| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Phishinganruf und ComputerübernahmeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.01.2015, 18:32
| #1 |
| |  Phishinganruf und Computerübernahme Hallo miteinander, einen Tag vor Weihnachten erhielt meine Familie einen Anruf. Der angebliche Mitarbeiter von Microsoft teilte uns auf Englisch mit, dass der Computer von Hackern für Angriffe genutzt wird. Nachdem er den Korrekten Windows-Code nannte hatte er somit ein gewisses Vertrauen gewonnen (ja, wir wissen jetzt, dass es ziemlich dumm war). Über Teamviewer bekam er Zugriff zum Laptop. Was er nun wollte war, dass wir per Kreditkarte ein Sicherheitspaket für bis zu 5 Computer und auf Lebenszeit für 25,- Euro verkaufen. Da keine Kreditkarte vorhanden war, wollte er eine Überweisung über Western Union. Damit es nicht zu teuer wird sollten wir das Geld auf den Namen John Smith mit der Angabe "Persönliche Gründe" vorschlagen. Hier brachen wir ab, legten das Telefon auf und kappten die Internetverbindung. Sofort wählten wir die Servicenummer von Microsoft. Der Mitarbeiter teilte uns mit, dass wir einerseits dem Betrüfer weit gefolgt sind, andererseits vermutlich mit einem blauen Auge davon gekommen sind, da wir noch keine Online-Banking-Daten angeben haben. Nachdem nun eine Anzeige bei der Polizei aufgegeben, alle Passwörter über einen anderen Computer geändert und der Laptop mit einem Recovery-Programm fürs erste neu Aufgespielt wurde, haben wir trotzdem Angst, dass noch etwas zurückgeblieben sein könnte bzw. von dem Betrüger aufgespielt wurde. Ist das Aufspielen mit einem Recoveryprogramm wirklich sicher? Anders als bei einer richtigen Formatierung, wie bei einem PC, haben wir trotzdem Zweifel. Wir hoffen, jemand hat einen Tipp, wie wir die letzten Zweifel ausräumen können. Zur Information: es handelt sich um ein Toshiba Satellite C855-21V mit Windows 8.1 64bit |
|
02.01.2015, 18:46
| #2 |
| /// the machine /// TB-Ausbilder    |  Phishinganruf und Computerübernahme hi,
__________________Recovery und Zurücksetzen ist eigentlich wie Formatieren. Sollte passen, wir schauen aber mal genau: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
02.01.2015, 19:28
| #3 |
| | Phishinganruf und Computerübernahme Hallo und Danke für die schnelle Antwort.
__________________FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-01-2015 Ran by Carsten (administrator) on FAMILIEN-LAPTOP on 02-01-2015 19:14:15 Running from E:\ Loaded Profile: Carsten (Available profiles: Carsten) Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA Corporation) HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] () HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation) HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-08-01] (Intel Corporation) HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba) HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6884352 2012-08-23] (Pegatron Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2682987213-1263350576-3446379092-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2682987213-1263350576-3446379092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/ HKU\S-1-5-21-2682987213-1263350576-3446379092-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com SearchScopes: HKU\S-1-5-21-2682987213-1263350576-3446379092-1001 -> DefaultScope {0D1985C4-6F27-4CAC-8B2F-FBC545D1B493} URL = SearchScopes: HKU\S-1-5-21-2682987213-1263350576-3446379092-1001 -> {0D1985C4-6F27-4CAC-8B2F-FBC545D1B493} URL = BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation) Toolbar: HKU\S-1-5-21-2682987213-1263350576-3446379092-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn [2015-01-02] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\IPSFF FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Chrome: ======= CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-01-01] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2015-01-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation) S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-12-09] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-31] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-31] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\IPSDefs\20150101.001\IDSvia64.sys [637656 2014-12-31] (Symantec Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-02] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150101.035\ENG64.SYS [129752 2014-12-31] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\VirusDefs\20150101.035\EX64.SYS [2137304 2014-12-31] (Symantec Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwNe64.sys [11400192 2012-06-02] (Intel Corporation) R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1496720 2012-08-13] (Realtek Semiconductor Corporation ) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1496720 2012-08-13] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-14] (Synaptics Incorporated) R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2013-08-01] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-31] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-02 19:14 - 2015-01-02 19:14 - 00000000 ____D () C:\FRST 2015-01-02 19:13 - 2015-01-02 19:13 - 00000797 _____ () C:\WINDOWS\setupact.log 2015-01-02 19:13 - 2015-01-02 19:13 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-01-02 19:11 - 2015-01-02 19:11 - 00000117 _____ () C:\WINDOWS\system32\netcfg-61484.txt 2015-01-02 19:10 - 2015-01-02 19:10 - 00281784 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-01-02 19:09 - 2015-01-02 19:09 - 00000117 _____ () C:\WINDOWS\system32\netcfg-318859.txt 2015-01-02 19:07 - 2015-01-02 19:07 - 00000136 _____ () C:\WINDOWS\system32\netcfg-198437.txt 2015-01-02 19:07 - 2015-01-02 19:07 - 00000134 _____ () C:\WINDOWS\system32\netcfg-198203.txt 2015-01-02 19:07 - 2015-01-02 19:07 - 00000134 _____ () C:\WINDOWS\system32\netcfg-188078.txt 2015-01-02 19:06 - 2015-01-02 19:06 - 00000117 _____ () C:\WINDOWS\system32\netcfg-99828.txt 2015-01-02 19:05 - 2015-01-02 19:05 - 00001976 _____ () C:\WINDOWS\PFRO.log 2015-01-02 18:00 - 2015-01-02 18:00 - 00000117 _____ () C:\WINDOWS\system32\netcfg-248579000.txt 2015-01-02 17:37 - 2015-01-02 17:40 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-01-02 17:37 - 2014-11-27 16:40 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-01-02 15:58 - 2012-10-06 05:53 - 02893824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2015-01-02 15:58 - 2012-10-06 05:15 - 02400256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2015-01-02 15:54 - 2015-01-02 15:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-240984953.txt 2015-01-02 15:54 - 2015-01-02 15:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-240984468.txt 2015-01-01 19:53 - 2015-01-01 19:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168971750.txt 2015-01-01 19:53 - 2015-01-01 19:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168968812.txt 2015-01-01 19:53 - 2015-01-01 19:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168968609.txt 2015-01-01 19:53 - 2015-01-01 19:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168967875.txt 2015-01-01 19:52 - 2015-01-01 19:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168926359.txt 2015-01-01 19:52 - 2015-01-01 19:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168926296.txt 2015-01-01 19:52 - 2015-01-01 19:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168923109.txt 2015-01-01 19:52 - 2015-01-01 19:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168922187.txt 2015-01-01 19:41 - 2015-01-01 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168253453.txt 2015-01-01 19:41 - 2015-01-01 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168250375.txt 2015-01-01 19:41 - 2015-01-01 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168250265.txt 2015-01-01 19:41 - 2015-01-01 19:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168249500.txt 2015-01-01 19:38 - 2015-01-01 19:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168059000.txt 2015-01-01 19:38 - 2015-01-01 19:38 - 00000117 _____ () C:\WINDOWS\system32\netcfg-168058500.txt 2015-01-01 12:08 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-01-01 12:08 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-01-01 10:25 - 2015-01-01 10:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-134879609.txt 2015-01-01 10:25 - 2015-01-01 10:25 - 00000117 _____ () C:\WINDOWS\system32\netcfg-134878109.txt 2015-01-01 09:12 - 2015-01-01 09:12 - 00000117 _____ () C:\WINDOWS\system32\netcfg-130529703.txt 2015-01-01 09:12 - 2015-01-01 09:12 - 00000117 _____ () C:\WINDOWS\system32\netcfg-130529640.txt 2015-01-01 03:10 - 2015-01-01 03:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108781218.txt 2015-01-01 03:10 - 2015-01-01 03:10 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108779578.txt 2015-01-01 03:08 - 2015-01-01 03:08 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108650796.txt 2015-01-01 03:08 - 2015-01-01 03:08 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108648875.txt 2015-01-01 03:02 - 2015-01-01 03:02 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108292703.txt 2015-01-01 03:02 - 2015-01-01 03:02 - 00000117 _____ () C:\WINDOWS\system32\netcfg-108292062.txt 2015-01-01 02:55 - 2015-01-01 02:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-107873609.txt 2015-01-01 02:55 - 2015-01-01 02:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-107870812.txt 2014-12-31 18:01 - 2014-12-31 18:01 - 00000117 _____ () C:\WINDOWS\system32\netcfg-75877828.txt 2014-12-31 18:01 - 2014-12-31 18:01 - 00000117 _____ () C:\WINDOWS\system32\netcfg-75875718.txt 2014-12-31 18:00 - 2014-11-21 09:38 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-12-31 18:00 - 2014-11-21 09:37 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-12-31 18:00 - 2014-11-21 09:37 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2014-12-31 18:00 - 2014-11-21 09:37 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll 2014-12-31 18:00 - 2014-11-21 09:36 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-12-31 18:00 - 2014-11-21 09:36 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-12-31 18:00 - 2014-11-21 09:36 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-12-31 18:00 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-12-31 18:00 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-12-31 18:00 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-12-31 18:00 - 2014-11-21 08:17 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll 2014-12-31 18:00 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-12-31 18:00 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-12-31 18:00 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-12-31 18:00 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-12-31 18:00 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2014-12-31 18:00 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-12-31 18:00 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-12-31 18:00 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-12-31 18:00 - 2014-11-21 08:00 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-12-31 18:00 - 2014-11-21 05:30 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll 2014-12-31 17:59 - 2014-11-21 09:38 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 19283456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 15400960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-12-31 17:59 - 2014-11-21 09:36 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-12-31 17:59 - 2014-11-21 09:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-12-31 17:59 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-12-31 17:59 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-12-31 17:59 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-12-31 17:59 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-12-31 17:59 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-12-31 17:59 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-12-31 17:59 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-12-31 17:59 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-12-31 14:46 - 2014-12-31 14:46 - 00000000 ____D () C:\Users\Carsten\Documents\Amazon MP3 2014-12-31 14:42 - 2014-12-31 14:42 - 00000000 ____D () C:\Users\Carsten\Documents\WIN 8 Videokurs 2014-12-31 14:41 - 2014-12-31 14:42 - 00000000 ____D () C:\Users\Carsten\Documents\von vater 2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\Vereinsdruckerei 11.9.09 2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\TV Senderliste 2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\THW Simulator 2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\SelfMV 2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\samsung 2014-12-31 14:39 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\PcSetup 2014-12-31 14:33 - 2014-12-31 14:39 - 00000000 ____D () C:\Users\Carsten\Documents\Luca Schule 2014-12-31 14:33 - 2014-12-31 14:33 - 00000000 ____D () C:\Users\Carsten\Documents\Freemake 2014-12-31 14:32 - 2014-12-31 14:33 - 00000000 ____D () C:\Users\Carsten\Documents\FormatFactory 2014-12-31 14:27 - 2014-12-31 14:32 - 00000000 ____D () C:\Users\Carsten\Documents\FFOutput 2014-12-31 14:27 - 2014-12-31 14:27 - 00000000 ____D () C:\Users\Carsten\Documents\Fax 2014-12-31 14:27 - 2014-12-31 14:27 - 00000000 ____D () C:\Users\Carsten\Documents\DVDFab 2014-12-31 14:27 - 2014-12-31 14:27 - 00000000 ____D () C:\Users\Carsten\Documents\Bewerbung CS 2014-12-31 14:27 - 2014-12-31 14:27 - 00000000 ____D () C:\Users\Carsten\Documents\AnyDVD 5.3.2.1 2014-12-31 14:26 - 2014-12-31 14:27 - 00000000 ____D () C:\Users\Carsten\Downloads\Programme 2014-12-31 14:26 - 2014-12-31 14:26 - 00000000 ____D () C:\Users\Carsten\Downloads\spiele 2014-12-31 14:26 - 2014-12-31 14:26 - 00000000 ____D () C:\Users\Carsten\Downloads\geocache 2014-12-31 14:26 - 2014-12-31 14:26 - 00000000 ____D () C:\Users\Carsten\Downloads\Email anhänge 2014-12-31 14:26 - 2014-12-31 14:26 - 00000000 ____D () C:\Users\Carsten\Downloads\Drachenritter 2014-12-31 14:26 - 2014-10-04 20:44 - 06704778 _____ () C:\Users\Carsten\Downloads\Samsung_ChannelListPCEditor_1.10.zip 2014-12-31 14:26 - 2014-09-11 21:31 - 191136136 _____ (Symantec Corporation) C:\Users\Carsten\Downloads\norton_360_setup.exe 2014-12-31 14:26 - 2014-05-16 18:01 - 21987152 _____ (Mozilla) C:\Users\Carsten\Downloads\Thunderbird_Setup_24.5.0.exe 2014-12-31 14:26 - 2013-08-25 10:10 - 00007824 _____ () C:\Users\Carsten\Downloads\Von Wö. zum Steinkopf.kml 2014-12-31 14:26 - 2013-08-25 10:08 - 00021047 _____ () C:\Users\Carsten\Downloads\Von Wö. zum Steinkopf.gpx 2014-12-31 14:26 - 2013-06-16 10:06 - 00048964 _____ () C:\Users\Carsten\Downloads\Wöll Flor Fried Wöll.gpx 2014-12-31 14:14 - 2014-12-31 14:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-62262546.txt 2014-12-31 14:14 - 2014-12-31 14:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-62255875.txt 2014-12-31 14:11 - 2014-12-31 14:11 - 00000117 _____ () C:\WINDOWS\system32\netcfg-62042953.txt 2014-12-31 14:11 - 2014-12-31 14:11 - 00000117 _____ () C:\WINDOWS\system32\netcfg-62042187.txt 2014-12-31 08:05 - 2014-05-15 02:02 - 00059424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-12-31 08:05 - 2014-05-14 23:43 - 03286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-12-31 08:05 - 2014-05-14 23:43 - 01623040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-12-31 08:05 - 2014-05-14 23:43 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-12-31 08:05 - 2014-05-14 23:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2014-12-31 08:05 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-12-31 08:05 - 2012-11-06 05:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll 2014-12-31 08:05 - 2012-11-06 05:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wushareduxresources.dll 2014-12-31 08:02 - 2012-12-13 05:00 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2014-12-31 08:02 - 2012-12-13 04:59 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2014-12-31 07:57 - 2014-05-29 23:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2014-12-31 07:57 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2014-12-31 07:57 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-12-31 07:57 - 2013-07-02 02:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2014-12-31 07:57 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-12-31 07:57 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS 2014-12-31 07:57 - 2013-05-04 07:59 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2014-12-31 07:57 - 2013-05-04 05:57 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2014-12-31 07:57 - 2013-04-27 06:20 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2014-12-31 07:54 - 2014-12-31 07:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10589062.txt 2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10585390.txt 2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10580421.txt 2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10563812.txt 2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10558609.txt 2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10537609.txt 2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10529562.txt 2014-12-31 07:53 - 2014-12-31 07:53 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10528796.txt 2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10522984.txt 2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10519859.txt 2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10519765.txt 2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10519703.txt 2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10519234.txt 2014-12-31 07:52 - 2014-12-31 07:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10513859.txt 2014-12-31 07:49 - 2014-06-06 15:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-12-31 07:49 - 2014-06-06 11:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-12-31 07:49 - 2014-06-05 18:56 - 00112984 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-12-31 07:49 - 2014-06-05 18:30 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-12-31 07:49 - 2014-06-05 18:29 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-12-31 07:49 - 2014-06-05 18:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-12-31 07:49 - 2014-06-05 18:28 - 02306560 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-12-31 07:49 - 2014-06-05 18:28 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-12-31 07:49 - 2014-06-05 14:12 - 08857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-12-31 07:49 - 2014-06-05 14:11 - 02416128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-12-31 07:49 - 2014-06-05 14:11 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-12-31 07:49 - 2014-06-05 14:10 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-12-31 07:49 - 2014-06-05 14:10 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-12-31 07:49 - 2013-03-06 07:29 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-12-31 07:49 - 2013-03-02 11:39 - 00069864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-12-31 07:47 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-12-31 07:47 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-12-31 07:47 - 2014-04-03 12:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-12-31 07:47 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll 2014-12-31 07:47 - 2013-04-11 07:40 - 06987528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-12-31 07:47 - 2013-03-02 10:59 - 00411880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-12-31 07:47 - 2013-01-29 02:57 - 00035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-12-31 07:47 - 2013-01-29 00:08 - 00230904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-12-31 07:47 - 2012-11-10 05:23 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2014-12-31 07:47 - 2012-11-10 05:23 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2014-12-31 07:47 - 2012-11-10 05:22 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDWebAI.dll 2014-12-31 07:47 - 2012-11-10 05:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmHostAI.dll 2014-12-31 07:47 - 2012-11-10 05:20 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appserverai.dll 2014-12-31 07:47 - 2012-11-01 05:41 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2014-12-31 07:47 - 2012-11-01 05:40 - 02361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2014-12-31 07:47 - 2012-11-01 05:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll 2014-12-31 07:47 - 2012-11-01 05:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll 2014-12-31 07:47 - 2012-11-01 05:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll 2014-12-31 07:47 - 2012-11-01 05:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll 2014-12-31 07:44 - 2014-11-08 12:22 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2014-12-31 07:44 - 2014-11-08 12:21 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-12-31 07:44 - 2014-11-08 07:57 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2014-12-31 07:44 - 2014-11-08 07:56 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2014-12-31 07:44 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2014-12-31 07:44 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2014-12-31 07:44 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-12-31 07:44 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2014-12-31 07:44 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-12-31 07:44 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2014-12-31 07:44 - 2014-06-20 00:35 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2014-12-31 07:44 - 2014-06-19 23:24 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2014-12-31 07:44 - 2014-05-30 00:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2014-12-31 07:44 - 2014-04-12 10:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2014-12-31 07:44 - 2014-04-12 10:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2014-12-31 07:44 - 2014-04-12 10:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll 2014-12-31 07:44 - 2014-04-12 10:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll 2014-12-31 07:44 - 2014-04-12 10:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2014-12-31 07:44 - 2014-04-12 10:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll 2014-12-31 07:44 - 2014-04-12 08:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2014-12-31 07:44 - 2014-04-12 08:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2014-12-31 07:44 - 2014-04-12 08:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll 2014-12-31 07:44 - 2014-04-12 08:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll 2014-12-31 07:44 - 2014-04-12 08:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll 2014-12-31 07:44 - 2014-04-12 07:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll 2014-12-31 07:44 - 2014-03-04 00:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-12-31 07:41 - 2014-12-31 07:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9842703.txt 2014-12-31 07:41 - 2014-12-31 07:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9817015.txt 2014-12-31 07:41 - 2014-12-31 07:41 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9806312.txt 2014-12-31 07:41 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2014-12-31 07:41 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2014-12-31 07:41 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2014-12-31 07:41 - 2012-10-11 06:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll 2014-12-31 07:41 - 2012-10-11 06:19 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys 2014-12-31 07:41 - 2012-10-11 06:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys 2014-12-31 07:40 - 2014-12-31 07:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9761750.txt 2014-12-31 07:34 - 2014-12-31 07:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9437312.txt 2014-12-31 07:34 - 2014-12-31 07:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9430281.txt 2014-12-31 07:33 - 2014-12-31 07:34 - 00001131 _____ () C:\WINDOWS\system32\netcfg-9379968.txt 2014-12-31 06:46 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2014-12-31 06:46 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2014-12-31 06:46 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2014-12-31 06:46 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2014-12-31 06:46 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2014-12-31 06:46 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2014-12-31 06:46 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2014-12-31 06:41 - 2014-10-30 08:20 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2014-12-31 06:41 - 2014-10-30 06:22 - 01569792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2014-12-31 06:09 - 2014-12-31 06:09 - 00002776 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2014-12-31 06:09 - 2014-12-31 06:09 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-12-31 06:09 - 2014-12-31 06:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-12-31 06:09 - 2014-12-31 06:09 - 00000000 ____D () C:\Program Files\CCleaner 2014-12-31 06:08 - 2014-12-31 06:08 - 04188536 _____ (Piriform Ltd) C:\Users\Carsten\Downloads\ccsetup501_slim.exe 2014-12-31 05:38 - 2014-12-31 05:38 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Macromedia 2014-12-31 05:02 - 2014-12-31 05:02 - 00000117 _____ () C:\WINDOWS\system32\netcfg-308828.txt 2014-12-31 04:58 - 2014-12-31 04:58 - 00000117 _____ () C:\WINDOWS\system32\netcfg-79406.txt 2014-12-31 04:22 - 2014-12-31 04:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-10969078.txt 2014-12-31 03:55 - 2014-12-31 03:55 - 00000000 ____D () C:\sources 2014-12-31 03:46 - 2014-12-31 03:46 - 00000131 _____ () C:\WINDOWS\system32\netcfg-8834781.txt 2014-12-31 02:55 - 2014-12-31 02:55 - 00000000 ____D () C:\ProgramData\ToshibaEurope 2014-12-31 02:54 - 2014-12-31 02:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-5711375.txt 2014-12-31 02:54 - 2014-12-31 02:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-5711281.txt 2014-12-31 02:54 - 2014-12-31 02:54 - 00000117 _____ () C:\WINDOWS\system32\netcfg-5707203.txt 2014-12-31 02:48 - 2015-01-02 19:06 - 00003206 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration 2014-12-31 02:48 - 2015-01-02 19:06 - 00002330 _____ () C:\Users\Public\Desktop\Norton 360.lnk 2014-12-31 02:48 - 2014-12-31 02:48 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS 2014-12-31 02:48 - 2014-12-31 02:48 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT 2014-12-31 02:48 - 2014-12-31 02:48 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared 2014-12-31 02:46 - 2015-01-02 19:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2014-12-31 02:46 - 2015-01-02 19:06 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64 2014-12-31 02:46 - 2014-12-31 02:49 - 00000000 ____D () C:\ProgramData\Norton 2014-12-31 02:46 - 2014-12-31 02:46 - 00000000 ____D () C:\Program Files (x86)\Norton 360 2014-12-31 01:32 - 2015-01-02 19:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-12-31 01:32 - 2014-12-31 01:32 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-12-31 01:32 - 2014-12-31 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-12-31 01:32 - 2014-12-31 01:32 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-12-31 01:32 - 2014-12-31 01:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-12-31 01:32 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-12-31 01:32 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-12-31 01:32 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-12-31 01:31 - 2014-12-31 07:24 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2682987213-1263350576-3446379092-1001 2014-12-31 01:27 - 2014-12-31 01:27 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Toshiba 2014-12-31 01:26 - 2014-12-31 07:48 - 00000000 ____D () C:\Users\Carsten\AppData\Local\TOSHIBA 2014-12-31 01:26 - 2014-12-31 01:26 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD 2014-12-31 01:26 - 2014-12-31 01:26 - 00000000 ____D () C:\Users\Carsten\AppData\Local\SRS Labs 2014-12-31 01:25 - 2014-12-31 01:25 - 00001453 _____ () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-12-31 01:25 - 2014-12-31 01:25 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Adobe 2014-12-31 01:22 - 2015-01-01 02:58 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Packages 2014-12-31 01:22 - 2014-12-31 01:22 - 00000000 ____D () C:\Users\Carsten\AppData\Local\VirtualStore 2014-12-31 01:21 - 2014-12-31 01:21 - 00000020 ___SH () C:\Users\Carsten\ntuser.ini 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Vorlagen 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Startmenü 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Netzwerkumgebung 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Lokale Einstellungen 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Eigene Dateien 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Druckumgebung 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Documents\Eigene Musik 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Documents\Eigene Bilder 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\AppData\Local\Verlauf 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\AppData\Local\Anwendungsdaten 2014-12-31 01:21 - 2014-12-31 01:21 - 00000000 _SHDL () C:\Users\Carsten\Anwendungsdaten 2014-12-31 01:21 - 2014-12-31 00:58 - 00000000 ____D () C:\Users\Carsten 2014-12-31 01:21 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-12-31 01:21 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-31 01:21 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-12-31 01:21 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-12-31 01:19 - 2015-01-02 17:44 - 01906754 _____ () C:\WINDOWS\WindowsUpdate.log 2014-12-31 01:15 - 2014-12-31 01:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6382703.txt 2014-12-31 00:57 - 2012-10-24 04:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe 2014-12-31 00:57 - 2012-10-24 03:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe 2014-12-31 00:55 - 2014-11-06 07:50 - 01627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2014-12-31 00:55 - 2014-11-06 06:03 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2014-12-31 00:55 - 2013-03-02 09:23 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2014-12-31 00:55 - 2013-03-02 03:44 - 01011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-12-31 00:55 - 2012-12-15 05:55 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2014-12-31 00:55 - 2012-11-03 06:26 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysreset.exe 2014-12-31 00:55 - 2012-11-03 06:25 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\resetengmig.dll 2014-12-31 00:53 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2014-12-31 00:53 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2014-12-31 00:53 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2014-12-31 00:53 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2014-12-31 00:53 - 2012-11-08 05:24 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2014-12-31 00:53 - 2012-11-08 05:24 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2014-12-31 00:53 - 2012-11-08 05:20 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2014-12-31 00:53 - 2012-11-08 05:20 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2014-12-31 00:53 - 2012-11-08 05:02 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2014-12-31 00:53 - 2012-11-08 05:01 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2014-12-31 00:52 - 2013-03-02 09:22 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-12-31 00:52 - 2013-03-02 03:44 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-12-31 00:52 - 2013-02-02 11:54 - 01933544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2014-12-31 00:52 - 2013-02-02 11:28 - 00993512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-12-31 00:52 - 2013-02-02 09:40 - 10792448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-12-31 00:52 - 2013-02-02 09:39 - 05090816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-12-31 00:52 - 2013-02-02 09:39 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2014-12-31 00:52 - 2013-02-02 09:38 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll 2014-12-31 00:52 - 2013-02-02 09:23 - 13643264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-12-31 00:52 - 2013-02-02 09:23 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlroamextension.dll 2014-12-31 00:52 - 2013-02-02 09:23 - 00475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2014-12-31 00:52 - 2013-02-02 09:22 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-12-31 00:52 - 2013-02-02 09:21 - 05977600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-12-31 00:52 - 2013-02-02 09:21 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll 2014-12-31 00:52 - 2013-02-02 09:21 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2014-12-31 00:52 - 2013-02-02 09:20 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll 2014-12-31 00:51 - 2013-02-05 23:31 - 00622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2014-12-31 00:51 - 2013-02-05 23:29 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-12-31 00:51 - 2013-02-05 23:28 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2014-12-31 00:51 - 2013-02-05 23:28 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-12-31 00:51 - 2013-02-02 12:19 - 00329960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2014-12-31 00:51 - 2013-02-02 12:19 - 00061672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys 2014-12-31 00:51 - 2013-02-02 09:40 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlroamextension.dll 2014-12-31 00:51 - 2013-02-02 09:40 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2014-12-31 00:51 - 2013-02-02 09:40 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2014-12-31 00:51 - 2013-02-02 09:40 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2014-12-31 00:51 - 2013-02-02 09:40 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsRasterService.dll 2014-12-31 00:51 - 2013-02-02 09:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tasklist.exe 2014-12-31 00:51 - 2013-02-02 09:40 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskkill.exe 2014-12-31 00:51 - 2013-02-02 09:39 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2014-12-31 00:51 - 2013-02-02 09:39 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll 2014-12-31 00:51 - 2013-02-02 09:39 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll 2014-12-31 00:51 - 2013-02-02 09:39 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll 2014-12-31 00:51 - 2013-02-02 09:39 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll 2014-12-31 00:51 - 2013-02-02 09:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll 2014-12-31 00:51 - 2013-02-02 09:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskkill.exe 2014-12-31 00:51 - 2013-02-02 09:24 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\tasklist.exe 2014-12-31 00:51 - 2013-02-02 09:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll 2014-12-31 00:51 - 2013-02-02 09:23 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2014-12-31 00:51 - 2013-02-02 09:23 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsRasterService.dll 2014-12-31 00:51 - 2013-02-02 09:23 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2014-12-31 00:51 - 2013-02-02 09:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2014-12-31 00:51 - 2013-02-02 09:22 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2014-12-31 00:51 - 2013-02-02 09:21 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2014-12-31 00:51 - 2013-02-02 09:20 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hotspotauth.dll 2014-12-31 00:51 - 2013-02-02 08:25 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2014-12-31 00:51 - 2013-02-02 08:25 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2014-12-31 00:51 - 2013-02-02 08:25 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys 2014-12-31 00:51 - 2013-02-02 06:41 - 01437184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2014-12-31 00:51 - 2013-02-02 06:31 - 01690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2014-12-31 00:51 - 2012-11-27 04:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2014-12-31 00:51 - 2012-11-27 04:55 - 00029952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthhfHid.sys 2014-12-31 00:51 - 2012-11-20 05:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidi2c.sys 2014-12-31 00:51 - 2012-09-20 07:32 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2014-12-31 00:51 - 2012-09-20 07:32 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll 2014-12-31 00:49 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2014-12-31 00:49 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2014-12-31 00:48 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2014-12-31 00:48 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2014-12-31 00:48 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2014-12-31 00:48 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2014-12-31 00:48 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2014-12-31 00:48 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2014-12-31 00:48 - 2012-11-20 05:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys 2014-12-31 00:46 - 2014-08-23 07:47 - 04036096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-12-31 00:46 - 2014-07-16 00:03 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-12-31 00:46 - 2014-07-12 03:36 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-12-31 00:44 - 2013-02-12 01:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys 2014-12-31 00:38 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll 2014-12-31 00:38 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll 2014-12-31 00:37 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe 2014-12-31 00:37 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll 2014-12-31 00:37 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll 2014-12-31 00:37 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2014-12-31 00:37 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe 2014-12-31 00:37 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll 2014-12-31 00:37 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-12-31 00:37 - 2013-03-15 01:17 - 00861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2014-12-31 00:37 - 2012-11-03 06:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2014-12-31 00:37 - 2012-11-03 06:26 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2014-12-31 00:37 - 2012-11-03 06:24 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2014-12-31 00:37 - 2012-11-03 06:24 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2014-12-31 00:37 - 2012-11-03 06:24 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2014-12-31 00:37 - 2012-11-03 06:24 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2014-12-31 00:37 - 2012-11-03 06:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2014-12-31 00:37 - 2012-11-03 06:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2014-12-31 00:37 - 2012-11-03 06:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2014-12-31 00:37 - 2012-11-03 06:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2014-12-31 00:37 - 2012-11-03 06:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2014-12-31 00:37 - 2012-11-03 06:04 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2014-12-31 00:37 - 2012-11-03 06:00 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2014-12-31 00:37 - 2012-11-03 06:00 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2014-12-31 00:36 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2014-12-31 00:36 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-12-31 00:36 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2014-12-31 00:36 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2014-12-31 00:36 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-12-31 00:36 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-12-31 00:36 - 2012-10-24 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2014-12-31 00:36 - 2012-10-24 04:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2014-12-31 00:36 - 2012-10-24 04:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll 2014-12-31 00:36 - 2012-10-24 04:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll 2014-12-31 00:31 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2014-12-31 00:31 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2014-12-31 00:31 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2014-12-31 00:31 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2014-12-30 15:28 - 2014-12-30 15:28 - 00000000 _____ () C:\Recovery.txt 2014-12-22 19:14 - 2014-12-22 19:15 - 00000434 _____ () C:\Users\Carsten\Documents\Email adr.Silke.ldif 2014-12-22 19:09 - 2014-12-22 19:09 - 00010051 _____ () C:\Users\Carsten\Documents\Email adr.Casi.ldif ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-02 19:12 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache 2015-01-02 19:10 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP 2015-01-02 19:10 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-01-02 19:09 - 2012-07-26 06:37 - 00000000 ____D () C:\WINDOWS\servicing 2015-01-02 19:09 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2015-01-02 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-01-02 17:54 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData 2015-01-02 17:54 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-01-02 17:54 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-01-02 17:54 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender 2015-01-02 17:53 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-01-02 17:52 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore 2015-01-02 17:52 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2015-01-02 17:52 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2015-01-02 17:52 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal 2015-01-02 17:51 - 2012-08-01 17:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2015-01-02 17:51 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2015-01-02 17:51 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI 2015-01-02 17:51 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz 2015-01-02 17:51 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com 2015-01-02 17:51 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz 2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm 2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN 2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep 2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr 2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2015-01-02 17:51 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\winrm 2015-01-02 17:51 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe 2015-01-02 17:51 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism 2015-01-02 17:51 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\oobe 2015-01-02 17:47 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\WCN 2015-01-02 17:47 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\slmgr 2015-01-02 17:47 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep 2015-01-02 17:47 - 2012-07-26 06:38 - 00000000 ____D () C:\WINDOWS\system32\Dism 2015-01-02 17:46 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform 2015-01-02 17:46 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\Com 2015-01-02 17:46 - 2012-07-26 08:49 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts 2015-01-02 17:40 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2015-01-02 17:37 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2015-01-01 03:03 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-12-31 14:28 - 2012-08-01 17:38 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat 2014-12-31 14:28 - 2012-08-01 17:38 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat 2014-12-31 14:28 - 2012-07-26 08:28 - 02679026 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-31 06:10 - 2012-09-11 23:35 - 00000000 ____D () C:\WINDOWS\Panther 2014-12-31 05:03 - 2012-09-10 22:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Toshiba 2014-12-31 03:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\MUI 2014-12-31 02:23 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\restore 2014-12-31 01:28 - 2012-09-10 22:03 - 00000000 ____D () C:\ProgramData\Toshiba 2014-12-30 15:28 - 2013-11-05 01:12 - 00000000 __SHD () C:\Recovery 2014-12-30 15:28 - 2012-07-26 09:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2012-09-11 06:42 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-01-2015
Ran by Carsten at 2015-01-02 19:15:41
Running from E:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Online (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Online (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Online (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33268) (Version: 3.6.1.33268.15 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6687 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.3 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.910 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.1 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.13000 - Nero AG) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.37 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2682987213-1263350576-3446379092-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)
==================== Restore Points =========================
31-12-2014 02:23:03 Sprachpaketdeinstallation
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05814412-4BAB-4201-BD81-5AEE7ACB2FBE} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {0CD45EEE-BA60-402C-83D0-7AE300826A81} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-08-14] (Toshiba Europe GmbH)
Task: {5A5B42BA-E81C-468D-A3B0-D066417EEA41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {6C901059-BE89-43D9-8296-94C91F3E0AA3} - System32\Tasks\Microsoft\WINRE\WinRE-Repair => C:\windows\System32\reagentc.exe [2012-10-24] (Microsoft Corporation)
Task: {8DD4A64A-325E-4924-8372-84B4B8F118E0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-27] (Microsoft Corporation)
Task: {D9323DFD-BCE2-4EBF-A46E-84EC04D7EDED} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {DF6A9494-79E9-439B-8243-B971819B59FA} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
==================== Loaded Modules (whitelisted) =============
2011-10-13 22:38 - 2011-10-13 22:38 - 00156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2012-08-06 05:36 - 2012-08-06 05:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-14 03:13 - 2012-08-14 03:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-07-31 08:11 - 2012-07-31 08:11 - 00024576 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\de\TosDILangPack.resources.dll
2012-10-31 08:50 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2682987213-1263350576-3446379092-500 - Administrator - Disabled)
Carsten (S-1-5-21-2682987213-1263350576-3446379092-1001 - Administrator - Enabled) => C:\Users\Carsten
Gast (S-1-5-21-2682987213-1263350576-3446379092-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/02/2015 04:53:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: N360.exe, Version: 12.10.0.42, Zeitstempel: 0x5202e8a2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16384, Zeitstempel: 0x5010ae7a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00053541
ID des fehlerhaften Prozesses: 0x7ec
Startzeit der fehlerhaften Anwendung: 0xN360.exe0
Pfad der fehlerhaften Anwendung: N360.exe1
Pfad des fehlerhaften Moduls: N360.exe2
Berichtskennung: N360.exe3
Vollständiger Name des fehlerhaften Pakets: N360.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: N360.exe5
Error: (01/02/2015 04:51:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Error: (01/02/2015 04:38:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1bc0
Startzeit: 01d0269c13be1e3d
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: 5d209878-9295-11e4-be76-7054d211700d
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.WindowsLive.Mail
Error: (01/02/2015 04:38:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: FAMILIEN-LAPTOP)
Description: Das Paket „microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (12/31/2014 03:57:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1314
Startzeit: 01d02509ace8967a
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: 5e0b6001-90fd-11e4-be76-7054d211700d
Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic
Error: (12/31/2014 03:57:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FAMILIEN-LAPTOP)
Description: Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/31/2014 03:57:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1314
Startzeit: 01d02509ace8967a
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: 3020cb29-90fd-11e4-be76-7054d211700d
Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneMusic
Error: (12/31/2014 03:56:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: FAMILIEN-LAPTOP)
Description: Die App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (12/31/2014 03:04:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.2.9200.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a8c
Startzeit: 01d024fb64bcd2e0
Endzeit: 0
Anwendungspfad: C:\WINDOWS\Explorer.EXE
Berichts-ID: bed73b1d-90f5-11e4-be76-7054d211700d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/31/2014 02:12:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_HomeGroupListener, Version: 6.2.9200.16384, Zeitstempel: 0x50108897
Name des fehlerhaften Moduls: listsvc.dll, Version: 6.2.9200.16384, Zeitstempel: 0x5010810c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001290b
ID des fehlerhaften Prozesses: 0x3a0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_HomeGroupListener0
Pfad der fehlerhaften Anwendung: svchost.exe_HomeGroupListener1
Pfad des fehlerhaften Moduls: svchost.exe_HomeGroupListener2
Berichtskennung: svchost.exe_HomeGroupListener3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_HomeGroupListener4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_HomeGroupListener5
System errors:
=============
Error: (01/02/2015 07:08:44 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005
Error: (01/02/2015 07:08:44 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (01/02/2015 05:41:07 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (01/02/2015 05:35:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2845533)
Error: (01/02/2015 05:35:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2836988)
Error: (01/02/2015 04:54:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Norton 360" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/02/2015 04:29:14 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900.
Error: (01/02/2015 04:29:12 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900.
Error: (01/02/2015 04:29:07 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (01/02/2015 04:29:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900.
Microsoft Office Sessions:
=========================
Error: (01/02/2015 04:53:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: N360.exe12.10.0.425202e8a2ntdll.dll6.2.9200.163845010ae7ac0000005000535417ec01d024ae1331abe6C:\Program Files (x86)\Norton 360\Engine\21.0.1.3\N360.exeC:\WINDOWS\SYSTEM32\ntdll.dll8718964f-9297-11e4-be76-7054d211700d
Error: (01/02/2015 04:51:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Program Files\CCleaner\CCleaner.exe
Error: (01/02/2015 04:38:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.2.9200.163841bc001d0269c13be1e3d4294967295C:\WINDOWS\system32\wwahost.exe5d209878-9295-11e4-be76-7054d211700dmicrosoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail
Error: (01/02/2015 04:38:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: FAMILIEN-LAPTOP)
Description: microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe
Error: (12/31/2014 03:57:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.2.9200.16384131401d02509ace8967a4294967295C:\WINDOWS\system32\wwahost.exe5e0b6001-90fd-11e4-be76-7054d211700dMicrosoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbweMicrosoft.ZuneMusic
Error: (12/31/2014 03:57:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FAMILIEN-LAPTOP)
Description: Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic-2144927142
Error: (12/31/2014 03:57:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.2.9200.16384131401d02509ace8967a4294967295C:\WINDOWS\system32\wwahost.exe3020cb29-90fd-11e4-be76-7054d211700dMicrosoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbweMicrosoft.ZuneMusic
Error: (12/31/2014 03:56:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: FAMILIEN-LAPTOP)
Description: Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic
Error: (12/31/2014 03:04:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.2.9200.163841a8c01d024fb64bcd2e00C:\WINDOWS\Explorer.EXEbed73b1d-90f5-11e4-be76-7054d211700d
Error: (12/31/2014 02:12:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_HomeGroupListener6.2.9200.1638450108897listsvc.dll6.2.9200.163845010810cc0000005000000000001290b3a001d024ae039e1638C:\WINDOWS\System32\svchost.exec:\windows\system32\listsvc.dll9e740a91-90ee-11e4-be76-7054d211700d
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 36%
Total physical RAM: 3977.22 MB
Available physical RAM: 2514.46 MB
Total Pagefile: 7561.22 MB
Available Pagefile: 6156.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: (TI30992300A) (Fixed) (Total:454.95 GB) (Free:334.25 GB) NTFS
Drive e: (TINY) (Removable) (Total:0.96 GB) (Free:0.42 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 984 MB) (Disk ID: 91F72D24)
Partition 1: (Active) - (Size=984 MB) - (Type=0B)
==================== End Of Log ============================
|
|
02.01.2015, 21:24
| #4 |
| /// the machine /// TB-Ausbilder | Phishinganruf und Computerübernahme sieht gut aus 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.01.2015, 19:15
| #5 |
| | Phishinganruf und Computerübernahme Vielen Dank für die schnelle Hilfe. So ließen sich Angst und Ärger doch etwas besser beruhigen. Und Entschuldigung für die erst im Nachhinein gesehenen Fehler im vorherigem Text. |
|
03.01.2015, 20:19
| #6 |
| /// the machine /// TB-Ausbilder | Phishinganruf und Computerübernahme Gern Geschehen
__________________ --> Phishinganruf und Computerübernahme |
|
| Themen zu Phishinganruf und Computerübernahme |
| anderen, angriffe, anzeige, aufgegeben, aufspielen, computer, englisch, euro, formatierung, geld, geändert, hacker, information, interne, karte, microsoft, miteinander, namen, neu, passwörter, phishing, recovery, service, toshiba, trojaner, weihnachten, windows 8.1 64bit, wirklich, Überweisung, zugriff |
Linear-Darstellung
