Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Phishinganruf und Computerübernahme

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.01.2015, 17:32   #1
Digi
 
Phishinganruf und Computerübernahme - Icon27

Phishinganruf und Computerübernahme



Hallo miteinander,
einen Tag vor Weihnachten erhielt meine Familie einen Anruf. Der angebliche Mitarbeiter von Microsoft teilte uns auf Englisch mit, dass der Computer von Hackern für Angriffe genutzt wird. Nachdem er den Korrekten Windows-Code nannte hatte er somit ein gewisses Vertrauen gewonnen (ja, wir wissen jetzt, dass es ziemlich dumm war). Über Teamviewer bekam er Zugriff zum Laptop. Was er nun wollte war, dass wir per Kreditkarte ein Sicherheitspaket für bis zu 5 Computer und auf Lebenszeit für 25,- Euro verkaufen. Da keine Kreditkarte vorhanden war, wollte er eine Überweisung über Western Union. Damit es nicht zu teuer wird sollten wir das Geld auf den Namen John Smith mit der Angabe "Persönliche Gründe" vorschlagen. Hier brachen wir ab, legten das Telefon auf und kappten die Internetverbindung. Sofort wählten wir die Servicenummer von Microsoft. Der Mitarbeiter teilte uns mit, dass wir einerseits dem Betrüfer weit gefolgt sind, andererseits vermutlich mit einem blauen Auge davon gekommen sind, da wir noch keine Online-Banking-Daten angeben haben.

Nachdem nun eine Anzeige bei der Polizei aufgegeben, alle Passwörter über einen anderen Computer geändert und der Laptop mit einem Recovery-Programm fürs erste neu Aufgespielt wurde, haben wir trotzdem Angst, dass noch etwas zurückgeblieben sein könnte bzw. von dem Betrüger aufgespielt wurde.

Ist das Aufspielen mit einem Recoveryprogramm wirklich sicher? Anders als bei einer richtigen Formatierung, wie bei einem PC, haben wir trotzdem Zweifel. Wir hoffen, jemand hat einen Tipp, wie wir die letzten Zweifel ausräumen können.

Zur Information: es handelt sich um ein Toshiba Satellite C855-21V mit Windows 8.1 64bit

Alt 02.01.2015, 17:46   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Phishinganruf und Computerübernahme - Standard

Phishinganruf und Computerübernahme



hi,

Recovery und Zurücksetzen ist eigentlich wie Formatieren. Sollte passen, wir schauen aber mal genau:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 02.01.2015, 18:28   #3
Digi
 
Phishinganruf und Computerübernahme - Standard

Phishinganruf und Computerübernahme



Hallo und Danke für die schnelle Antwort.

FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-01-2015
Ran by Carsten (administrator) on FAMILIEN-LAPTOP on 02-01-2015 19:14:15
Running from E:\
Loaded Profile: Carsten (Available profiles: Carsten)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-08-01] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6884352 2012-08-23] (Pegatron Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2682987213-1263350576-3446379092-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2682987213-1263350576-3446379092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKU\S-1-5-21-2682987213-1263350576-3446379092-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-2682987213-1263350576-3446379092-1001 -> DefaultScope {0D1985C4-6F27-4CAC-8B2F-FBC545D1B493} URL = 
SearchScopes: HKU\S-1-5-21-2682987213-1263350576-3446379092-1001 -> {0D1985C4-6F27-4CAC-8B2F-FBC545D1B493} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2682987213-1263350576-3446379092-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2015-01-02]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-01-01]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-01-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-12-09] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-31] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-31] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20150101.001\IDSvia64.sys [637656 2014-12-31] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150101.035\ENG64.SYS [129752 2014-12-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150101.035\EX64.SYS [2137304 2014-12-31] (Symantec Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwNe64.sys [11400192 2012-06-02] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1496720 2012-08-13] (Realtek Semiconductor Corporation                           )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1496720 2012-08-13] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-14] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-31] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 19:14 - 2015-01-02 19:14 - 00000000 ____D () C:\FRST
2015-01-02 19:13 - 2015-01-02 19:13 - 00000797 _____ () C:\WINDOWS\setupact.log
2015-01-02 19:13 - 2015-01-02 19:13 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-02 19:11 - 2015-01-02 19:11 - 00000117 _____ () C:\WINDOWS\system32\netcfg-61484.txt
2015-01-02 19:10 - 2015-01-02 19:10 - 00281784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-02 19:09 - 2015-01-02 19:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-318859.txt
2015-01-02 19:07 - 2015-01-02 19:07 - 00000136 _____ () C:\WINDOWS\system32\netcfg-198437.txt
2015-01-02 19:07 - 2015-01-02 19:07 - 00000134 _____ () C:\WINDOWS\system32\netcfg-198203.txt
2015-01-02 19:07 - 2015-01-02 19:07 - 00000134 _____ () C:\WINDOWS\system32\netcfg-188078.txt
2015-01-02 19:06 - 2015-01-02 19:06 - 00000117 _____ () C:\WINDOWS\system32\netcfg-99828.txt
2015-01-02 19:05 - 2015-01-02 19:05 - 00001976 _____ () C:\WINDOWS\PFRO.log
2015-01-02 18:00 - 2015-01-02 18:00 - 00000117 _____ () C:\WINDOWS\system32\netcfg-248579000.txt
2015-01-02 17:37 - 2015-01-02 17:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-02 17:37 - 2014-11-27 16:40 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-02 15:58 - 2012-10-06 05:53 - 02893824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-01-02 15:58 - 2012-10-06 05:15 - 02400256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-01-02 15:54 - 2015-01-02 15:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-240984953.txt
2015-01-02 15:54 - 2015-01-02 15:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-240984468.txt
2015-01-01 19:53 - 2015-01-01 19:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168971750.txt
2015-01-01 19:53 - 2015-01-01 19:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168968812.txt
2015-01-01 19:53 - 2015-01-01 19:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168968609.txt
2015-01-01 19:53 - 2015-01-01 19:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168967875.txt
2015-01-01 19:52 - 2015-01-01 19:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168926359.txt
2015-01-01 19:52 - 2015-01-01 19:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168926296.txt
2015-01-01 19:52 - 2015-01-01 19:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168923109.txt
2015-01-01 19:52 - 2015-01-01 19:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168922187.txt
2015-01-01 19:41 - 2015-01-01 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168253453.txt
2015-01-01 19:41 - 2015-01-01 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168250375.txt
2015-01-01 19:41 - 2015-01-01 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168250265.txt
2015-01-01 19:41 - 2015-01-01 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168249500.txt
2015-01-01 19:38 - 2015-01-01 19:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168059000.txt
2015-01-01 19:38 - 2015-01-01 19:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168058500.txt
2015-01-01 12:08 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-01-01 12:08 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-01-01 10:25 - 2015-01-01 10:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-134879609.txt
2015-01-01 10:25 - 2015-01-01 10:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-134878109.txt
2015-01-01 09:12 - 2015-01-01 09:12 - 00000117 _____ () C:\WINDOWS\system32\netcfg-130529703.txt
2015-01-01 09:12 - 2015-01-01 09:12 - 00000117 _____ () C:\WINDOWS\system32\netcfg-130529640.txt
2015-01-01 03:10 - 2015-01-01 03:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108781218.txt
2015-01-01 03:10 - 2015-01-01 03:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108779578.txt
2015-01-01 03:08 - 2015-01-01 03:08 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108650796.txt
2015-01-01 03:08 - 2015-01-01 03:08 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108648875.txt
2015-01-01 03:02 - 2015-01-01 03:02 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108292703.txt
2015-01-01 03:02 - 2015-01-01 03:02 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108292062.txt
2015-01-01 02:55 - 2015-01-01 02:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-107873609.txt
2015-01-01 02:55 - 2015-01-01 02:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-107870812.txt
2014-12-31 18:01 - 2014-12-31 18:01 - 00000117 _____ () C:\WINDOWS\system32\netcfg-75877828.txt
2014-12-31 18:01 - 2014-12-31 18:01 - 00000117 _____ () C:\WINDOWS\system32\netcfg-75875718.txt
2014-12-31 18:00 - 2014-11-21 09:38 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-31 18:00 - 2014-11-21 09:37 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-31 18:00 - 2014-11-21 09:37 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-12-31 18:00 - 2014-11-21 09:37 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-12-31 18:00 - 2014-11-21 09:36 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-12-31 18:00 - 2014-11-21 09:36 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-12-31 18:00 - 2014-11-21 09:36 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-12-31 18:00 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-31 18:00 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-31 18:00 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-12-31 18:00 - 2014-11-21 08:17 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-12-31 18:00 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-31 18:00 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-31 18:00 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-31 18:00 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-31 18:00 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-12-31 18:00 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-12-31 18:00 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-12-31 18:00 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-12-31 18:00 - 2014-11-21 08:00 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-12-31 18:00 - 2014-11-21 05:30 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-12-31 17:59 - 2014-11-21 09:38 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 19283456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 15400960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-31 17:59 - 2014-11-21 09:36 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-12-31 17:59 - 2014-11-21 09:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-31 17:59 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-31 17:59 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-31 17:59 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-31 17:59 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-31 17:59 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-31 17:59 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-31 17:59 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-12-31 17:59 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-12-31 14:46 - 2014-12-31 14:46 - 00000000 ____D () C:\Users\Carsten\Documents\Amazon MP3
2014-12-31 14:42 - 2014-12-31 14:42 - 00000000 ____D () C:\Users\Carsten\Documents\WIN 8 Videokurs
2014-12-31 14:41 - 2014-12-31 14:42 - 00000000 ____D () C:\Users\Carsten\Documents\von vater
2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\Vereinsdruckerei 11.9.09
2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\TV Senderliste
2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\THW Simulator
2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\SelfMV
2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\samsung
2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\PcSetup
2014-12-31 14:33 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\Luca Schule
2014-12-31 14:33 - 2014-12-31 14:33 - 00000000 ____D () C:\Users\Carsten\Documents\Freemake
2014-12-31 14:32 - 2014-12-31 14:33 - 00000000 ____D () C:\Users\Carsten\Documents\FormatFactory
2014-12-31 14:27 - 2014-12-31 14:32 - 00000000 ____D () C:\Users\Carsten\Documents\FFOutput
2014-12-31 14:27 - 2014-12-31 14:27 - 00000000 ____D () C:\Users\Carsten\Documents\Fax
2014-12-31 14:27 - 2014-12-31 14:27 - 00000000 ____D () C:\Users\Carsten\Documents\DVDFab
2014-12-31 14:27 - 2014-12-31 14:27 - 00000000 ____D () C:\Users\Carsten\Documents\Bewerbung CS
2014-12-31 14:27 - 2014-12-31 14:27 - 00000000 ____D () C:\Users\Carsten\Documents\AnyDVD 5.3.2.1
2014-12-31 14:26 - 2014-12-31 14:27 - 00000000 ____D () C:\Users\Carsten\Downloads\Programme
2014-12-31 14:26 - 2014-12-31 14:26 - 00000000 ____D () C:\Users\Carsten\Downloads\spiele
2014-12-31 14:26 - 2014-12-31 14:26 - 00000000 ____D () C:\Users\Carsten\Downloads\geocache
2014-12-31 14:26 - 2014-12-31 14:26 - 00000000 ____D () C:\Users\Carsten\Downloads\Email anhänge
2014-12-31 14:26 - 2014-12-31 14:26 - 00000000 ____D () C:\Users\Carsten\Downloads\Drachenritter
2014-12-31 14:26 - 2014-10-04 20:44 - 06704778 _____ () C:\Users\Carsten\Downloads\Samsung_ChannelListPCEditor_1.10.zip
2014-12-31 14:26 - 2014-09-11 21:31 - 191136136 _____ (Symantec Corporation) C:\Users\Carsten\Downloads\norton_360_setup.exe
2014-12-31 14:26 - 2014-05-16 18:01 - 21987152 _____ (Mozilla) C:\Users\Carsten\Downloads\Thunderbird_Setup_24.5.0.exe
2014-12-31 14:26 - 2013-08-25 10:10 - 00007824 _____ () C:\Users\Carsten\Downloads\Von Wö. zum Steinkopf.kml
2014-12-31 14:26 - 2013-08-25 10:08 - 00021047 _____ () C:\Users\Carsten\Downloads\Von Wö. zum Steinkopf.gpx
2014-12-31 14:26 - 2013-06-16 10:06 - 00048964 _____ () C:\Users\Carsten\Downloads\Wöll Flor Fried Wöll.gpx
2014-12-31 14:14 - 2014-12-31 14:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-62262546.txt
2014-12-31 14:14 - 2014-12-31 14:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-62255875.txt
2014-12-31 14:11 - 2014-12-31 14:11 - 00000117 _____ () C:\WINDOWS\system32\netcfg-62042953.txt
2014-12-31 14:11 - 2014-12-31 14:11 - 00000117 _____ () C:\WINDOWS\system32\netcfg-62042187.txt
2014-12-31 08:05 - 2014-05-15 02:02 - 00059424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-12-31 08:05 - 2014-05-14 23:43 - 03286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-12-31 08:05 - 2014-05-14 23:43 - 01623040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-12-31 08:05 - 2014-05-14 23:43 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-12-31 08:05 - 2014-05-14 23:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-12-31 08:05 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-12-31 08:05 - 2012-11-06 05:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-12-31 08:05 - 2012-11-06 05:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wushareduxresources.dll
2014-12-31 08:02 - 2012-12-13 05:00 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2014-12-31 08:02 - 2012-12-13 04:59 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2014-12-31 07:57 - 2014-05-29 23:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-12-31 07:57 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-12-31 07:57 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-12-31 07:57 - 2013-07-02 02:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-12-31 07:57 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-12-31 07:57 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-12-31 07:57 - 2013-05-04 07:59 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-12-31 07:57 - 2013-05-04 05:57 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-12-31 07:57 - 2013-04-27 06:20 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-12-31 07:54 - 2014-12-31 07:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10589062.txt
2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10585390.txt
2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10580421.txt
2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10563812.txt
2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10558609.txt
2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10537609.txt
2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10529562.txt
2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10528796.txt
2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10522984.txt
2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10519859.txt
2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10519765.txt
2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10519703.txt
2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10519234.txt
2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10513859.txt
2014-12-31 07:49 - 2014-06-06 15:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-12-31 07:49 - 2014-06-06 11:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-12-31 07:49 - 2014-06-05 18:56 - 00112984 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-12-31 07:49 - 2014-06-05 18:30 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-12-31 07:49 - 2014-06-05 18:29 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-12-31 07:49 - 2014-06-05 18:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-12-31 07:49 - 2014-06-05 18:28 - 02306560 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-12-31 07:49 - 2014-06-05 18:28 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-12-31 07:49 - 2014-06-05 14:12 - 08857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-12-31 07:49 - 2014-06-05 14:11 - 02416128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-12-31 07:49 - 2014-06-05 14:11 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-12-31 07:49 - 2014-06-05 14:10 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-12-31 07:49 - 2014-06-05 14:10 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-12-31 07:49 - 2013-03-06 07:29 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-12-31 07:49 - 2013-03-02 11:39 - 00069864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-31 07:47 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-12-31 07:47 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-12-31 07:47 - 2014-04-03 12:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-12-31 07:47 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2014-12-31 07:47 - 2013-04-11 07:40 - 06987528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-12-31 07:47 - 2013-03-02 10:59 - 00411880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-12-31 07:47 - 2013-01-29 02:57 - 00035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-12-31 07:47 - 2013-01-29 00:08 - 00230904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-12-31 07:47 - 2012-11-10 05:23 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-31 07:47 - 2012-11-10 05:23 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-31 07:47 - 2012-11-10 05:22 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDWebAI.dll
2014-12-31 07:47 - 2012-11-10 05:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmHostAI.dll
2014-12-31 07:47 - 2012-11-10 05:20 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appserverai.dll
2014-12-31 07:47 - 2012-11-01 05:41 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-12-31 07:47 - 2012-11-01 05:40 - 02361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-12-31 07:47 - 2012-11-01 05:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2014-12-31 07:47 - 2012-11-01 05:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2014-12-31 07:47 - 2012-11-01 05:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2014-12-31 07:47 - 2012-11-01 05:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2014-12-31 07:44 - 2014-11-08 12:22 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-12-31 07:44 - 2014-11-08 12:21 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-12-31 07:44 - 2014-11-08 07:57 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-12-31 07:44 - 2014-11-08 07:56 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-12-31 07:44 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-12-31 07:44 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-12-31 07:44 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-12-31 07:44 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-12-31 07:44 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-12-31 07:44 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-12-31 07:44 - 2014-06-20 00:35 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-12-31 07:44 - 2014-06-19 23:24 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-12-31 07:44 - 2014-05-30 00:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-12-31 07:44 - 2014-04-12 10:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-12-31 07:44 - 2014-04-12 10:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-12-31 07:44 - 2014-04-12 10:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2014-12-31 07:44 - 2014-04-12 10:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2014-12-31 07:44 - 2014-04-12 10:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2014-12-31 07:44 - 2014-04-12 10:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-12-31 07:44 - 2014-04-12 08:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-12-31 07:44 - 2014-04-12 08:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2014-12-31 07:44 - 2014-04-12 08:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2014-12-31 07:44 - 2014-04-12 08:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2014-12-31 07:44 - 2014-04-12 08:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2014-12-31 07:44 - 2014-04-12 07:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-12-31 07:44 - 2014-03-04 00:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-12-31 07:41 - 2014-12-31 07:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9842703.txt
2014-12-31 07:41 - 2014-12-31 07:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9817015.txt
2014-12-31 07:41 - 2014-12-31 07:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9806312.txt
2014-12-31 07:41 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-12-31 07:41 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-12-31 07:41 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-12-31 07:41 - 2012-10-11 06:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2014-12-31 07:41 - 2012-10-11 06:19 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2014-12-31 07:41 - 2012-10-11 06:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2014-12-31 07:40 - 2014-12-31 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9761750.txt
2014-12-31 07:34 - 2014-12-31 07:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9437312.txt
2014-12-31 07:34 - 2014-12-31 07:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9430281.txt
2014-12-31 07:33 - 2014-12-31 07:34 - 00001131 _____ () C:\WINDOWS\system32\netcfg-9379968.txt
2014-12-31 06:46 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-12-31 06:46 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-12-31 06:46 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-12-31 06:46 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-12-31 06:46 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-12-31 06:46 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-12-31 06:46 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-12-31 06:41 - 2014-10-30 08:20 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-31 06:41 - 2014-10-30 06:22 - 01569792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-31 06:09 - 2014-12-31 06:09 - 00002776 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-12-31 06:09 - 2014-12-31 06:09 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-31 06:09 - 2014-12-31 06:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-31 06:09 - 2014-12-31 06:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-31 06:08 - 2014-12-31 06:08 - 04188536 _____ (Piriform Ltd) C:\Users\Carsten\Downloads\ccsetup501_slim.exe
2014-12-31 05:38 - 2014-12-31 05:38 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Macromedia
2014-12-31 05:02 - 2014-12-31 05:02 - 00000117 _____ () C:\WINDOWS\system32\netcfg-308828.txt
2014-12-31 04:58 - 2014-12-31 04:58 - 00000117 _____ () C:\WINDOWS\system32\netcfg-79406.txt
2014-12-31 04:22 - 2014-12-31 04:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10969078.txt
2014-12-31 03:55 - 2014-12-31 03:55 - 00000000 ____D () C:\sources
2014-12-31 03:46 - 2014-12-31 03:46 - 00000131 _____ () C:\WINDOWS\system32\netcfg-8834781.txt
2014-12-31 02:55 - 2014-12-31 02:55 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-12-31 02:54 - 2014-12-31 02:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-5711375.txt
2014-12-31 02:54 - 2014-12-31 02:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-5711281.txt
2014-12-31 02:54 - 2014-12-31 02:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-5707203.txt
2014-12-31 02:48 - 2015-01-02 19:06 - 00003206 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-12-31 02:48 - 2015-01-02 19:06 - 00002330 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-12-31 02:48 - 2014-12-31 02:48 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-12-31 02:48 - 2014-12-31 02:48 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-12-31 02:48 - 2014-12-31 02:48 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-12-31 02:46 - 2015-01-02 19:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-12-31 02:46 - 2015-01-02 19:06 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-12-31 02:46 - 2014-12-31 02:49 - 00000000 ____D () C:\ProgramData\Norton
2014-12-31 02:46 - 2014-12-31 02:46 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-12-31 01:32 - 2015-01-02 19:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-31 01:32 - 2014-12-31 01:32 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-31 01:32 - 2014-12-31 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-31 01:32 - 2014-12-31 01:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-31 01:32 - 2014-12-31 01:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-31 01:32 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-31 01:32 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-31 01:32 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-31 01:31 - 2014-12-31 07:24 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2682987213-1263350576-3446379092-1001
2014-12-31 01:27 - 2014-12-31 01:27 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Toshiba
2014-12-31 01:26 - 2014-12-31 07:48 - 00000000 ____D () C:\Users\Carsten\AppData\Local\TOSHIBA
2014-12-31 01:26 - 2014-12-31 01:26 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-12-31 01:26 - 2014-12-31 01:26 - 00000000 ____D () C:\Users\Carsten\AppData\Local\SRS Labs
2014-12-31 01:25 - 2014-12-31 01:25 - 00001453 _____ () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-31 01:25 - 2014-12-31 01:25 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Adobe
2014-12-31 01:22 - 2015-01-01 02:58 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Packages
2014-12-31 01:22 - 2014-12-31 01:22 - 00000000 ____D () C:\Users\Carsten\AppData\Local\VirtualStore
2014-12-31 01:21 - 2014-12-31 01:21 - 00000020 ___SH () C:\Users\Carsten\ntuser.ini
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Vorlagen
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Startmenü
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Netzwerkumgebung
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Lokale Einstellungen
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Eigene Dateien
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Druckumgebung
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Documents\Eigene Musik
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Documents\Eigene Bilder
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\AppData\Local\Verlauf
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\AppData\Local\Anwendungsdaten
2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Anwendungsdaten
2014-12-31 01:21 - 2014-12-31 00:58 - 00000000 ____D () C:\Users\Carsten
2014-12-31 01:21 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-31 01:21 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-31 01:21 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-31 01:21 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-31 01:19 - 2015-01-02 17:44 - 01906754 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-31 01:15 - 2014-12-31 01:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6382703.txt
2014-12-31 00:57 - 2012-10-24 04:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-12-31 00:57 - 2012-10-24 03:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-12-31 00:55 - 2014-11-06 07:50 - 01627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-31 00:55 - 2014-11-06 06:03 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-31 00:55 - 2013-03-02 09:23 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-12-31 00:55 - 2013-03-02 03:44 - 01011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-12-31 00:55 - 2012-12-15 05:55 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-12-31 00:55 - 2012-11-03 06:26 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysreset.exe
2014-12-31 00:55 - 2012-11-03 06:25 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\resetengmig.dll
2014-12-31 00:53 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2014-12-31 00:53 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2014-12-31 00:53 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2014-12-31 00:53 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2014-12-31 00:53 - 2012-11-08 05:24 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2014-12-31 00:53 - 2012-11-08 05:24 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2014-12-31 00:53 - 2012-11-08 05:20 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2014-12-31 00:53 - 2012-11-08 05:20 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2014-12-31 00:53 - 2012-11-08 05:02 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2014-12-31 00:53 - 2012-11-08 05:01 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2014-12-31 00:52 - 2013-03-02 09:22 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-12-31 00:52 - 2013-03-02 03:44 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-12-31 00:52 - 2013-02-02 11:54 - 01933544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-12-31 00:52 - 2013-02-02 11:28 - 00993512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-12-31 00:52 - 2013-02-02 09:40 - 10792448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-12-31 00:52 - 2013-02-02 09:39 - 05090816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-12-31 00:52 - 2013-02-02 09:39 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-12-31 00:52 - 2013-02-02 09:38 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2014-12-31 00:52 - 2013-02-02 09:23 - 13643264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-12-31 00:52 - 2013-02-02 09:23 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlroamextension.dll
2014-12-31 00:52 - 2013-02-02 09:23 - 00475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2014-12-31 00:52 - 2013-02-02 09:22 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-12-31 00:52 - 2013-02-02 09:21 - 05977600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-12-31 00:52 - 2013-02-02 09:21 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2014-12-31 00:52 - 2013-02-02 09:21 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2014-12-31 00:52 - 2013-02-02 09:20 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2014-12-31 00:51 - 2013-02-05 23:31 - 00622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-12-31 00:51 - 2013-02-05 23:29 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-12-31 00:51 - 2013-02-05 23:28 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-12-31 00:51 - 2013-02-05 23:28 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-12-31 00:51 - 2013-02-02 12:19 - 00329960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-12-31 00:51 - 2013-02-02 12:19 - 00061672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2014-12-31 00:51 - 2013-02-02 09:40 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlroamextension.dll
2014-12-31 00:51 - 2013-02-02 09:40 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2014-12-31 00:51 - 2013-02-02 09:40 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-12-31 00:51 - 2013-02-02 09:40 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-12-31 00:51 - 2013-02-02 09:40 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsRasterService.dll
2014-12-31 00:51 - 2013-02-02 09:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tasklist.exe
2014-12-31 00:51 - 2013-02-02 09:40 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskkill.exe
2014-12-31 00:51 - 2013-02-02 09:39 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2014-12-31 00:51 - 2013-02-02 09:39 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2014-12-31 00:51 - 2013-02-02 09:39 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2014-12-31 00:51 - 2013-02-02 09:39 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2014-12-31 00:51 - 2013-02-02 09:39 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2014-12-31 00:51 - 2013-02-02 09:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2014-12-31 00:51 - 2013-02-02 09:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskkill.exe
2014-12-31 00:51 - 2013-02-02 09:24 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\tasklist.exe
2014-12-31 00:51 - 2013-02-02 09:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2014-12-31 00:51 - 2013-02-02 09:23 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-12-31 00:51 - 2013-02-02 09:23 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsRasterService.dll
2014-12-31 00:51 - 2013-02-02 09:23 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-12-31 00:51 - 2013-02-02 09:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-12-31 00:51 - 2013-02-02 09:22 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-12-31 00:51 - 2013-02-02 09:21 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2014-12-31 00:51 - 2013-02-02 09:20 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hotspotauth.dll
2014-12-31 00:51 - 2013-02-02 08:25 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-12-31 00:51 - 2013-02-02 08:25 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-12-31 00:51 - 2013-02-02 08:25 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2014-12-31 00:51 - 2013-02-02 06:41 - 01437184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-12-31 00:51 - 2013-02-02 06:31 - 01690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-12-31 00:51 - 2012-11-27 04:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-12-31 00:51 - 2012-11-27 04:55 - 00029952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthhfHid.sys
2014-12-31 00:51 - 2012-11-20 05:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidi2c.sys
2014-12-31 00:51 - 2012-09-20 07:32 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2014-12-31 00:51 - 2012-09-20 07:32 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2014-12-31 00:49 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-12-31 00:49 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-12-31 00:48 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-12-31 00:48 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-12-31 00:48 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-12-31 00:48 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-12-31 00:48 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-12-31 00:48 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-12-31 00:48 - 2012-11-20 05:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2014-12-31 00:46 - 2014-08-23 07:47 - 04036096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-12-31 00:46 - 2014-07-16 00:03 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-12-31 00:46 - 2014-07-12 03:36 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-12-31 00:44 - 2013-02-12 01:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2014-12-31 00:38 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-12-31 00:38 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-12-31 00:37 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-12-31 00:37 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-12-31 00:37 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-12-31 00:37 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-12-31 00:37 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-12-31 00:37 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-12-31 00:37 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-12-31 00:37 - 2013-03-15 01:17 - 00861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-12-31 00:37 - 2012-11-03 06:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2014-12-31 00:37 - 2012-11-03 06:26 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2014-12-31 00:37 - 2012-11-03 06:24 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2014-12-31 00:37 - 2012-11-03 06:24 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2014-12-31 00:37 - 2012-11-03 06:24 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2014-12-31 00:37 - 2012-11-03 06:24 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2014-12-31 00:37 - 2012-11-03 06:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2014-12-31 00:37 - 2012-11-03 06:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2014-12-31 00:37 - 2012-11-03 06:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2014-12-31 00:37 - 2012-11-03 06:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2014-12-31 00:37 - 2012-11-03 06:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2014-12-31 00:37 - 2012-11-03 06:04 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2014-12-31 00:37 - 2012-11-03 06:00 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2014-12-31 00:37 - 2012-11-03 06:00 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2014-12-31 00:36 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-12-31 00:36 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-12-31 00:36 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-12-31 00:36 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-12-31 00:36 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-12-31 00:36 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-12-31 00:36 - 2012-10-24 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2014-12-31 00:36 - 2012-10-24 04:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2014-12-31 00:36 - 2012-10-24 04:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2014-12-31 00:36 - 2012-10-24 04:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2014-12-31 00:31 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-12-31 00:31 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-12-31 00:31 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2014-12-31 00:31 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2014-12-30 15:28 - 2014-12-30 15:28 - 00000000 _____ () C:\Recovery.txt
2014-12-22 19:14 - 2014-12-22 19:15 - 00000434 _____ () C:\Users\Carsten\Documents\Email adr.Silke.ldif
2014-12-22 19:09 - 2014-12-22 19:09 - 00010051 _____ () C:\Users\Carsten\Documents\Email adr.Casi.ldif

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 19:12 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-02 19:10 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-01-02 19:10 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-02 19:09 - 2012-07-26 06:37 - 00000000 ____D () C:\WINDOWS\servicing
2015-01-02 19:09 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-02 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-02 17:54 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-02 17:54 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-02 17:54 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-02 17:54 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-02 17:53 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-02 17:52 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore
2015-01-02 17:52 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-02 17:52 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-02 17:52 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-02 17:51 - 2012-08-01 17:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-01-02 17:51 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-02 17:51 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-01-02 17:51 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-01-02 17:51 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-01-02 17:51 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-01-02 17:51 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-01-02 17:51 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-01-02 17:51 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-01-02 17:47 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-01-02 17:47 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-01-02 17:47 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-01-02 17:47 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-01-02 17:46 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-01-02 17:46 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-01-02 17:46 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-01-02 17:40 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-02 17:37 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-01 03:03 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-31 14:28 - 2012-08-01 17:38 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-31 14:28 - 2012-08-01 17:38 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-31 14:28 - 2012-07-26 08:28 - 02679026 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-31 06:10 - 2012-09-11 23:35 - 00000000 ____D () C:\WINDOWS\Panther
2014-12-31 05:03 - 2012-09-10 22:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Toshiba
2014-12-31 03:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-12-31 02:23 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-12-31 01:28 - 2012-09-10 22:03 - 00000000 ____D () C:\ProgramData\Toshiba
2014-12-30 15:28 - 2013-11-05 01:12 - 00000000 __SHD () C:\Recovery
2014-12-30 15:28 - 2012-07-26 09:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2012-09-11 06:42

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-01-2015
Ran by Carsten at 2015-01-02 19:15:41
Running from E:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Online (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33268) (Version: 3.6.1.33268.15 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6687 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.3 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.910 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.1 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.13000 - Nero AG) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.37 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2682987213-1263350576-3446379092-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)

==================== Restore Points  =========================

31-12-2014 02:23:03 Sprachpaketdeinstallation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05814412-4BAB-4201-BD81-5AEE7ACB2FBE} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {0CD45EEE-BA60-402C-83D0-7AE300826A81} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-08-14] (Toshiba Europe GmbH)
Task: {5A5B42BA-E81C-468D-A3B0-D066417EEA41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {6C901059-BE89-43D9-8296-94C91F3E0AA3} - System32\Tasks\Microsoft\WINRE\WinRE-Repair => C:\windows\System32\reagentc.exe [2012-10-24] (Microsoft Corporation)
Task: {8DD4A64A-325E-4924-8372-84B4B8F118E0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-27] (Microsoft Corporation)
Task: {D9323DFD-BCE2-4EBF-A46E-84EC04D7EDED} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {DF6A9494-79E9-439B-8243-B971819B59FA} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)

==================== Loaded Modules (whitelisted) =============

2011-10-13 22:38 - 2011-10-13 22:38 - 00156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2012-08-06 05:36 - 2012-08-06 05:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-14 03:13 - 2012-08-14 03:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-07-31 08:11 - 2012-07-31 08:11 - 00024576 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\de\TosDILangPack.resources.dll
2012-10-31 08:50 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2682987213-1263350576-3446379092-500 - Administrator - Disabled)
Carsten (S-1-5-21-2682987213-1263350576-3446379092-1001 - Administrator - Enabled) => C:\Users\Carsten
Gast (S-1-5-21-2682987213-1263350576-3446379092-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/02/2015 04:53:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: N360.exe, Version: 12.10.0.42, Zeitstempel: 0x5202e8a2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16384, Zeitstempel: 0x5010ae7a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00053541
ID des fehlerhaften Prozesses: 0x7ec
Startzeit der fehlerhaften Anwendung: 0xN360.exe0
Pfad der fehlerhaften Anwendung: N360.exe1
Pfad des fehlerhaften Moduls: N360.exe2
Berichtskennung: N360.exe3
Vollständiger Name des fehlerhaften Pakets: N360.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: N360.exe5

Error: (01/02/2015 04:51:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.

Error: (01/02/2015 04:38:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bc0

Startzeit: 01d0269c13be1e3d

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\wwahost.exe

Berichts-ID: 5d209878-9295-11e4-be76-7054d211700d

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.WindowsLive.Mail

Error: (01/02/2015 04:38:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: FAMILIEN-LAPTOP)
Description: Das Paket „microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (12/31/2014 03:57:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1314

Startzeit: 01d02509ace8967a

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\wwahost.exe

Berichts-ID: 5e0b6001-90fd-11e4-be76-7054d211700d

Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic

Error: (12/31/2014 03:57:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FAMILIEN-LAPTOP)
Description: Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/31/2014 03:57:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1314

Startzeit: 01d02509ace8967a

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\wwahost.exe

Berichts-ID: 3020cb29-90fd-11e4-be76-7054d211700d

Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic

Error: (12/31/2014 03:56:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: FAMILIEN-LAPTOP)
Description: Die App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (12/31/2014 03:04:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.2.9200.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a8c

Startzeit: 01d024fb64bcd2e0

Endzeit: 0

Anwendungspfad: C:\WINDOWS\Explorer.EXE

Berichts-ID: bed73b1d-90f5-11e4-be76-7054d211700d

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/31/2014 02:12:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_HomeGroupListener, Version: 6.2.9200.16384, Zeitstempel: 0x50108897
Name des fehlerhaften Moduls: listsvc.dll, Version: 6.2.9200.16384, Zeitstempel: 0x5010810c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001290b
ID des fehlerhaften Prozesses: 0x3a0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_HomeGroupListener0
Pfad der fehlerhaften Anwendung: svchost.exe_HomeGroupListener1
Pfad des fehlerhaften Moduls: svchost.exe_HomeGroupListener2
Berichtskennung: svchost.exe_HomeGroupListener3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_HomeGroupListener4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_HomeGroupListener5


System errors:
=============
Error: (01/02/2015 07:08:44 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005

Error: (01/02/2015 07:08:44 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (01/02/2015 05:41:07 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (01/02/2015 05:35:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2845533)

Error: (01/02/2015 05:35:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2836988)

Error: (01/02/2015 04:54:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Norton 360" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/02/2015 04:29:14 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900.

Error: (01/02/2015 04:29:12 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900.

Error: (01/02/2015 04:29:07 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.

Error: (01/02/2015 04:29:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900.


Microsoft Office Sessions:
=========================
Error: (01/02/2015 04:53:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: N360.exe12.10.0.425202e8a2ntdll.dll6.2.9200.163845010ae7ac0000005000535417ec01d024ae1331abe6C:\Program Files (x86)\Norton 360\Engine\21.0.1.3\N360.exeC:\WINDOWS\SYSTEM32\ntdll.dll8718964f-9297-11e4-be76-7054d211700d

Error: (01/02/2015 04:51:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Program Files\CCleaner\CCleaner.exe

Error: (01/02/2015 04:38:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.2.9200.163841bc001d0269c13be1e3d4294967295C:\WINDOWS\system32\wwahost.exe5d209878-9295-11e4-be76-7054d211700dmicrosoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (01/02/2015 04:38:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: FAMILIEN-LAPTOP)
Description: microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe

Error: (12/31/2014 03:57:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.2.9200.16384131401d02509ace8967a4294967295C:\WINDOWS\system32\wwahost.exe5e0b6001-90fd-11e4-be76-7054d211700dMicrosoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbweMicrosoft.ZuneMusic

Error: (12/31/2014 03:57:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FAMILIEN-LAPTOP)
Description: Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic-2144927142

Error: (12/31/2014 03:57:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.2.9200.16384131401d02509ace8967a4294967295C:\WINDOWS\system32\wwahost.exe3020cb29-90fd-11e4-be76-7054d211700dMicrosoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbweMicrosoft.ZuneMusic

Error: (12/31/2014 03:56:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: FAMILIEN-LAPTOP)
Description: Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic

Error: (12/31/2014 03:04:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.2.9200.163841a8c01d024fb64bcd2e00C:\WINDOWS\Explorer.EXEbed73b1d-90f5-11e4-be76-7054d211700d

Error: (12/31/2014 02:12:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_HomeGroupListener6.2.9200.1638450108897listsvc.dll6.2.9200.163845010810cc0000005000000000001290b3a001d024ae039e1638C:\WINDOWS\System32\svchost.exec:\windows\system32\listsvc.dll9e740a91-90ee-11e4-be76-7054d211700d


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 36%
Total physical RAM: 3977.22 MB
Available physical RAM: 2514.46 MB
Total Pagefile: 7561.22 MB
Available Pagefile: 6156.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (TI30992300A) (Fixed) (Total:454.95 GB) (Free:334.25 GB) NTFS
Drive e: (TINY) (Removable) (Total:0.96 GB) (Free:0.42 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 984 MB) (Disk ID: 91F72D24)
Partition 1: (Active) - (Size=984 MB) - (Type=0B)

==================== End Of Log ============================
         
__________________

Alt 02.01.2015, 20:24   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Phishinganruf und Computerübernahme - Standard

Phishinganruf und Computerübernahme



sieht gut aus
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.01.2015, 18:15   #5
Digi
 
Phishinganruf und Computerübernahme - Standard

Phishinganruf und Computerübernahme



Vielen Dank für die schnelle Hilfe. So ließen sich Angst und Ärger doch etwas besser beruhigen. Und Entschuldigung für die erst im Nachhinein gesehenen Fehler im vorherigem Text.


Alt 03.01.2015, 19:19   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Phishinganruf und Computerübernahme - Standard

Phishinganruf und Computerübernahme



Gern Geschehen
__________________
--> Phishinganruf und Computerübernahme

Antwort

Themen zu Phishinganruf und Computerübernahme
anderen, angriffe, anzeige, aufgegeben, aufspielen, computer, englisch, euro, formatierung, geld, geändert, hacker, information, interne, karte, microsoft, miteinander, namen, neu, passwörter, phishing, recovery, service, toshiba, trojaner, weihnachten, windows 8.1 64bit, wirklich, Überweisung, zugriff



Zum Thema Phishinganruf und Computerübernahme - Hallo miteinander, einen Tag vor Weihnachten erhielt meine Familie einen Anruf. Der angebliche Mitarbeiter von Microsoft teilte uns auf Englisch mit, dass der Computer von Hackern für Angriffe genutzt wird. - Phishinganruf und Computerübernahme...
Archiv
Du betrachtest: Phishinganruf und Computerübernahme auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.