| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 8.1 mit Thunderbird (IMAP): Möglicherweise Emails manipuliertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.04.2014, 17:06
| #1 |
| |  Windows 8.1 mit Thunderbird (IMAP): Möglicherweise Emails manipuliert Hallo Trojaner-Board, Hier mein Problem: Ich habe bei meinem alten Germanwings Account das Passwort vergessen und ein neues angefordert. Daraufhin hat mir Germanwings eine Email zugestellt. Ich habe die Email mit Thunderbird abgerufen. Darin wurde allerdings kein temporaeres Passwort angezeigt, sondern nur "***** Das Passwort ist zu Ihrem Schutz nicht sichtbar". Als ich die gleiche(?) Email ueber mein Smartphone gelessen habe, war der Text ganz anders und das temporaere Passwort wurde angezeigt. Laut Absender, Replyadresse und Absendezeit sollte dies aber die gleiche Email sein. Thunderbird und Smartphone sind an meinen Email-Provider (web.de) per IMAP angebunden. Hier die Logs: Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:48 on 23/04/2014 ([USRNAME])
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
GMER: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-23 17:24:22
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000030 ST1000LM024_HN-M101MBB rev.2BA30001 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\[USRNAME]\AppData\Local\Temp\fxldrpob.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000130c00 15 bytes [00, 8E, 0B, 02, 80, 32, 6E, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000130c10 11 bytes [00, 41, FC, FF, C0, 7D, F9, ...]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\wininit.exe[656] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[848] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[888] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[576] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\System32\svchost.exe[1108] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[1320] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\System32\spoolsv.exe[1676] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[1700] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1180] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[2264] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe[2308] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\svchost.exe[2664] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2144] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\System32\svchost.exe[3708] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\SearchIndexer.exe[4512] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\System32\WinLogon.exe[6288] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInformation 00007ffd058528c0 7 bytes JMP 00007ffe02dc02d0
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW 00007ffd058543d8 7 bytes JMP 00007ffe02dc0308
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA 00007ffd05901f20 7 bytes JMP 00007ffe02dc0378
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW 00007ffd059040b4 7 bytes JMP 00007ffe02dc03b0
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW 00007ffd05904510 7 bytes JMP 00007ffe02dc0340
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileNameExW 00007ffd05904af0 7 bytes JMP 00007ffe02dc0260
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessModulesEx 00007ffd0592cea0 7 bytes JMP 00007ffe02dc0228
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileNameW 00007ffd0592cf10 7 bytes JMP 00007ffe02dc0298
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleW 00007ffd02e22300 7 bytes JMP 00007ffe02dc00d8
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary 00007ffd02e25770 5 bytes JMP 00007ffe02dc0180
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW 00007ffd02e25860 5 bytes JMP 00007ffe02dc0148
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandleExW 00007ffd02e25a30 5 bytes JMP 00007ffe02dc0110
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\USER32.dll!CreateWindowExW 00007ffd04d3b6f4 10 bytes JMP 00007ffe02dc0490
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW 00007ffd04d445d8 5 bytes JMP 00007ffe02dc0458
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDeviceInfo 00007ffd04d44750 9 bytes JMP 00007ffe02dc03e8
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA 00007ffd04d54fc0 5 bytes JMP 00007ffe02dc0420
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayModeList 00007ffd05091500 8 bytes JMP 00007ffe02dc01b8
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterInfo 00007ffd05091750 8 bytes JMP 00007ffe02dc01f0
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory1 00007ffd00d57c28 5 bytes JMP 00007ffe00d40110
.text C:\WINDOWS\System32\dwm.exe[6228] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory 00007ffd00d64b84 5 bytes JMP 00007ffe00d400d8
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[5924] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\nvvsvc.exe[6788] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\nvvsvc.exe[6788] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffd0369169a 4 bytes [69, 03, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[6788] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffd036916a2 4 bytes [69, 03, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[6788] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffd0369181a 4 bytes [69, 03, FD, 7F]
.text C:\WINDOWS\system32\nvvsvc.exe[6788] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffd03691832 4 bytes [69, 03, FD, 7F]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[6600] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[6796] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\taskhostex.exe[1040] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\Explorer.EXE[4164] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Classic Shell\ClassicStartMenu.exe[4764] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe[4960] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\igfxsrvc.exe[1064] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Windows\System32\hkcmd.exe[4288] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Windows\System32\igfxpers.exe[5468] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe[5776] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[6372] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[6920] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Windows\System32\rundll32.exe[6900] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Dell\QuickSet\quickset.exe[6464] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Dell\QuickSet\quickset.exe[6464] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffd0369169a 4 bytes [69, 03, FD, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[6464] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffd036916a2 4 bytes [69, 03, FD, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[6464] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffd0369181a 4 bytes [69, 03, FD, 7F]
.text C:\Program Files\Dell\QuickSet\quickset.exe[6464] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffd03691832 4 bytes [69, 03, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[6648] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[6648] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffd0369169a 4 bytes [69, 03, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[6648] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffd036916a2 4 bytes [69, 03, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[6648] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffd0369181a 4 bytes [69, 03, FD, 7F]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[6648] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffd03691832 4 bytes [69, 03, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[908] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[908] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffd0369169a 4 bytes [69, 03, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[908] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffd036916a2 4 bytes [69, 03, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[908] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffd0369181a 4 bytes [69, 03, FD, 7F]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[908] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffd03691832 4 bytes [69, 03, FD, 7F]
.text C:\WINDOWS\system32\DllHost.exe[2804] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\System32\svchost.exe[3656] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe[4332] C:\WINDOWS\system32\KERNEL32.dll!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\WINDOWS\system32\AUDIODG.EXE[4032] C:\WINDOWS\SYSTEM32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[7024] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165 00007ffd0586553d 1 byte [62]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [4440:6512] fffff96000845b90
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Vor dem Scan bereits, dass auf C:\WINDOWS\system32\config\system nicht zugegriffen werden kann (durch anderen Prozess geblockt). Die gleiche Warnung kam beim Scan noch einmal. Zusätzlich die gleiche Warnung fuer C:\Users\[USRNAME]\ntuser.dat. Meine Antivirensoftware (Avast) war von Anfang an drauf, ist aktuell und hat keinerlei Warnungen gegeben. Ich habe vorgestern noch Spybot installiert. Dort wurde "nur" ein Cookie-Tracker gefunden. Hier der Fixit Log: Code:
ATTFilter
--- Report generated: 2014-04-21 20:39 ---
DoubleClick: Verfolgender Cookie (Internet Explorer: [USRNAME]) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2014-04-21 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-04-15 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-08 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2013-04-11 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-08 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-08 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2014-03-03 Includes\Malware-000.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-03-03 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-04-15 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-04-15 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2014-01-13 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-04-08 Includes\PUPS-C.sbi (*)
2014-01-13 Includes\PUPS.sbi (*)
2014-01-13 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-08 Includes\Security.sbi (*)
2014-01-13 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2014-01-28 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-13 Includes\Spyware.sbi (*)
2014-01-08 Includes\SpywareC.sbi (*)
2012-11-19 Includes\Tracks.uti
2014-01-15 Includes\Trojans-000.sbi (*)
2014-02-26 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-28 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-03-14 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-02-19 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-04-15 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-03-14 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-09 Includes\TrojansC-02.sbi (*)
2014-01-09 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-09 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Mit besten Grüßen, M4tt0 |
|
23.04.2014, 18:49
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8.1 mit Thunderbird (IMAP): Möglicherweise Emails manipuliert Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
23.04.2014, 19:02
| #3 |
| | Windows 8.1 mit Thunderbird (IMAP): Möglicherweise Emails manipuliert OK, mach ich. Danke, dass Du Dir mein Problem anschaust!
__________________FRST Log FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by [USRNAME] (administrator) on R2D2 on 23-04-2014 16:50:28
Running from C:\Users\[USRNAME]\Desktop
Windows 8.1 Pro (Update 1) (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(CANON INC.) C:\WINDOWS\system32\CNAB4RPD.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dell Products, LP.) c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Dell) C:\Users\[USRNAME]\AppData\Local\Apps\2.0\4Y8BPRKN.5TP\XL4NCOCT.GQB\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Dell Products, LP) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-05] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7830328 2013-05-21] (Motorola Solutions, Inc.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760456 2013-04-23] (Dell Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [MetroTileShortcut] => "C:\Program Files\McAfeeAntiTheft\2.1.170.2\McATUIHost.exe" /IMAT_SHORTCUTS
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-05] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-949463278-63079330-1184419995-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [22629024 2014-03-03] (Microsoft Corporation)
HKU\S-1-5-21-949463278-63079330-1184419995-1001\...\Run: [DellSystemDetect] => C:\Users\[USRNAME]\AppData\Local\Apps\2.0\4Y8BPRKN.5TP\XL4NCOCT.GQB\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [258160 2014-04-10] (Dell)
HKU\S-1-5-21-949463278-63079330-1184419995-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-949463278-63079330-1184419995-1004\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM - DefaultScope {A464ECC7-8D60-45FB-BB05-F7E7C10D90FD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM - {A464ECC7-8D60-45FB-BB05-F7E7C10D90FD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope {A464ECC7-8D60-45FB-BB05-F7E7C10D90FD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - {A464ECC7-8D60-45FB-BB05-F7E7C10D90FD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {A464ECC7-8D60-45FB-BB05-F7E7C10D90FD} URL =
SearchScopes: HKCU - {A464ECC7-8D60-45FB-BB05-F7E7C10D90FD} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\[USRNAME]\AppData\Roaming\Mozilla\Firefox\Profiles\k6aofoyb.Martin
FF Homepage: hxxp://www.tagesschau.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ActiveGS - C:\Users\[USRNAME]\AppData\Roaming\Mozilla\Firefox\Profiles\k6aofoyb.Martin\Extensions\activegs@freetoolsassociation.com [2014-03-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-05] (AVAST Software)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [283296 2013-11-11] (Intel Corporation)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [149496 2014-01-14] (Dell Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3611128 2014-02-11] (devolo AG)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-01] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [197096 2013-05-10] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [1142768 2014-02-19] (Paramount Software UK Ltd)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [728328 2014-03-31] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-05] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-05] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-04-23] (Motorola Solutions, Inc.)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-03] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21920 2013-05-10] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-05-10] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-05-10] ()
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-05-10] ()
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2014-03-18] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2014-02-11] (CACE Technologies)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-09-28] (Realsil Semiconductor Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-06] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-06] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [91360 2013-04-11] (STMicroelectronics)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-04-10] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-23 16:50 - 2014-04-23 16:50 - 00020755 _____ () C:\Users\[USRNAME]\Desktop\FRST.txt
2014-04-23 16:50 - 2014-04-23 16:50 - 00000000 ____D () C:\FRST
2014-04-23 16:49 - 2014-04-23 16:49 - 02061312 _____ (Farbar) C:\Users\[USRNAME]\Desktop\FRST64.exe
2014-04-23 16:48 - 2014-04-23 16:48 - 00000474 _____ () C:\Users\[USRNAME]\Desktop\defogger_disable.log
2014-04-23 16:48 - 2014-04-23 16:48 - 00000000 _____ () C:\Users\[USRNAME]\defogger_reenable
2014-04-23 16:47 - 2014-04-23 16:47 - 00050477 _____ () C:\Users\[USRNAME]\Desktop\Defogger.exe
2014-04-21 21:00 - 2013-08-22 15:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140421-210023.backup
2014-04-21 16:58 - 2014-04-21 21:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-21 16:58 - 2014-04-21 20:44 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-04-21 16:56 - 2014-04-21 16:57 - 16409960 _____ (Safer Networking Limited ) C:\Users\[USRNAME]\Downloads\spybotsd162.exe
2014-04-20 14:55 - 2014-04-20 14:55 - 02545000 _____ (Dominik Reichl ) C:\Users\[USRNAME]\Downloads\KeePass-2.26-Setup.exe
2014-04-19 22:23 - 2014-04-19 22:24 - 325017215 _____ () C:\Users\[USRNAME]\Downloads\Whited00r71-iPhone3G-Unlocker.zip
2014-04-19 18:01 - 2014-04-19 18:04 - 338579762 _____ () C:\Users\[USRNAME]\Downloads\iPhone1,2_4.2.1_8C148_Restore.ipsw
2014-04-19 17:50 - 2014-04-19 21:28 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\redsn0w
2014-04-19 13:30 - 2014-04-19 13:34 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\Apple Computer
2014-04-19 13:30 - 2014-04-19 13:30 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Local\Apple Computer
2014-04-19 13:29 - 2014-04-19 22:43 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-19 13:29 - 2014-04-19 13:29 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-19 13:28 - 2014-04-19 22:44 - 00000000 ____D () C:\ProgramData\Apple
2014-04-19 13:28 - 2014-04-19 13:28 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Local\Apple
2014-04-19 13:25 - 2014-04-19 13:27 - 148885840 _____ (Apple Inc.) C:\Users\[USRNAME]\Downloads\iTunes64Setup.exe
2014-04-19 11:16 - 2014-04-19 11:16 - 00000022 _____ () C:\WINDOWS\S.dirmngr
2014-04-19 11:14 - 2014-04-09 14:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-19 11:14 - 2014-04-09 05:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-19 11:14 - 2014-04-09 05:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-19 11:14 - 2014-04-09 05:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-19 11:14 - 2014-04-09 05:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-19 11:09 - 2014-04-19 11:09 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-04-19 11:08 - 2014-04-19 11:08 - 16002688 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\[USRNAME]\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.42.0.exe
2014-04-19 11:08 - 2014-04-19 11:08 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-16 16:29 - 2014-04-16 17:41 - 00001950 _____ () C:\Users\Public\Desktop\Colin McRae Rally 2005.lnk
2014-04-15 14:36 - 2014-04-15 14:36 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Local\Intel_Corporation
2014-04-14 13:25 - 2014-04-14 13:25 - 00000000 __SHD () C:\Users\[USRNAME]\AppData\Local\EmieUserList
2014-04-14 13:25 - 2014-04-14 13:25 - 00000000 __SHD () C:\Users\[USRNAME]\AppData\Local\EmieSiteList
2014-04-14 13:16 - 2014-04-20 13:37 - 00000000 ____D () C:\Users\[USRNAME]\Desktop\Stammzellspende
2014-04-14 12:31 - 2014-04-14 12:31 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-04-12 21:40 - 2014-04-12 21:40 - 00000000 ____D () C:\Users\[USRNAME]\Documents\Meine empfangenen Dateien
2014-04-12 20:39 - 2014-04-12 20:39 - 10689696 _____ (Irfan Skiljan) C:\Users\[USRNAME]\Downloads\irfanview_plugins_437_setup.exe
2014-04-11 22:32 - 2014-04-21 21:59 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\KeePass
2014-04-11 21:55 - 2014-04-21 21:50 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-04-11 21:54 - 2014-04-11 21:54 - 02537151 _____ (Dominik Reichl ) C:\Users\[USRNAME]\Downloads\keepass-2.25-setup.exe
2014-04-11 15:30 - 2014-04-11 15:30 - 00000000 ___RD () C:\Users\[USRNAME]\AppData\Roaming\Brother
2014-04-11 11:22 - 2014-04-11 11:22 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\12166
2014-04-11 11:09 - 2014-04-11 11:09 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\NVIDIA
2014-04-11 10:40 - 2014-04-11 11:09 - 00000000 ____D () C:\Users\[USRNAME]\Documents\DVDFab9
2014-04-11 10:40 - 2014-04-11 10:40 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\DVDFab9
2014-04-11 10:40 - 2014-04-11 10:40 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-04-11 10:39 - 2014-04-11 10:39 - 45424848 _____ (Fengtao Software Inc. ) C:\Users\[USRNAME]\Downloads\DVDFab9138.exe
2014-04-11 10:03 - 2014-04-11 10:37 - 00000000 ____D () C:\Burn
2014-04-11 09:59 - 2014-04-11 10:02 - 00000000 ____D () C:\Users\[USRNAME]\.MakeMKV
2014-04-11 09:55 - 2014-04-11 09:55 - 10054035 _____ (GuinpinSoft inc) C:\Users\[USRNAME]\Downloads\Setup_MakeMKV_v1.8.9.exe
2014-04-10 19:29 - 2014-04-10 19:29 - 00000303 _____ () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heimnetzgruppe.lnk
2014-04-10 19:28 - 2014-04-10 19:28 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\ControlCenter4
2014-04-10 19:05 - 2014-04-10 19:05 - 00000000 ____D () C:\ProgramData\ControlCenter4
2014-04-10 19:05 - 2014-04-10 19:05 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-04-10 19:05 - 2014-04-10 19:05 - 00000000 ____D () C:\Brother
2014-04-10 19:04 - 2014-04-10 19:05 - 00000066 _____ () C:\WINDOWS\Brfaxrx.ini
2014-04-10 19:04 - 2014-04-10 19:04 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\InstallShield
2014-04-10 19:04 - 2012-09-10 16:31 - 00245760 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2014-04-10 19:04 - 2012-07-09 17:19 - 00005120 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2014-04-10 19:04 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2014-04-10 19:04 - 2010-02-05 04:42 - 00180224 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BROSNMP.DLL
2014-04-10 19:04 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2014-04-10 19:04 - 2003-11-28 18:57 - 00000000 _____ () C:\WINDOWS\brdfxspd.dat
2014-04-10 19:03 - 2014-04-10 19:03 - 00000000 ____D () C:\Users\[USRNAME]\Downloads\install
2014-04-10 19:02 - 2014-04-10 19:03 - 126514424 _____ (A.I.SOFT,INC.) C:\Users\[USRNAME]\Downloads\MFC-7360N-inst-C1-EU.EXE
2014-04-10 18:19 - 2014-04-10 18:19 - 32417600 _____ (Intel(R) Corporation) C:\Users\[USRNAME]\Downloads\Wireless_16.5.3_De164.exe
2014-04-10 17:58 - 2014-04-10 17:58 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-04-10 17:51 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-04-10 17:51 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-04-10 17:51 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-04-10 17:42 - 2014-04-10 17:42 - 00001448 _____ () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-10 17:42 - 2014-04-10 17:42 - 00000020 ___SH () C:\Users\[USRNAME]\ntuser.ini
2014-04-10 14:59 - 2014-04-10 17:43 - 00000000 ___DC () C:\WINDOWS\Panther
2014-04-10 14:59 - 2014-04-10 14:59 - 00000000 __SHD () C:\Recovery
2014-04-10 14:57 - 2014-04-10 14:57 - 21232792 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 16875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 13286400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02519384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-04-10 14:57 - 2014-04-10 14:57 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-04-10 14:57 - 2014-04-10 14:57 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-10 14:57 - 2014-04-10 14:57 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-10 14:57 - 2014-04-10 14:57 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-10 14:57 - 2014-04-10 14:57 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-04-10 14:57 - 2014-04-10 14:57 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-04-10 14:57 - 2014-04-10 14:57 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00244888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDScDrv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-10 14:56 - 2014-04-10 14:56 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-04-10 14:49 - 2014-04-10 14:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-04-10 14:49 - 2014-04-10 14:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-04-10 14:49 - 2014-04-10 14:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-04-10 14:49 - 2014-04-10 14:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-04-10 14:49 - 2014-04-10 14:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-04-10 14:48 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-04-10 14:48 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-04-10 14:48 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-04-10 14:48 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-04-10 14:48 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-04-10 14:48 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-10 14:29 - 2014-04-10 14:29 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-04-10 14:26 - 2014-04-10 14:26 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-04-10 14:19 - 2014-04-10 14:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-10 14:19 - 2014-04-10 14:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-10 14:13 - 2014-04-10 14:13 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-04-10 14:12 - 2014-04-23 16:48 - 00000000 ____D () C:\Users\[USRNAME]
2014-04-10 14:12 - 2014-04-10 14:31 - 00032388 _____ () C:\WINDOWS\diagwrn.xml
2014-04-10 14:12 - 2014-04-10 14:31 - 00032388 _____ () C:\WINDOWS\diagerr.xml
2014-04-10 14:12 - 2014-04-10 14:20 - 00000000 ___RD () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-10 14:12 - 2014-04-10 14:20 - 00000000 ___RD () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-10 14:12 - 2014-04-10 14:13 - 00000000 ___RD () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-10 14:12 - 2014-04-10 14:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-10 14:12 - 2014-04-10 14:13 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Vorlagen
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Startmenü
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Netzwerkumgebung
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Lokale Einstellungen
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Eigene Dateien
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Druckumgebung
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Documents\Eigene Musik
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Documents\Eigene Bilder
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\AppData\Local\Verlauf
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\AppData\Local\Anwendungsdaten
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Anwendungsdaten
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-04-10 14:12 - 2014-03-18 12:12 - 00000369 _____ () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-10 14:12 - 2014-03-18 12:12 - 00000369 _____ () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-10 14:12 - 2014-03-18 12:12 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-10 14:12 - 2014-03-18 12:12 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-10 14:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-10 14:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-10 14:12 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-10 14:04 - 2014-04-23 16:37 - 01632752 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-10 14:04 - 2014-04-10 14:16 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-10 14:04 - 2014-04-10 14:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-10 14:04 - 2014-04-10 14:04 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_btmhsf_01011.Wdf
2014-04-10 14:04 - 2014-04-10 14:04 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2014-04-10 14:04 - 2014-04-10 14:04 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-04-10 14:04 - 2014-04-10 14:04 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-04-10 14:04 - 2013-10-23 10:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-04-10 14:04 - 2013-10-23 10:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-04-10 14:04 - 2013-10-23 10:20 - 03426956 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-04-10 14:04 - 2013-10-23 10:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-04-10 14:04 - 2013-10-23 10:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2014-04-10 14:04 - 2013-10-23 10:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-04-10 14:04 - 2013-10-23 10:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-04-10 14:04 - 2013-10-23 10:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2014-04-10 14:04 - 2013-10-23 10:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-04-10 14:03 - 2014-04-10 14:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-10 14:03 - 2014-04-10 14:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-10 14:03 - 2014-04-10 14:03 - 00849522 _____ () C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2014-04-10 14:03 - 2014-04-10 14:03 - 00458970 _____ () C:\WINDOWS\system32\Drivers\rtwavesmapro.dat
2014-04-10 14:03 - 2014-04-10 14:03 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-04-10 14:03 - 2014-04-10 14:03 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-04-10 14:02 - 2014-04-10 18:20 - 00024236 _____ () C:\WINDOWS\DPINST.LOG
2014-04-10 14:02 - 2014-04-10 14:15 - 00000000 ____D () C:\Program Files\Intel
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ST_Accel_01011.Wdf
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____D () C:\Program Files\Synaptics
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____D () C:\Program Files\STMicroelectronics
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____D () C:\Program Files\Realtek
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____D () C:\Program Files\DIFX
2014-04-10 14:02 - 2014-01-25 02:23 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-04-10 14:02 - 2014-01-25 02:23 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-04-10 14:02 - 2012-07-13 16:31 - 00022168 _____ (ST Microelectronics) C:\WINDOWS\system32\Drivers\stdcfltn.sys
2014-04-10 13:34 - 2014-04-10 14:31 - 00006559 _____ () C:\WINDOWS\comsetup.log
2014-04-10 12:45 - 2014-04-19 11:56 - 00003718 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-04-10 12:45 - 2014-04-10 12:45 - 00003476 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-04-10 12:39 - 2014-04-10 12:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2014-04-10 12:39 - 2013-05-10 19:37 - 00029088 _____ () C:\WINDOWS\system32\Drivers\INETMON.sys
2014-04-10 12:34 - 2014-04-10 12:35 - 28719200 _____ () C:\Users\[USRNAME]\Downloads\App_ISCT_W84_X05_Setup-67C4P_ZPE.exe
2014-04-10 10:51 - 2014-04-10 14:20 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-04-10 10:51 - 2014-04-10 10:51 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Local\Apps\2.0
2014-04-10 10:50 - 2014-04-10 10:50 - 00417872 _____ () C:\Users\[USRNAME]\Downloads\DellSystemDetect.exe
2014-04-07 16:42 - 2014-04-10 18:54 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\gnupg
2014-04-07 16:42 - 2014-04-07 16:42 - 00000000 ____D () C:\ProgramData\GNU
2014-04-07 16:42 - 2014-04-07 16:42 - 00000000 ____D () C:\Program Files (x86)\GNU
2014-04-07 16:41 - 2014-04-07 16:41 - 29689992 _____ (g10 Code GmbH) C:\Users\[USRNAME]\Downloads\gpg4win-2.2.1.exe
2014-04-05 22:18 - 2014-04-05 22:18 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-04-01 13:41 - 2014-04-01 13:41 - 00001936 _____ () C:\Users\Public\Desktop\Colin McRae Rally 3.lnk
2014-04-01 13:38 - 2014-04-01 13:40 - 00000000 ____D () C:\Install
2014-03-29 16:03 - 2014-03-29 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-25 22:35 - 2014-03-29 15:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
==================== One Month Modified Files and Folders =======
2014-04-23 16:50 - 2014-04-23 16:50 - 00020755 _____ () C:\Users\[USRNAME]\Desktop\FRST.txt
2014-04-23 16:50 - 2014-04-23 16:50 - 00000000 ____D () C:\FRST
2014-04-23 16:49 - 2014-04-23 16:49 - 02061312 _____ (Farbar) C:\Users\[USRNAME]\Desktop\FRST64.exe
2014-04-23 16:48 - 2014-04-23 16:48 - 00000474 _____ () C:\Users\[USRNAME]\Desktop\defogger_disable.log
2014-04-23 16:48 - 2014-04-23 16:48 - 00000000 _____ () C:\Users\[USRNAME]\defogger_reenable
2014-04-23 16:48 - 2014-04-10 14:12 - 00000000 ____D () C:\Users\[USRNAME]
2014-04-23 16:47 - 2014-04-23 16:47 - 00050477 _____ () C:\Users\[USRNAME]\Desktop\Defogger.exe
2014-04-23 16:37 - 2014-04-10 14:04 - 01632752 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-23 16:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-23 16:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-21 23:49 - 2014-02-02 20:52 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\uTorrent
2014-04-21 23:33 - 2014-01-27 22:18 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\ClassicShell
2014-04-21 23:01 - 2014-01-28 20:38 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-21 21:59 - 2014-04-11 22:32 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\KeePass
2014-04-21 21:50 - 2014-04-11 21:55 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-04-21 21:00 - 2014-04-21 16:58 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-21 20:44 - 2014-04-21 16:58 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-04-21 17:10 - 2014-01-27 21:34 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-949463278-63079330-1184419995-1001
2014-04-21 16:57 - 2014-04-21 16:56 - 16409960 _____ (Safer Networking Limited ) C:\Users\[USRNAME]\Downloads\spybotsd162.exe
2014-04-20 14:55 - 2014-04-20 14:55 - 02545000 _____ (Dominik Reichl ) C:\Users\[USRNAME]\Downloads\KeePass-2.26-Setup.exe
2014-04-20 13:37 - 2014-04-14 13:16 - 00000000 ____D () C:\Users\[USRNAME]\Desktop\Stammzellspende
2014-04-19 22:44 - 2014-04-19 13:28 - 00000000 ____D () C:\ProgramData\Apple
2014-04-19 22:43 - 2014-04-19 13:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-19 22:43 - 2014-01-27 21:36 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-04-19 22:24 - 2014-04-19 22:23 - 325017215 _____ () C:\Users\[USRNAME]\Downloads\Whited00r71-iPhone3G-Unlocker.zip
2014-04-19 21:28 - 2014-04-19 17:50 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\redsn0w
2014-04-19 21:27 - 2013-08-22 16:46 - 00342880 _____ () C:\WINDOWS\setupact.log
2014-04-19 18:04 - 2014-04-19 18:01 - 338579762 _____ () C:\Users\[USRNAME]\Downloads\iPhone1,2_4.2.1_8C148_Restore.ipsw
2014-04-19 13:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-04-19 13:34 - 2014-04-19 13:30 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\Apple Computer
2014-04-19 13:30 - 2014-04-19 13:30 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Local\Apple Computer
2014-04-19 13:29 - 2014-04-19 13:29 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-19 13:28 - 2014-04-19 13:28 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Local\Apple
2014-04-19 13:27 - 2014-04-19 13:25 - 148885840 _____ (Apple Inc.) C:\Users\[USRNAME]\Downloads\iTunes64Setup.exe
2014-04-19 11:59 - 2014-03-18 12:04 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-19 11:59 - 2014-03-18 11:25 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-19 11:59 - 2014-03-18 11:25 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-19 11:56 - 2014-04-10 12:45 - 00003718 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-04-19 11:16 - 2014-04-19 11:16 - 00000022 _____ () C:\WINDOWS\S.dirmngr
2014-04-19 11:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-19 11:16 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-19 11:09 - 2014-04-19 11:09 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-04-19 11:08 - 2014-04-19 11:08 - 16002688 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\[USRNAME]\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.42.0.exe
2014-04-19 11:08 - 2014-04-19 11:08 - 00000000 ____D () C:\ProgramData\Samsung
2014-04-16 17:41 - 2014-04-16 16:29 - 00001950 _____ () C:\Users\Public\Desktop\Colin McRae Rally 2005.lnk
2014-04-16 16:29 - 2014-03-23 15:37 - 00000000 ____D () C:\Program Files (x86)\Codemasters
2014-04-16 16:29 - 2014-01-17 06:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-16 13:39 - 2014-02-02 21:12 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\vlc
2014-04-15 14:36 - 2014-04-15 14:36 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Local\Intel_Corporation
2014-04-14 13:25 - 2014-04-14 13:25 - 00000000 __SHD () C:\Users\[USRNAME]\AppData\Local\EmieUserList
2014-04-14 13:25 - 2014-04-14 13:25 - 00000000 __SHD () C:\Users\[USRNAME]\AppData\Local\EmieSiteList
2014-04-14 13:17 - 2014-01-28 22:59 - 00243712 ___SH () C:\Users\[USRNAME]\Desktop\Thumbs.db
2014-04-14 13:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-04-14 12:31 - 2014-04-14 12:31 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-04-14 12:30 - 2014-01-28 23:28 - 00872960 ___SH () C:\Users\[USRNAME]\Documents\Thumbs.db
2014-04-12 21:40 - 2014-04-12 21:40 - 00000000 ____D () C:\Users\[USRNAME]\Documents\Meine empfangenen Dateien
2014-04-12 20:39 - 2014-04-12 20:39 - 10689696 _____ (Irfan Skiljan) C:\Users\[USRNAME]\Downloads\irfanview_plugins_437_setup.exe
2014-04-11 21:54 - 2014-04-11 21:54 - 02537151 _____ (Dominik Reichl ) C:\Users\[USRNAME]\Downloads\keepass-2.25-setup.exe
2014-04-11 15:30 - 2014-04-11 15:30 - 00000000 ___RD () C:\Users\[USRNAME]\AppData\Roaming\Brother
2014-04-11 11:22 - 2014-04-11 11:22 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\12166
2014-04-11 11:09 - 2014-04-11 11:09 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\NVIDIA
2014-04-11 11:09 - 2014-04-11 10:40 - 00000000 ____D () C:\Users\[USRNAME]\Documents\DVDFab9
2014-04-11 10:40 - 2014-04-11 10:40 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\DVDFab9
2014-04-11 10:40 - 2014-04-11 10:40 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-04-11 10:39 - 2014-04-11 10:39 - 45424848 _____ (Fengtao Software Inc. ) C:\Users\[USRNAME]\Downloads\DVDFab9138.exe
2014-04-11 10:37 - 2014-04-11 10:03 - 00000000 ____D () C:\Burn
2014-04-11 10:02 - 2014-04-11 09:59 - 00000000 ____D () C:\Users\[USRNAME]\.MakeMKV
2014-04-11 09:55 - 2014-04-11 09:55 - 10054035 _____ (GuinpinSoft inc) C:\Users\[USRNAME]\Downloads\Setup_MakeMKV_v1.8.9.exe
2014-04-10 20:37 - 2014-01-27 21:26 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Local\Packages
2014-04-10 19:29 - 2014-04-10 19:29 - 00000303 _____ () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heimnetzgruppe.lnk
2014-04-10 19:28 - 2014-04-10 19:28 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\ControlCenter4
2014-04-10 19:05 - 2014-04-10 19:05 - 00000000 ____D () C:\ProgramData\ControlCenter4
2014-04-10 19:05 - 2014-04-10 19:05 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-04-10 19:05 - 2014-04-10 19:05 - 00000000 ____D () C:\Brother
2014-04-10 19:05 - 2014-04-10 19:04 - 00000066 _____ () C:\WINDOWS\Brfaxrx.ini
2014-04-10 19:05 - 2014-03-03 22:50 - 00000245 _____ () C:\WINDOWS\Brpfx04a.ini
2014-04-10 19:05 - 2014-03-03 22:50 - 00000064 _____ () C:\WINDOWS\brpcfx.ini
2014-04-10 19:05 - 2014-03-03 22:49 - 00000000 ____D () C:\Program Files (x86)\ControlCenter4
2014-04-10 19:05 - 2014-03-03 22:48 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-04-10 19:04 - 2014-04-10 19:04 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\InstallShield
2014-04-10 19:03 - 2014-04-10 19:03 - 00000000 ____D () C:\Users\[USRNAME]\Downloads\install
2014-04-10 19:03 - 2014-04-10 19:02 - 126514424 _____ (A.I.SOFT,INC.) C:\Users\[USRNAME]\Downloads\MFC-7360N-inst-C1-EU.EXE
2014-04-10 18:54 - 2014-04-07 16:42 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\gnupg
2014-04-10 18:20 - 2014-04-10 14:02 - 00024236 _____ () C:\WINDOWS\DPINST.LOG
2014-04-10 18:19 - 2014-04-10 18:19 - 32417600 _____ (Intel(R) Corporation) C:\Users\[USRNAME]\Downloads\Wireless_16.5.3_De164.exe
2014-04-10 18:14 - 2014-01-17 06:20 - 00000000 ____D () C:\ProgramData\PCDr
2014-04-10 17:59 - 2014-03-18 03:51 - 00001536 _____ () C:\WINDOWS\PFRO.log
2014-04-10 17:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-10 17:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-10 17:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-10 17:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-10 17:58 - 2014-04-10 17:58 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-04-10 17:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-04-10 17:43 - 2014-04-10 14:59 - 00000000 ___DC () C:\WINDOWS\Panther
2014-04-10 17:43 - 2014-01-27 21:28 - 00000000 ___RD () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-10 17:43 - 2014-01-27 21:28 - 00000000 ___RD () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-10 17:42 - 2014-04-10 17:42 - 00001448 _____ () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-10 17:42 - 2014-04-10 17:42 - 00000020 ___SH () C:\Users\[USRNAME]\ntuser.ini
2014-04-10 14:59 - 2014-04-10 14:59 - 00000000 __SHD () C:\Recovery
2014-04-10 14:58 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-04-10 14:58 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-04-10 14:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-04-10 14:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-04-10 14:57 - 2014-04-10 14:57 - 21232792 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 16875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 13286400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 08653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 06641152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 04268544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02519384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01466864 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01339240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01066496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-04-10 14:57 - 2014-04-10 14:57 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-04-10 14:57 - 2014-04-10 14:57 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00492256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-10 14:57 - 2014-04-10 14:57 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-10 14:57 - 2014-04-10 14:57 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-10 14:57 - 2014-04-10 14:57 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-04-10 14:57 - 2014-04-10 14:57 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-04-10 14:57 - 2014-04-10 14:57 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00244888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDScDrv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-10 14:57 - 2014-04-10 14:57 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-10 14:57 - 2014-04-10 14:57 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-04-10 14:57 - 2014-04-10 14:57 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-10 14:56 - 2014-04-10 14:56 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-04-10 14:49 - 2014-04-10 14:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-04-10 14:49 - 2014-04-10 14:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-04-10 14:49 - 2014-04-10 14:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-04-10 14:49 - 2014-04-10 14:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-04-10 14:49 - 2014-04-10 14:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-10 14:32 - 2014-04-10 14:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-10 14:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-04-10 14:32 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-04-10 14:32 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-04-10 14:31 - 2014-04-10 14:12 - 00032388 _____ () C:\WINDOWS\diagwrn.xml
2014-04-10 14:31 - 2014-04-10 14:12 - 00032388 _____ () C:\WINDOWS\diagerr.xml
2014-04-10 14:31 - 2014-04-10 13:34 - 00006559 _____ () C:\WINDOWS\comsetup.log
2014-04-10 14:29 - 2014-04-10 14:29 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-04-10 14:27 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-04-10 14:27 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-10 14:26 - 2014-04-10 14:26 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-04-10 14:26 - 2014-01-17 06:04 - 01804472 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-04-10 14:21 - 2013-08-22 16:44 - 00483008 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-10 14:20 - 2014-04-10 14:12 - 00000000 ___RD () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-10 14:20 - 2014-04-10 14:12 - 00000000 ___RD () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-10 14:20 - 2014-04-10 10:51 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-04-10 14:20 - 2014-03-18 11:40 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-04-10 14:20 - 2014-01-29 00:07 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Networking
2014-04-10 14:20 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-04-10 14:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-04-10 14:19 - 2014-04-10 14:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-10 14:19 - 2014-04-10 14:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-10 14:19 - 2014-03-18 11:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-04-10 14:19 - 2014-03-18 11:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-04-10 14:19 - 2014-03-18 11:25 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-04-10 14:19 - 2014-02-22 19:31 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-04-10 14:19 - 2014-01-17 06:04 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-04-10 14:19 - 2013-08-22 17:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-04-10 14:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-04-10 14:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-04-10 14:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Macromed
2014-04-10 14:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-04-10 14:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-04-10 14:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-04-10 14:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-04-10 14:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-04-10 14:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-04-10 14:19 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-04-10 14:19 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-04-10 14:18 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-04-10 14:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2014-04-10 14:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2014-04-10 14:16 - 2014-04-10 14:04 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-10 14:16 - 2014-04-10 14:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-10 14:16 - 2014-04-10 14:03 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-10 14:16 - 2014-01-27 21:26 - 00000000 ____D () C:\ProgramData\PRICache
2014-04-10 14:16 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-04-10 14:15 - 2014-04-10 14:03 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-10 14:15 - 2014-04-10 14:02 - 00000000 ____D () C:\Program Files\Intel
2014-04-10 14:15 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-04-10 14:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-10 14:13 - 2014-04-10 14:13 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-04-10 14:13 - 2014-04-10 14:12 - 00000000 ___RD () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-10 14:13 - 2014-04-10 14:12 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-10 14:13 - 2014-04-10 14:12 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-10 14:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Vorlagen
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Startmenü
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Netzwerkumgebung
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Lokale Einstellungen
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Eigene Dateien
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Druckumgebung
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Documents\Eigene Musik
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Documents\Eigene Bilder
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\AppData\Local\Verlauf
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\AppData\Local\Anwendungsdaten
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\[USRNAME]\Anwendungsdaten
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-04-10 14:12 - 2014-04-10 14:12 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-04-10 14:04 - 2014-04-10 14:04 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_btmhsf_01011.Wdf
2014-04-10 14:04 - 2014-04-10 14:04 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2014-04-10 14:04 - 2014-04-10 14:04 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2014-04-10 14:04 - 2014-04-10 14:04 - 00000000 ____D () C:\WINDOWS\system32\NV
2014-04-10 14:04 - 2013-08-22 16:46 - 00000084 _____ () C:\WINDOWS\setuperr.log
2014-04-10 14:03 - 2014-04-10 14:03 - 00849522 _____ () C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2014-04-10 14:03 - 2014-04-10 14:03 - 00458970 _____ () C:\WINDOWS\system32\Drivers\rtwavesmapro.dat
2014-04-10 14:03 - 2014-04-10 14:03 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-04-10 14:03 - 2014-04-10 14:03 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ST_Accel_01011.Wdf
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____D () C:\Program Files\Synaptics
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____D () C:\Program Files\STMicroelectronics
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____D () C:\Program Files\Realtek
2014-04-10 14:02 - 2014-04-10 14:02 - 00000000 ____D () C:\Program Files\DIFX
2014-04-10 13:41 - 2014-01-17 05:35 - 01513572 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-04-10 13:10 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-04-10 12:45 - 2014-04-10 12:45 - 00003476 _____ () C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-04-10 12:45 - 2014-01-17 06:03 - 00000000 ____D () C:\ProgramData\Intel
2014-04-10 12:45 - 2014-01-17 06:01 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-04-10 12:43 - 2014-01-28 20:38 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Local\Adobe
2014-04-10 12:42 - 2014-01-28 20:38 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-04-10 12:39 - 2014-04-10 12:39 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_INETMON_01011.Wdf
2014-04-10 12:35 - 2014-04-10 12:34 - 28719200 _____ () C:\Users\[USRNAME]\Downloads\App_ISCT_W84_X05_Setup-67C4P_ZPE.exe
2014-04-10 12:35 - 2014-01-17 13:13 - 00000000 ____D () C:\DELL
2014-04-10 11:36 - 2014-01-27 21:46 - 00003444 _____ () C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-04-10 10:51 - 2014-04-10 10:51 - 00000000 ____D () C:\Users\[USRNAME]\AppData\Local\Apps\2.0
2014-04-10 10:50 - 2014-04-10 10:50 - 00417872 _____ () C:\Users\[USRNAME]\Downloads\DellSystemDetect.exe
2014-04-10 10:39 - 2014-01-28 21:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 09:57 - 2014-01-27 22:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-10 09:54 - 2014-01-27 22:04 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-09 14:00 - 2014-04-19 11:14 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-09 05:32 - 2014-04-19 11:14 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-09 05:31 - 2014-04-19 11:14 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-09 05:23 - 2014-04-19 11:14 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-09 05:21 - 2014-04-19 11:14 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-07 16:42 - 2014-04-07 16:42 - 00000000 ____D () C:\ProgramData\GNU
2014-04-07 16:42 - 2014-04-07 16:42 - 00000000 ____D () C:\Program Files (x86)\GNU
2014-04-07 16:41 - 2014-04-07 16:41 - 29689992 _____ (g10 Code GmbH) C:\Users\[USRNAME]\Downloads\gpg4win-2.2.1.exe
2014-04-05 22:18 - 2014-04-05 22:18 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-04-05 22:18 - 2014-01-27 21:45 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-04-05 22:18 - 2014-01-27 21:45 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-04-05 22:18 - 2014-01-27 21:45 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-04-05 22:18 - 2014-01-27 21:45 - 00208928 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-04-05 22:18 - 2014-01-27 21:45 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-04-05 22:18 - 2014-01-27 21:45 - 00084816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-04-05 22:18 - 2014-01-27 21:45 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-04-05 22:18 - 2014-01-27 21:45 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-04-05 22:18 - 2014-01-27 21:45 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-04-01 13:41 - 2014-04-01 13:41 - 00001936 _____ () C:\Users\Public\Desktop\Colin McRae Rally 3.lnk
2014-04-01 13:40 - 2014-04-01 13:38 - 00000000 ____D () C:\Install
2014-03-31 23:23 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-30 18:45 - 2014-01-27 21:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 23:28 - 2014-03-22 12:54 - 00000000 ____D () C:\For Noah
2014-03-29 16:03 - 2014-03-29 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 15:12 - 2014-03-25 22:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-26 10:47 - 2014-01-28 22:59 - 00000519 _____ () C:\Users\[USRNAME]\Desktop\Schnetter Wimbach.txt
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-10 14:00
==================== End Of Log ============================
Addition kommt sofort... |
|
23.04.2014, 19:03
| #4 |
| | Windows 8.1 mit Thunderbird (IMAP): Möglicherweise Emails manipuliertCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by [USRNAME] at 2014-04-23 16:51:12
Running from C:\Users\[USRNAME]\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30740 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
AXIS CAPT Print Monitor 2.20 (HKLM\...\{7048796B-78EB-45a0-82AF-E8031F4AAE68}) (Version: - )
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
Colin McRae Rally 2 (HKLM-x32\...\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}) (Version: - )
Colin McRae Rally 2005 (HKLM-x32\...\{CC67770B-581D-4E96-B72A-A7907CE18725}) (Version: 1.00.000 - )
Colin McRae Rally 3 (HKLM-x32\...\{D26D1A53-D8A2-4004-BC98-0642B4EEAAB2}) (Version: 1.00.000 - )
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F68634D8-574F-42B2-B6D0-9B447EA9581E}) (Version: - Microsoft)
Dell Digital Delivery (HKLM-x32\...\{B96348BD-6B0D-42E3-80B1-FA6718067BFE}) (Version: 2.8.1000.0 - Dell Products, LP)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.13.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{1D817B4D-A183-48C0-8463-FCC39459367B}) (Version: 1.0.1014.0 - Dell Inc.)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.2.1.0 - devolo AG)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
DVDFab 9.1.3.8 (08/04/2014) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0354 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.2.1000 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{7443339C-F9E6-48BF-B22B-3DEF7D73E1C7}) (Version: 4.2.20.2297 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.2.6465 - Paramount Software (UK) Ltd.) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Personal Backup 5.5 (HKLM-x32\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PileFile reminder (HKCU\...\{56837588-F559-40CF-91D9-D439D405FB28}) (Version: - FINEDREAM INVEST LTD) <==== ATTENTION
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.12 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21242 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.42.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0040 - ST Microelectronics)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{8D84B988-2A7A-4DB6-A7A5-08DA7B3DE9EE}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{327EABFD-EDD3-44E7-AB47-7592DF33B719}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{50F31E04-D56A-4159-BF36-CF3CE27DB30C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F9FAC8C0-20D9-4DC7-9A56-13B02BD4B724}) (Version: - Microsoft)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.5.1 (HKLM-x32\...\winscp3_is1) (Version: 5.5.1 - Martin Prikryl)
==================== Restore Points =========================
10-04-2014 15:57:33 Windows Update
16-04-2014 14:29:13 Installiert Colin McRae Rally 2005
19-04-2014 11:28:32 Installed iTunes
==================== Hosts content: ==========================
2013-08-22 15:25 - 2014-04-21 21:00 - 00450712 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100links.com
127.0.0.1 100inks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fp.info
127.0.0.1 www.123fp.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BC32B2D-93F4-45F4-B338-9BC59A6EB744} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {1F2D7BAE-62D4-4467-A97F-CD9E86C0B564} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5A12FF92-47F6-4821-8994-3BA951E02EAE} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {6783B02E-DD71-4B86-A575-A223A597D54C} - System32\Tasks\PileFile reminder => C:\Users\[USRNAME]\AppData\Local\Temp\Toolkit 1.4.1 activatorDownload_97B\Toolkit_1.4.1_activator_Downloader.exe <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {823195A7-BC99-48AC-95CB-DCF239D523C5} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9D21172B-C893-40F8-9D8B-074EE4FABE63} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A72F42AC-8001-444E-B085-E3628B2950A2} - System32\Tasks\Personal Backup Regular Backup Dell Inspiron 7537 => C:\Program Files (x86)\Personal Backup 5\Persbackup.exe [2014-01-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {A9B946C6-71F6-4504-A414-449D3B0347DF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {B9581729-F6B1-4275-8C1C-268275AF4E60} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {C4554E06-AEEA-46EC-9901-D80C6029E9E4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {C9B5B63A-552F-4001-830E-4ED48818ED98} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DBDB2B77-AD00-454E-8790-670C204607B9} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {DCE3D606-9E17-4E65-B72D-0EF3F4603DE5} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {DEF703BD-BC0D-4760-ADDA-5B131FF9ACE8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F120F970-68A1-423F-B516-6CD44ADCE2B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-10] (Adobe Systems Incorporated)
Task: {F7981C58-0D26-4D7A-8BE2-3F41CF867294} - System32\Tasks\PileFile logon => C:\Users\[USRNAME]\AppData\Local\Temp\Toolkit 1.4.1 activatorDownload_97B\Toolkit_1.4.1_activator_Downloader.exe <==== ATTENTION
Task: {FC6A8F9E-8444-48CC-90C5-F75FDE3B8788} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-05] (AVAST Software)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Personal Backup Regular Backup Dell Inspiron 7537.job => C:\Program Files (x86)\Personal Backup 5\Persbackup.exe
==================== Loaded Modules (whitelisted) =============
2013-10-07 16:54 - 2013-10-07 16:54 - 00218112 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2013-05-10 20:11 - 2013-05-10 20:11 - 00197096 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-05-10 20:11 - 2013-05-10 20:11 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-05-10 20:11 - 2013-05-10 20:11 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-03-03 22:49 - 2005-04-22 06:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2013-12-18 15:42 - 2013-12-18 15:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-10 14:04 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-19 11:12 - 2014-04-19 11:12 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041900\algo.dll
2014-04-21 17:10 - 2014-04-21 17:10 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14042100\algo.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-10-07 16:44 - 2013-10-07 16:44 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00628224 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2013-10-07 16:47 - 2013-10-07 16:47 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-04-10 19:04 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-11-12 11:04 - 2013-11-12 11:04 - 00110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-01-17 06:01 - 2013-06-01 14:31 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-01-27 21:45 - 2014-01-27 21:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-18 15:42 - 2013-12-18 15:42 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-03-25 22:35 - 2014-03-25 22:35 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-03-25 22:35 - 2014-03-25 22:35 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-03-25 22:35 - 2014-03-25 22:35 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-03-29 16:03 - 2014-03-29 16:03 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/21/2014 09:10:43 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (04/16/2014 04:29:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (04/11/2014 11:22:47 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 9.1.3.8, Zeitstempel: 0x533b9720
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xdad66f6a
ID des fehlerhaften Prozesses: 0xd20
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (04/11/2014 11:06:30 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 9.1.3.8, Zeitstempel: 0x533b9720
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xdad66f6a
ID des fehlerhaften Prozesses: 0x103c
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (04/11/2014 10:44:08 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 9.1.3.8, Zeitstempel: 0x533b9720
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xdad66f6a
ID des fehlerhaften Prozesses: 0xf68
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (04/11/2014 10:40:37 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DVDFab.exe, Version: 9.1.3.8, Zeitstempel: 0x533b9720
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xdad66f6a
ID des fehlerhaften Prozesses: 0xd94
Startzeit der fehlerhaften Anwendung: 0xDVDFab.exe0
Pfad der fehlerhaften Anwendung: DVDFab.exe1
Pfad des fehlerhaften Moduls: DVDFab.exe2
Berichtskennung: DVDFab.exe3
Vollständiger Name des fehlerhaften Pakets: DVDFab.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DVDFab.exe5
Error: (04/10/2014 02:31:44 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "IntelWLANEventProvider" wurde versucht, die Abfrage "select * from CIntelQosEvent" zu registrieren, deren Zielklasse "CIntelQosEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 02:31:44 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "IntelWLANEventProvider" wurde versucht, die Abfrage "select * from CIntelDot1xEvent" zu registrieren, deren Zielklasse "CIntelDot1xEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 02:31:44 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "IntelWLANEventProvider" wurde versucht, die Abfrage "select * from CIntelWLANEvent" zu registrieren, deren Zielklasse "CIntelWLANEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (04/10/2014 02:31:44 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "" wurde versucht, die Abfrage "select * from CIntelQosEvent" zu registrieren, deren Zielklasse "CIntelQosEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
System errors:
=============
Error: (04/21/2014 09:11:25 PM) (Source: DCOM) (User: R2D2)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/21/2014 09:10:54 PM) (Source: DCOM) (User: R2D2)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/21/2014 08:26:33 PM) (Source: DCOM) (User: R2D2)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/21/2014 08:26:03 PM) (Source: DCOM) (User: R2D2)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/20/2014 03:32:34 PM) (Source: DCOM) (User: R2D2)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/20/2014 03:32:04 PM) (Source: DCOM) (User: R2D2)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/20/2014 02:55:07 PM) (Source: DCOM) (User: R2D2)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (04/20/2014 02:54:37 PM) (Source: DCOM) (User: R2D2)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/19/2014 02:47:45 PM) (Source: DCOM) (User: R2D2)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/19/2014 02:47:15 PM) (Source: DCOM) (User: R2D2)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (04/21/2014 09:10:43 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*C:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dllC:\Program Files (x86)\Spybot - Search & Destroy\DelZip179.dll8
Error: (04/16/2014 04:29:17 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (04/11/2014 11:22:47 AM) (Source: Application Error)(User: )
Description: DVDFab.exe9.1.3.8533b9720unknown0.0.0.000000000c0000005dad66f6ad2001cf556799ece599C:\Program Files (x86)\DVDFab 9\DVDFab.exeunknownd7d50b2f-c15a-11e3-be86-fcf8ae80d062
Error: (04/11/2014 11:06:30 AM) (Source: Application Error)(User: )
Description: DVDFab.exe9.1.3.8533b9720unknown0.0.0.000000000c0000005dad66f6a103c01cf55655293ae0fC:\Program Files (x86)\DVDFab 9\DVDFab.exeunknown916a40eb-c158-11e3-be86-fcf8ae80d062
Error: (04/11/2014 10:44:08 AM) (Source: Application Error)(User: )
Description: DVDFab.exe9.1.3.8533b9720unknown0.0.0.000000000c0000005dad66f6af6801cf55623147df5bC:\Program Files (x86)\DVDFab 9\DVDFab.exeunknown71e5d533-c155-11e3-be85-fcf8ae80d062
Error: (04/11/2014 10:40:37 AM) (Source: Application Error)(User: )
Description: DVDFab.exe9.1.3.8533b9720unknown0.0.0.000000000c0000005dad66f6ad9401cf5561b4897365C:\Program Files (x86)\DVDFab 9\DVDFab.exeunknownf42aaee8-c154-11e3-be84-fcf8ae80d062
Error: (04/10/2014 02:31:44 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: IntelWLANEventProviderselect * from CIntelQosEventCIntelQosEvent//./ROOT/default
Error: (04/10/2014 02:31:44 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: IntelWLANEventProviderselect * from CIntelDot1xEventCIntelDot1xEvent//./ROOT/default
Error: (04/10/2014 02:31:44 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: IntelWLANEventProviderselect * from CIntelWLANEventCIntelWLANEvent//./ROOT/default
Error: (04/10/2014 02:31:44 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: select * from CIntelQosEventCIntelQosEvent//./ROOT/default
==================== Memory info ===========================
Percentage of memory in use: 27%
Total physical RAM: 8090.57 MB
Available physical RAM: 5847.3 MB
Total Pagefile: 9370.57 MB
Available Pagefile: 6961.95 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.72 GB) (Free:820.26 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 186B9C78)
Partition: GPT Partition Type.
==================== End Of Log ============================
M4tt0 |
|
24.04.2014, 11:54
| #5 |
| /// the machine /// TB-Ausbilder | Windows 8.1 mit Thunderbird (IMAP): Möglicherweise Emails manipuliert Hm, Rechner ist sauber. Spontan keine wirkliche Idee was das gewesen sein soll.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.04.2014, 18:37
| #6 |
| | Windows 8.1 mit Thunderbird (IMAP): Möglicherweise Emails manipuliert Hallo schrauber, na das sind ja erstmal gute Nachrichten! Dafuer schonmal ein dickes Dankeschoen. Folgendes habe ich zwischenzeitlich noch probiert: Ich hatte bei Thunderbird Zertifikat-Probleme. Die habe ich geloest. Das Email Problem besteht nachwievor. Und das Verrückte ist, dass ich die Mail wenn ich ueber mein Android Mobile per IMAP oder ueber das web.de Web-Interface direkt zugreife "korrekt" lesen kann. Nur beim IMAP Abruf ueber Thunderbird kommt die "falsche Version" an. Habe mir mal parallel die Quelltexte der Emails angeschaut (bei Thunderbird und ueber das Webinterface), aber in den Headern und im ersten Teil der Email keine Unterschiede feststellen koennen. Dann habe ich die IP Adresse hinter dem Received server gecheckt, um zu schauen ob da ein "man-in-the-middle" ist (vielleicht sehr naiv), aber die verweist anscheinend korrekt auf "mx1.germanwings.com". Die Whois Ripe Eintraege sehen ebenfalls sauber aus (Verweise auf Telekom AG, etc). Einen Unterschied zwischen den Quelltexten gibt es aber insofern, dass der Tunderbird Quelltext laenger ist, beginnend mit den Eintraegen... Code:
ATTFilter X-Antivirus: avast! (VPS 140424-0, 24.04.2014), Inbound message
X-Antivirus-Status: Clean
----boundary_12146_55c2cfbe-b091-4c4c-b743-c3e0b9572868
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: base64
U2VociBnZWVocnRlKHIpDQogICAgICAgSGVyciBNYXJ0aW4gV2FsdGVyLg0KDQoNCiAgICAg
ICAgSWhyZSBSZWdpc3RyaWVydW5nc2RhdGVuIHd1cmRlbiBlcmZvbGdyZWljaCBha3R1YWxp
c2llcnQuDQogICAgICAgIFVudGVuIHdpcmQgbnVuIElociBNaXRnbGllZHNwcm9maWwgYW5n
Etc. pp
Code:
ATTFilter ----boundary_12146_55c2cfbe-b091-4c4c-b743-c3e0b9572868
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
PGh0bWwgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIj4NCiAg
PGhlYWQ+DQogICAgPE1FVEEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0
ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTE2Ij4NCiAgICA8dGl0bGU+DQogICAgICAgICAgR2Vy
Etc. pp
Code:
ATTFilter ----boundary_12146_55c2cfbe-b091-4c4c-b743-c3e0b9572868--
Auch wuesste ich nicht, warum Thunderbird dann die richtigen "Kriterien" nicht erfüllen sollte (SSL/TSL ist aktiviert, die Avast Zertifikate sind nun korrekt als Zertifizierungsstelle importiert, alle Ausnahmeregeln geloescht)... Hmmm... Erneut vielen Dank fuer Deine Hilfe und beste Grüße, M4tt0 Hallo schrauber, ich glaube ich habe das Problem gefunden. Hier fuer Dich und vielleicht auch andere, die das gleiche Problem haben. Per Internet Searches habe ich naemlich nichts dazu gefunden... Wie in meinem letzten Post beschrieben, besteht der Thunderbird Quelltext aus mehreren boundary Bloecken. Diese Bloecke (siehe auch MIME) entsprechen verschiedenen Anzeige-Formaten (sind nach Content-Type spezifiziert, z.B. plain text, html, etc.). Ich bin dann bei Thunderbird schlichtweg auf "Ansicht" -> "Nachrichteninhalt" gegangen. Dort hat man 3 Optionen: "Original HTML", "Vereinfachtes HTML" und "Reiner Text". Bei mir war KEINE der Optionen aktiviert. Wenn ich auf "Reiner Text" gehe, wird die "falsche" Email angezeigt (ist wohl auch Anzeigen-Default), bei beiden HTML Optionen allerdings die "richtige", die ich auch ueber das Web-Interface und mein Android-Handy gesehen habe. Sprich, die Email ist tatsaechlich die gleiche, aber scheint im Quelltext schlicht inkonsistent aufgebaut zu sein. Also ein Problem bei Germanwings. Kann mich irren, aber das sieht für mich jetzt nicht mehr nach Sicherheitslücke aus, was sich mit Deiner Log Analyse decken würde. Macht das Sinn für Dich? Beste Grüße, M4tt0 |
|
25.04.2014, 18:40
| #7 |
| /// the machine /// TB-Ausbilder | Windows 8.1 mit Thunderbird (IMAP): Möglicherweise Emails manipuliert Klingt plausibel 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8.1 mit Thunderbird (IMAP): Möglicherweise Emails manipuliert |
| .dll, autostart, avast, dllhost.exe, email, email hack, explorer.exe, file, harddisk, internet, internet explorer, microsoft, nicht sichtbar, nvidia, passwort, problem, prozess, realtek, rundll, rundll32.exe, scan, schutz, smartphone, software, svchost.exe, system, system32, thunderbird, windows, windows 8.1, winlogon.exe |
Linear-Darstellung
