AppData\Local\Temp\6_Offer_13.exe
C:\Users\Alexander\AppData\Local\Temp\COMAP.EXE
C:\Users\Alexander\AppData\Local\Temp\D1396075956.exe
C:\Users\Alexander\AppData\Local\Temp\dlLogic.exe
C:\Users\Alexander\AppData\Local\Temp\GCVerifier.dll
C:\Users\Alexander\AppData\Local\Temp\lowproc.exe
C:\Users\Alexander\AppData\Local\Temp\Media_Player_Setup.exe
C:\Users\Alexander\AppData\Local\Temp\Mobogenie_INT.exe
C:\Users\Alexander\AppData\Local\Temp\nsc2FF.exe
C:\Users\Alexander\AppData\Local\Temp\nsr187.exe
C:\Users\Alexander\AppData\Local\Temp\nst1F83.exe
C:\Users\Alexander\AppData\Local\Temp\nsz2178.exe
C:\Users\Alexander\AppData\Local\Temp\octD6F1.tmp.exe
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe
C:\Users\Alexander\AppData\Local\Temp\stubhelper.dll
C:\Users\Alexander\AppData\Local\Temp\verifier.exe
C:\Users\Alexander\AppData\Local\Temp\_cwjlrug.dll
C:\Program Files (x86)\BlockAndSurf-soft

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

TectRoyal · 01.04.2014, 12:57

So, nun habe ich das laufen lassen und danach hat der Rechner neu gestartet. Der Inhalt von FIXLOG.txt ist hier:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Alexander at 2014-04-01 13:47:32 Run:1
Running from C:\Users\Alexander\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-2712879693-1085652998-2071342517-1001\...\Run: [BlockNSurf] - C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe [104448 2014-03-29] (Revizer)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
FF HKCU\...\Firefox\Extensions: [{e919e40d-669b-4732-9991-dbcf47582d16}] - C:\Program Files (x86)\BlockAndSurf-soft\157.xpi
FF Extension: No Name - C:\Program Files (x86)\BlockAndSurf-soft\157.xpi [2014-03-29]
R2 BlockAndSurf; C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurf157.exe [196096 2014-03-29] ()
C:\Users\Alexander\AppData\Local\Temp\6_Offer_13.exe
C:\Users\Alexander\AppData\Local\Temp\COMAP.EXE
C:\Users\Alexander\AppData\Local\Temp\D1396075956.exe
C:\Users\Alexander\AppData\Local\Temp\dlLogic.exe
C:\Users\Alexander\AppData\Local\Temp\GCVerifier.dll
C:\Users\Alexander\AppData\Local\Temp\lowproc.exe
C:\Users\Alexander\AppData\Local\Temp\Media_Player_Setup.exe
C:\Users\Alexander\AppData\Local\Temp\Mobogenie_INT.exe
C:\Users\Alexander\AppData\Local\Temp\nsc2FF.exe
C:\Users\Alexander\AppData\Local\Temp\nsr187.exe
C:\Users\Alexander\AppData\Local\Temp\nst1F83.exe
C:\Users\Alexander\AppData\Local\Temp\nsz2178.exe
C:\Users\Alexander\AppData\Local\Temp\octD6F1.tmp.exe
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe
C:\Users\Alexander\AppData\Local\Temp\stubhelper.dll
C:\Users\Alexander\AppData\Local\Temp\verifier.exe
C:\Users\Alexander\AppData\Local\Temp\_cwjlrug.dll
C:\Program Files (x86)\BlockAndSurf-soft
*****************

HKU\S-1-5-21-2712879693-1085652998-2071342517-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BlockNSurf => Value deleted successfully.
"C:\\PROGRA~2\\SupTab\\SEARCH~2.DLL" => Value Data removed successfully.
"C:\\PROGRA~2\\SupTab\\SEARCH~1.DLL" => Value Data removed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\{e919e40d-669b-4732-9991-dbcf47582d16} => Value deleted successfully.
C:\Program Files (x86)\BlockAndSurf-soft\157.xpi => Moved successfully.
BlockAndSurf => Unable to stop service
BlockAndSurf => Service deleted successfully.
C:\Users\Alexander\AppData\Local\Temp\6_Offer_13.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\COMAP.EXE => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\D1396075956.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\dlLogic.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\GCVerifier.dll => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\lowproc.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\Media_Player_Setup.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\Mobogenie_INT.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\nsc2FF.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\nsr187.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\nst1F83.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\nsz2178.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\octD6F1.tmp.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\stubhelper.dll => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\verifier.exe => Moved successfully.
C:\Users\Alexander\AppData\Local\Temp\_cwjlrug.dll => Moved successfully.
C:\Program Files (x86)\BlockAndSurf-soft => Moved successfully.


The system needed a reboot. 

==== End of Fixlog ====

Viele Grüße
Alexander

cosinus · 01.04.2014, 13:06

Frische FRST Logs bitte, Haken setzen bei additions und dann erst auf Scan klicken

TectRoyal · 01.04.2014, 15:47

Diese Anweisung verstehe ich leider nicht. Willst Du, dass ich das FRST Tool mit Scan laufen lasse? Da gibt es keinen Haken für Additions. Sorry für das "Nichtwissen"

Nun habe ich den FRST nochmal laufen lassen. ADDITION file wurde nicht angelegt (aber ich habe auch keinen Haken gesetzt, weil da keiner für Addition ist). Das Ergebnis (81K):

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Alexander (administrator) on ARBEITSPLATZ01 on 01-04-2014 14:39:53
Running from C:\Users\Alexander\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
() C:\Windows\jmesoft\Service.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] - C:\WINDOWS\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo)
HKLM-x32\...\Run: [jmesoft] - C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-16] ()
HKLM-x32\...\Run: [LVT] - C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo App Shop] - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-19] (Intel Corporation)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2014-03-29] (RealNetworks, Inc.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
Startup: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {5613BAD6-6C53-43C6-88B2-BE3DA76414A8} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {5613BAD6-6C53-43C6-88B2-BE3DA76414A8} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 217.237.150.188 217.237.151.142

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\l8jk90oa.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Redirect Cleaner - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\l8jk90oa.default\Extensions\redirectcleaner@example.net.xpi [2014-03-31]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-01-17]

==================== Services (Whitelisted) =================

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] ()
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [585032 2013-09-17] (LENOVO INCORPORATED.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [103656 2013-10-21] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-01-18] (Microsoft Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-29] (StdLib)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-01 14:21 - 2014-04-01 14:21 - 00000000 ____D () C:\Users\Alexander\Downloads\Alt
2014-03-31 23:27 - 2014-03-31 23:27 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-31 23:00 - 2014-03-31 23:00 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\InstallShield
2014-03-31 23:00 - 2014-03-31 23:00 - 00000000 ____D () C:\Program Files (x86)\Samsung Easy Color Manager
2014-03-31 22:57 - 2014-03-31 22:59 - 49677664 _____ (Macrovision Corporation) C:\Users\Alexander\Downloads\EasyColorManager_V3.02.04.exe
2014-03-31 21:35 - 2014-03-31 21:35 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2014-03-31 19:47 - 2014-03-31 19:47 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-31 19:37 - 2014-03-31 19:39 - 00000000 ____D () C:\AdwCleaner
2014-03-31 18:56 - 2014-03-31 18:56 - 01038974 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-03-31 18:55 - 2014-03-31 18:55 - 01950720 _____ () C:\Users\Alexander\Downloads\adwcleaner.exe
2014-03-31 18:23 - 2014-03-31 18:23 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-31 18:22 - 2014-03-31 18:22 - 01110476 _____ () C:\Users\Alexander\Downloads\7z920.exe
2014-03-31 18:09 - 2014-04-01 14:39 - 00017861 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-03-31 18:09 - 2014-04-01 14:23 - 00000000 ____D () C:\FRST
2014-03-31 18:06 - 2014-03-31 18:06 - 02157056 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2014-03-31 12:26 - 2014-03-31 12:33 - 00000000 ____D () C:\Users\Alexander\Documents\ELOFA Änderung SDB
2014-03-30 23:22 - 2014-04-01 13:53 - 00003360 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 23:22 - 2014-04-01 13:53 - 00003308 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 19:14 - 2014-03-30 19:14 - 00000000 ____D () C:\Users\Alexander\Documents\OneNote-Notizbücher
2014-03-30 11:50 - 2014-03-30 11:52 - 00000000 ____D () C:\Users\Alexander\Documents\Office2013 Schulungsdateien
2014-03-30 09:55 - 2014-03-30 09:59 - 00003382 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:55 - 2014-03-30 09:59 - 00003330 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:55 - 2014-03-30 09:55 - 00003402 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 21:15 - 2014-03-29 21:15 - 00099919 _____ () C:\Users\Alexander\Downloads\videocacheview265_Download.zip
2014-03-29 21:06 - 2014-03-29 21:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Macromedia
2014-03-29 21:04 - 2014-03-29 21:04 - 00002197 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-03-29 19:05 - 2014-03-29 19:07 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Mozilla
2014-03-29 19:05 - 2014-03-29 19:05 - 00001174 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-29 19:05 - 2014-03-29 19:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 18:49 - 2014-03-29 18:49 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-29 18:49 - 2014-03-29 18:49 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\LSC
2014-03-29 18:47 - 2014-04-01 13:10 - 00000000 ____D () C:\ProgramData\hps
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\tmp
2014-03-29 17:01 - 2014-03-29 17:01 - 00011264 ___SH () C:\Users\Alexander\Desktop\Thumbs.db
2014-03-29 16:45 - 2014-03-31 18:47 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Microsoft Help
2014-03-29 16:06 - 2014-03-29 16:06 - 00086904 _____ () C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-29 16:06 - 2014-03-29 16:06 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\PDF Architect
2014-03-29 16:01 - 2014-03-29 16:04 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-29 16:01 - 2014-03-29 16:01 - 00001058 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00001020 _____ () C:\Users\Alexander\Desktop\PDF Architect.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Users\Alexander\Documents\PDF Architect Files
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-29 16:01 - 2013-04-09 15:13 - 00110264 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2014-03-29 16:01 - 2013-01-09 15:52 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2014-03-29 16:01 - 2012-05-05 11:54 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2014-03-29 16:01 - 2012-05-05 11:54 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMAPI32.OCX
2014-03-29 16:01 - 2012-05-05 11:54 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIDE.DLL
2014-03-29 16:01 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2014-03-29 16:01 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2014-03-29 16:01 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2014-03-29 15:54 - 2014-03-29 15:57 - 69734576 _____ (pdfforge ) C:\Users\Alexander\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\FileOpen
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\ProgramData\FileOpen
2014-03-29 15:26 - 2014-03-31 21:34 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro PDF
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Local\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\ProgramData\ATI
2014-03-29 15:18 - 2014-03-29 15:18 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\WebApp
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\Documents\CyberLink
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\CyberLink
2014-03-29 11:58 - 2014-04-01 14:39 - 00000000 ____D () C:\Users\Alexander\Documents\Outlook-Dateien
2014-03-29 11:37 - 2014-04-01 14:14 - 00005174 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSPLATZ01-Alexander Arbeitsplatz01
2014-03-29 11:37 - 2014-03-29 11:37 - 00003116 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 11:15 - 2013-09-23 14:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-03-29 10:53 - 2014-03-29 10:53 - 00003570 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-03-29 10:30 - 2014-03-29 10:30 - 00061112 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLibG64.sys
2014-03-29 09:41 - 2014-03-29 09:44 - 00001130 _____ () C:\Users\Alexander\Desktop\Flash Player Pro.lnk
2014-03-29 09:41 - 2014-03-29 09:44 - 00000000 ____D () C:\Program Files (x86)\Flash Player Pro
2014-03-29 09:41 - 2014-03-29 09:41 - 00000000 ____D () C:\Users\Alexander\Documents\Flash Player Pro
2014-03-29 09:38 - 2014-03-29 09:38 - 00229664 _____ (Premium Installer ) C:\Users\Alexander\Downloads\Media_Player_Setup.exe
2014-03-29 09:36 - 2014-03-29 09:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-29 09:36 - 2014-03-02 15:05 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-29 09:32 - 2014-03-29 09:32 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-29 09:32 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-29 09:32 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-29 09:32 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-29 09:32 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-29 09:32 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-29 09:32 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-29 09:32 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-29 09:32 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-29 09:32 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-29 09:32 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-29 09:32 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-29 09:32 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-29 09:32 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-29 09:32 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-29 09:32 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-29 09:32 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-29 09:32 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-29 09:32 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-29 09:32 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-03-29 09:32 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-29 09:32 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-03-29 09:32 - 2014-02-06 12:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-29 09:32 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-29 09:32 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-03-29 09:32 - 2014-02-06 12:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-03-29 09:32 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-03-29 09:32 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-03-29 09:32 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-29 09:32 - 2014-02-06 12:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-29 09:32 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-03-29 09:32 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-29 09:32 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-29 09:32 - 2014-02-06 11:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-03-29 09:32 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-03-29 09:32 - 2014-02-06 11:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-03-29 09:32 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-29 09:32 - 2014-02-06 11:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-03-29 09:31 - 2014-04-01 09:31 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-03-29 09:31 - 2014-03-29 10:48 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-03-29 09:31 - 2014-03-29 09:55 - 00000380 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-03-29 09:31 - 2014-03-29 09:31 - 00002818 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-03-29 09:29 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-29 09:29 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-29 09:29 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-29 09:29 - 2014-01-31 18:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-29 09:29 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-29 09:29 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-29 09:29 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-29 09:29 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-29 09:29 - 2014-01-29 11:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-29 09:29 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-29 09:29 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-29 09:29 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-29 09:29 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-29 09:29 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-29 09:29 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-29 09:29 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-29 09:29 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-29 09:29 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-29 09:29 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-29 09:29 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-29 09:29 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-29 09:29 - 2014-01-27 20:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-29 09:29 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-29 09:29 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-29 09:29 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-29 09:29 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-29 09:29 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-29 09:29 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-29 09:29 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-29 09:29 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-29 09:29 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-29 09:29 - 2014-01-27 13:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-29 09:29 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-29 09:29 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-29 09:29 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-29 09:29 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-29 09:28 - 2014-01-08 03:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-29 09:28 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-29 09:28 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-29 09:28 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-29 09:28 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-29 09:28 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-29 09:28 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-29 09:28 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-29 09:28 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-29 09:28 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-29 09:28 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-29 09:28 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-29 09:28 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-29 09:28 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-29 09:28 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-29 09:28 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-29 09:28 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-29 09:28 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-29 09:28 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-29 09:28 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-29 09:28 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-29 09:28 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-29 09:28 - 2013-12-27 11:21 - 13192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-03-29 09:28 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-29 09:28 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-29 09:28 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-29 09:28 - 2013-12-27 09:27 - 11688448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-03-29 09:28 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-29 09:28 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-29 09:28 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-29 09:28 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-29 09:28 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-29 09:28 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-29 09:28 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-29 09:28 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-29 09:28 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-29 09:28 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-29 09:28 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-29 09:28 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-29 09:28 - 2013-12-09 01:43 - 01104896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-03-29 09:28 - 2013-12-09 01:25 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-03-29 09:27 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-29 09:27 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-29 09:26 - 2013-11-27 17:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-03-29 09:26 - 2013-11-27 13:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-03-29 09:26 - 2013-11-27 10:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-29 09:26 - 2013-11-27 10:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-29 09:26 - 2013-11-27 10:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-03-29 09:26 - 2013-11-27 10:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-03-29 09:26 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-29 09:26 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-29 09:26 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-29 09:23 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-29 09:23 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-29 09:22 - 2013-12-09 02:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-03-29 09:22 - 2013-12-09 02:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-03-29 09:22 - 2013-11-27 17:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-03-29 09:22 - 2013-11-27 17:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-03-29 09:22 - 2013-11-27 16:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-03-29 09:22 - 2013-11-27 15:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-03-29 09:22 - 2013-11-27 14:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-03-29 09:22 - 2013-11-27 12:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-03-29 09:22 - 2013-11-27 11:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-03-29 09:22 - 2013-11-27 11:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-03-29 09:22 - 2013-11-27 11:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-03-29 09:22 - 2013-11-27 11:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-03-29 09:22 - 2013-11-27 10:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-03-29 09:22 - 2013-11-27 10:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-03-29 09:22 - 2013-11-27 10:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-03-29 09:22 - 2013-11-26 15:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-03-29 09:22 - 2013-11-26 15:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-03-29 09:22 - 2013-11-26 13:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-03-29 09:22 - 2013-11-25 03:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-03-29 09:22 - 2013-11-25 03:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-03-29 09:22 - 2013-11-25 01:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-03-29 09:22 - 2013-11-25 01:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-03-29 09:22 - 2013-11-23 14:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-03-29 09:22 - 2013-11-23 09:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-03-29 09:22 - 2013-11-23 09:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-03-29 09:22 - 2013-11-23 09:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-03-29 09:22 - 2013-11-23 06:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-03-29 09:22 - 2013-11-23 05:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-03-29 09:22 - 2013-11-23 05:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-03-29 09:22 - 2013-11-21 08:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-03-29 09:22 - 2013-11-21 08:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-03-29 09:22 - 2013-11-15 16:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-03-29 09:22 - 2013-11-15 16:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-03-29 09:22 - 2013-11-15 16:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-03-29 09:22 - 2013-11-15 15:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-03-29 09:22 - 2013-10-31 02:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-03-29 09:22 - 2013-10-31 01:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-03-29 09:20 - 2013-12-11 09:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-03-29 09:17 - 2013-11-11 04:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-03-29 09:17 - 2013-11-09 08:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-03-29 09:17 - 2013-11-09 07:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-03-29 09:17 - 2013-11-08 12:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-03-29 09:17 - 2013-11-08 06:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-03-29 09:17 - 2013-11-08 06:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-03-29 09:17 - 2013-11-08 06:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-03-29 09:17 - 2013-11-08 05:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-03-29 09:17 - 2013-11-08 05:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-03-29 09:17 - 2013-11-05 16:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-03-29 09:17 - 2013-11-05 15:17 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-03-29 09:17 - 2013-11-04 15:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-03-29 09:17 - 2013-11-04 13:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-03-29 09:17 - 2013-11-04 12:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-03-29 09:17 - 2013-11-04 04:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-03-29 09:17 - 2013-11-04 03:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-03-29 09:17 - 2013-11-01 13:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-03-29 09:17 - 2013-11-01 08:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-03-29 09:17 - 2013-11-01 07:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-03-29 09:17 - 2013-10-31 02:58 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-03-29 09:17 - 2013-10-31 02:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-03-29 09:17 - 2013-10-31 02:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-03-29 09:17 - 2013-10-31 02:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-03-29 09:17 - 2013-10-26 03:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-03-29 09:17 - 2013-10-24 11:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-03-29 09:17 - 2013-10-24 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-03-29 09:17 - 2013-10-17 13:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-03-29 09:17 - 2013-10-17 12:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-03-29 09:17 - 2013-10-05 16:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-03-29 09:17 - 2013-10-05 16:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-03-29 09:17 - 2013-10-05 14:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-03-29 09:17 - 2013-10-05 14:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-03-29 09:16 - 2014-03-29 09:16 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:16 - 00000324 _____ () C:\Users\Alexander\AppData\Roaming\aps.uninstall.scan.results
2014-03-29 09:15 - 2014-03-29 09:15 - 00272896 _____ (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00201872 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5016.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5032.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00001295 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-03-29 09:14 - 2014-03-29 15:34 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Real
2014-03-29 09:14 - 2014-03-29 09:15 - 00000000 ____D () C:\Program Files (x86)\Real
2014-03-29 09:13 - 2014-04-01 13:53 - 00000446 _____ () C:\WINDOWS\Tasks\BlockAndSurf_wd.job
2014-03-29 09:13 - 2014-04-01 13:53 - 00000442 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-03-29 09:13 - 2014-04-01 13:53 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-03-29 09:13 - 2014-03-29 09:13 - 00003090 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-03-29 09:13 - 2014-03-29 09:13 - 00003034 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf_wd
2014-03-29 09:09 - 2014-03-29 09:21 - 00000000 ____D () C:\ProgramData\Real
2014-03-29 09:09 - 2014-03-28 17:38 - 01172776 _____ (AnyProtect.com) C:\Users\Alexander\AppData\Local\AnyProtectScannerSetup.exe
2014-03-29 09:07 - 2014-01-07 07:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-03-29 09:07 - 2014-01-07 06:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-03-29 09:07 - 2013-12-09 02:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-03-29 09:07 - 2013-12-09 01:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-03-29 09:07 - 2013-11-21 08:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-03-29 09:07 - 2013-11-21 07:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-03-29 09:07 - 2013-10-19 10:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-03-29 09:07 - 2013-10-19 09:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-03-29 09:04 - 2013-12-09 04:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-03-29 09:04 - 2013-12-09 03:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-03-29 09:04 - 2013-10-15 10:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-03-29 09:04 - 2013-10-15 10:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-03-29 09:03 - 2014-03-29 19:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Mozilla
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-29 08:57 - 2014-03-29 09:00 - 00000000 ____D () C:\Users\Alexander\AppData\Local\cache
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\.android
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 _____ () C:\Users\Alexander\daemonprocess.txt
2014-03-29 08:53 - 2014-03-29 08:54 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LPT
2014-03-29 08:50 - 2014-03-31 16:10 - 00002183 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startmenü.lnk
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-03-29 01:33 - 2014-03-29 01:33 - 00000000 ____D () C:\Users\Alexander\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-29 01:18 - 2014-03-29 01:18 - 00000000 __RHD () C:\MSOCache
2014-03-29 01:05 - 2014-03-29 21:05 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-03-29 01:05 - 2014-03-29 18:49 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LSC
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-03-29 00:58 - 2014-03-29 10:57 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-29 00:58 - 2014-03-29 10:56 - 00962240 _____ (Microsoft Corporation) C:\Users\Alexander\Downloads\Setup.X86.de-DE_HomeBusinessRetail_5cf0bcd6-92ef-4fef-b9b2-43d327b58416_TX_DB_.exe
2014-03-29 00:45 - 2014-04-01 13:59 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 00:45 - 2014-04-01 08:41 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{514E0437-3AB4-468C-B646-7FAA7ADECD18}
2014-03-29 00:42 - 2014-04-01 08:38 - 00000000 __RDO () C:\Users\Alexander\SkyDrive
2014-03-29 00:41 - 2014-03-29 08:50 - 00002337 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Public\Pokki
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Intel Corporation
2014-03-29 00:40 - 2014-04-01 13:53 - 00000369 _____ () C:\Users\Alexander\AppData\Local\RegisteredPackageInformation.xml
2014-03-29 00:40 - 2014-03-31 19:39 - 00001026 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-29 00:40 - 2014-03-30 19:14 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-29 00:40 - 2014-03-30 11:52 - 00000000 ____D () C:\Users\Alexander\AppData\Local\VirtualStore
2014-03-29 00:40 - 2014-03-29 10:53 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-29 00:40 - 2014-03-29 01:04 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Adobe
2014-03-29 00:40 - 2014-03-29 00:42 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Lenovo
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Lenovo
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Power2Go
2014-03-29 00:39 - 2014-03-31 10:29 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Packages
2014-03-29 00:39 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander
2014-03-29 00:39 - 2014-03-29 00:39 - 00000020 ___SH () C:\Users\Alexander\ntuser.ini
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Vorlagen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Startmenü
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Netzwerkumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Lokale Einstellungen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Eigene Dateien
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Druckumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Musik
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Bilder
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Verlauf
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 ____D () C:\ProgramData\eBay
2014-03-29 00:39 - 2014-01-17 19:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Macromedia
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-29 00:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-29 00:30 - 2014-04-01 14:09 - 01672287 _____ () C:\WINDOWS\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2014-04-01 14:40 - 2014-03-31 18:09 - 00017861 _____ () C:\Users\Alexander\Downloads\FRST.txt
2014-04-01 14:39 - 2014-03-31 18:09 - 00000000 ____D () C:\FRST
2014-04-01 14:39 - 2014-03-29 11:58 - 00000000 ____D () C:\Users\Alexander\Documents\Outlook-Dateien
2014-04-01 14:21 - 2014-04-01 14:21 - 00000000 ____D () C:\Users\Alexander\Downloads\Alt
2014-04-01 14:14 - 2014-03-29 11:37 - 00005174 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSPLATZ01-Alexander Arbeitsplatz01
2014-04-01 14:09 - 2014-03-29 00:30 - 01672287 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-01 14:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-01 13:59 - 2014-03-29 00:45 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-04-01 13:57 - 2014-01-18 04:01 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-01 13:57 - 2014-01-18 04:01 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-01 13:57 - 2014-01-17 19:35 - 00001871 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2014-04-01 13:57 - 2013-08-31 17:40 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-01 13:53 - 2014-03-30 23:22 - 00003360 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-04-01 13:53 - 2014-03-30 23:22 - 00003308 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-04-01 13:53 - 2014-03-29 09:13 - 00000446 _____ () C:\WINDOWS\Tasks\BlockAndSurf_wd.job
2014-04-01 13:53 - 2014-03-29 09:13 - 00000442 _____ () C:\WINDOWS\Tasks\BlockAndSurf Update.job
2014-04-01 13:53 - 2014-03-29 09:13 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-01 13:53 - 2014-03-29 00:40 - 00000369 _____ () C:\Users\Alexander\AppData\Local\RegisteredPackageInformation.xml
2014-04-01 13:53 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-01 13:52 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-01 13:47 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-04-01 13:10 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\hps
2014-04-01 09:31 - 2014-03-29 09:31 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-04-01 08:41 - 2014-03-29 00:45 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{514E0437-3AB4-468C-B646-7FAA7ADECD18}
2014-04-01 08:38 - 2014-03-29 00:42 - 00000000 __RDO () C:\Users\Alexander\SkyDrive
2014-03-31 23:27 - 2014-03-31 23:27 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-31 23:27 - 2013-08-22 16:46 - 00020404 _____ () C:\WINDOWS\setupact.log
2014-03-31 23:00 - 2014-03-31 23:00 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\InstallShield
2014-03-31 23:00 - 2014-03-31 23:00 - 00000000 ____D () C:\Program Files (x86)\Samsung Easy Color Manager
2014-03-31 23:00 - 2014-01-17 19:13 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-31 22:59 - 2014-03-31 22:57 - 49677664 _____ (Macrovision Corporation) C:\Users\Alexander\Downloads\EasyColorManager_V3.02.04.exe
2014-03-31 21:35 - 2014-03-31 21:35 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2014-03-31 21:34 - 2014-03-29 15:26 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro PDF
2014-03-31 21:34 - 2014-01-17 19:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-03-31 21:34 - 2014-01-17 19:16 - 00000000 ____D () C:\ProgramData\Lenovo
2014-03-31 19:47 - 2014-03-31 19:47 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-31 19:41 - 2014-01-17 19:34 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-03-31 19:40 - 2013-08-31 17:36 - 00009586 _____ () C:\WINDOWS\PFRO.log
2014-03-31 19:39 - 2014-03-31 19:37 - 00000000 ____D () C:\AdwCleaner
2014-03-31 19:39 - 2014-03-29 00:40 - 00001026 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-31 18:56 - 2014-03-31 18:56 - 01038974 _____ (Thisisu) C:\Users\Alexander\Downloads\JRT.exe
2014-03-31 18:55 - 2014-03-31 18:55 - 01950720 _____ () C:\Users\Alexander\Downloads\adwcleaner.exe
2014-03-31 18:47 - 2014-03-29 16:45 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Microsoft Help
2014-03-31 18:23 - 2014-03-31 18:23 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-31 18:22 - 2014-03-31 18:22 - 01110476 _____ () C:\Users\Alexander\Downloads\7z920.exe
2014-03-31 18:06 - 2014-03-31 18:06 - 02157056 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2014-03-31 16:10 - 2014-03-29 08:50 - 00002183 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startmenü.lnk
2014-03-31 12:33 - 2014-03-31 12:26 - 00000000 ____D () C:\Users\Alexander\Documents\ELOFA Änderung SDB
2014-03-31 10:29 - 2014-03-29 00:39 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Packages
2014-03-31 09:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-31 07:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-30 19:14 - 2014-03-30 19:14 - 00000000 ____D () C:\Users\Alexander\Documents\OneNote-Notizbücher
2014-03-30 19:14 - 2014-03-29 00:40 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-30 11:52 - 2014-03-30 11:50 - 00000000 ____D () C:\Users\Alexander\Documents\Office2013 Schulungsdateien
2014-03-30 11:52 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\VirtualStore
2014-03-30 09:59 - 2014-03-30 09:55 - 00003382 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:59 - 2014-03-30 09:55 - 00003330 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-30 09:55 - 2014-03-30 09:55 - 00003402 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 21:15 - 2014-03-29 21:15 - 00099919 _____ () C:\Users\Alexander\Downloads\videocacheview265_Download.zip
2014-03-29 21:06 - 2014-03-29 21:06 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Macromedia
2014-03-29 21:05 - 2014-03-29 01:05 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Adobe
2014-03-29 21:04 - 2014-03-29 21:04 - 00002197 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-29 21:04 - 2014-03-29 21:04 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-03-29 19:07 - 2014-03-29 19:05 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Mozilla
2014-03-29 19:05 - 2014-03-29 19:05 - 00001174 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-29 19:05 - 2014-03-29 19:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 19:05 - 2014-03-29 09:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 18:56 - 2014-01-17 19:16 - 00000000 ____D () C:\Program Files\lenovo
2014-03-29 18:49 - 2014-03-29 18:49 - 00002018 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-03-29 18:49 - 2014-03-29 18:49 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\LSC
2014-03-29 18:49 - 2014-03-29 01:05 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LSC
2014-03-29 18:48 - 2014-01-17 19:40 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-03-29 18:47 - 2014-03-29 18:47 - 00000000 ____D () C:\ProgramData\tmp
2014-03-29 17:01 - 2014-03-29 17:01 - 00011264 ___SH () C:\Users\Alexander\Desktop\Thumbs.db
2014-03-29 16:06 - 2014-03-29 16:06 - 00086904 _____ () C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-29 16:06 - 2014-03-29 16:06 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\PDF Architect
2014-03-29 16:04 - 2014-03-29 16:01 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-03-29 16:01 - 2014-03-29 16:01 - 00001058 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00001020 _____ () C:\Users\Alexander\Desktop\PDF Architect.lnk
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Users\Alexander\Documents\PDF Architect Files
2014-03-29 16:01 - 2014-03-29 16:01 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-03-29 15:57 - 2014-03-29 15:54 - 69734576 _____ (pdfforge ) C:\Users\Alexander\Downloads\PDFCreator-1_7_2_setup_offline.exe
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Nitro
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\FileOpen
2014-03-29 15:39 - 2014-03-29 15:39 - 00000000 ____D () C:\ProgramData\FileOpen
2014-03-29 15:34 - 2014-03-29 09:14 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Real
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\Users\Alexander\AppData\Local\ATI
2014-03-29 15:21 - 2014-03-29 15:21 - 00000000 ____D () C:\ProgramData\ATI
2014-03-29 15:18 - 2014-03-29 15:18 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\WebApp
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\Documents\CyberLink
2014-03-29 15:17 - 2014-03-29 15:17 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\CyberLink
2014-03-29 15:17 - 2014-01-17 19:37 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-29 11:37 - 2014-03-29 11:37 - 00003116 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2712879693-1085652998-2071342517-1001
2014-03-29 11:09 - 2014-01-17 19:34 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-03-29 11:08 - 2014-01-17 19:34 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-29 11:08 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-03-29 10:57 - 2014-03-29 00:58 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-29 10:56 - 2014-03-29 00:58 - 00962240 _____ (Microsoft Corporation) C:\Users\Alexander\Downloads\Setup.X86.de-DE_HomeBusinessRetail_5cf0bcd6-92ef-4fef-b9b2-43d327b58416_TX_DB_.exe
2014-03-29 10:53 - 2014-03-29 10:53 - 00003570 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-03-29 10:53 - 2014-03-29 00:40 - 00000000 ___RD () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-29 10:48 - 2014-03-29 09:31 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-03-29 10:48 - 2013-08-22 16:44 - 00379704 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-29 10:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-29 10:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-29 10:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-29 10:45 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-29 10:30 - 2014-03-29 10:30 - 00061112 _____ (StdLib) C:\WINDOWS\system32\Drivers\wStLibG64.sys
2014-03-29 09:55 - 2014-03-29 09:31 - 00000380 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-03-29 09:44 - 2014-03-29 09:41 - 00001130 _____ () C:\Users\Alexander\Desktop\Flash Player Pro.lnk
2014-03-29 09:44 - 2014-03-29 09:41 - 00000000 ____D () C:\Program Files (x86)\Flash Player Pro
2014-03-29 09:41 - 2014-03-29 09:41 - 00000000 ____D () C:\Users\Alexander\Documents\Flash Player Pro
2014-03-29 09:38 - 2014-03-29 09:38 - 00229664 _____ (Premium Installer ) C:\Users\Alexander\Downloads\Media_Player_Setup.exe
2014-03-29 09:37 - 2014-03-29 09:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-29 09:36 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-29 09:32 - 2014-03-29 09:32 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-29 09:31 - 2014-03-29 09:31 - 00002818 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-03-29 09:31 - 2014-03-29 09:31 - 00002816 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-03-29 09:21 - 2014-03-29 09:09 - 00000000 ____D () C:\ProgramData\Real
2014-03-29 09:16 - 2014-03-29 09:16 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\RealNetworks
2014-03-29 09:16 - 2014-03-29 09:15 - 00000324 _____ () C:\Users\Alexander\AppData\Roaming\aps.uninstall.scan.results
2014-03-29 09:15 - 2014-03-29 09:15 - 00272896 _____ (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00201872 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5016.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5032.dll
2014-03-29 09:15 - 2014-03-29 09:15 - 00001295 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:15 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-03-29 09:15 - 2014-03-29 09:14 - 00000000 ____D () C:\Program Files (x86)\Real
2014-03-29 09:14 - 2014-01-17 19:35 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2014-03-29 09:14 - 2014-01-17 19:35 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2014-03-29 09:13 - 2014-03-29 09:13 - 00003090 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf Update
2014-03-29 09:13 - 2014-03-29 09:13 - 00003034 _____ () C:\WINDOWS\System32\Tasks\BlockAndSurf_wd
2014-03-29 09:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Mozilla
2014-03-29 09:03 - 2014-03-29 09:03 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-29 09:00 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\AppData\Local\cache
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\Alexander\.android
2014-03-29 08:57 - 2014-03-29 08:57 - 00000000 _____ () C:\Users\Alexander\daemonprocess.txt
2014-03-29 08:57 - 2014-03-29 00:39 - 00000000 ____D () C:\Users\Alexander
2014-03-29 08:54 - 2014-03-29 08:53 - 00000000 ____D () C:\Users\Alexander\AppData\Local\LPT
2014-03-29 08:50 - 2014-03-29 00:41 - 00002337 _____ () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Programme
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-29 07:15 - 2014-03-29 07:15 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-03-29 07:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-29 07:15 - 2013-08-22 15:36 - 00000000 ___HD () C:\Users\Default
2014-03-29 01:33 - 2014-03-29 01:33 - 00000000 ____D () C:\Users\Alexander\Documents\Benutzerdefinierte Office-Vorlagen
2014-03-29 01:18 - 2014-03-29 01:18 - 00000000 __RHD () C:\MSOCache
2014-03-29 01:04 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Adobe
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00002147 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-03-29 01:02 - 2014-03-29 01:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-03-29 00:42 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Lenovo
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Public\Pokki
2014-03-29 00:41 - 2014-03-29 00:41 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Intel Corporation
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Roaming\Lenovo
2014-03-29 00:40 - 2014-03-29 00:40 - 00000000 ____D () C:\Users\Alexander\AppData\Local\Power2Go
2014-03-29 00:40 - 2014-01-18 04:46 - 00080744 ____H () C:\WINDOWS\modules.log
2014-03-29 00:39 - 2014-03-29 00:39 - 00000020 ___SH () C:\Users\Alexander\ntuser.ini
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Vorlagen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Startmenü
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Netzwerkumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Lokale Einstellungen
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Eigene Dateien
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Druckumgebung
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Musik
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Documents\Eigene Bilder
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Verlauf
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\AppData\Local\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 _SHDL () C:\Users\Alexander\Anwendungsdaten
2014-03-29 00:39 - 2014-03-29 00:39 - 00000000 ____D () C:\ProgramData\eBay
2014-03-29 00:39 - 2013-08-31 18:36 - 00000000 ____D () C:\WINDOWS\Panther
2014-03-29 00:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-03-28 17:38 - 2014-03-29 09:09 - 01172776 _____ (AnyProtect.com) C:\Users\Alexander\AppData\Local\AnyProtectScannerSetup.exe
2014-03-05 00:53 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-05 00:53 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 15:05 - 2014-03-29 09:36 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-29 09:29] - [2014-01-31 18:15] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2013-08-31 17:36

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Hallo Cosinus,

wahrscheinlich hast Du viel zu tun :-). Aber als Ergebnis, ich surfe im Internet und habe keine (für mich) sichtbaren Probleme mehr. Das ständige "Weiterleiten" scheint vollständig weg zu sein. VIEEEELLLLLEEEENNN Dank für Deine schnelle und professionelle Hilfe. Einfach SUPER!

Hoffentlich findest Du nix mehr in dem Logfile :-).

Herzliche Grüße
Alexander (TectRoyal)

cosinus · 01.04.2014, 16:11

Zitat:

t (aber ich habe auch keinen Haken gesetzt, weil da keiner für Addition ist). Das Ergebnis (81K):

Einfach da hinklicken, dann wird der Haken auch gesetzt und die additions erstellt....ist da etwa so kompliziert?

31.03.2014, 14:40	#4
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Browser leitet mich ständig um - wie kann ich das ändern wieder zu langsam...gegen Dich verliere ich nicht nur im Schach... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

31.03.2014, 22:06	#9
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Browser leitet mich ständig um - wie kann ich das ändern Bitte keine Logs hier anhängen. Alles wurde gesagt wie du die Ergebnisse posten sollst zB das hier (Logs notfalls aufteilen und über mehrere Beiträge posten) __________________ Logfiles bitte immer in CODE-Tags posten

01.04.2014, 13:06	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Browser leitet mich ständig um - wie kann ich das ändern Frische FRST Logs bitte, Haken setzen bei additions und dann erst auf Scan klicken __________________ Logfiles bitte immer in CODE-Tags posten

Browser leitet mich ständig um - wie kann ich das ändern

Plagegeister aller Art und deren Bekämpfung: Browser leitet mich ständig um - wie kann ich das ändern