| |
| |||||||
Log-Analyse und Auswertung: Win8: maildelivery failedWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
20.03.2014, 09:10
| #1 |
| |  Win8: maildelivery failed Hallo liebe Leute, vielleicht kann mir jemand helfen.... erhalte seit einigen Tagen mehrmals am Tag auf meinem GMX Account mail delivery failed nachrichten aus meinem web.de account. This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address failed: "copey@cynet.com": SMTP error from remote server after RCPT command: host: mx1c38.carrierzone.com 5.1.1 <copey@cynet.com>... User unknown "admin@aser.us": SMTP error from remote server in greeting: host: smtp.secureserver.net: m1pismtp01-032.prod.mesa1.secureserver.net Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means. "rpella@gmail.com": SMTP error from remote server after transfer of mail text: host: gmail-smtp-in.l.google.com 5.7.1 [82.165.159.2 7] Our system has detected that this message is 5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail, 5.7.1 this message has been blocked. Please visit 5.7.1 hxxp://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for 5.7.1 more information. u5si1287647een.233 - gsmtp "cm02_69@hotmail.com": SMTP error from remote server after MAIL command: host: mx1.hotmail.com OU-001 (BAY0-MC1-F48) Unfortunately, messages from 82.165.159.2 weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to hxxp://mail.live.com/mail/troubleshooting.aspx#errors. --- The header of the original message is following. --- Received: from zzuqgmc ([91.78.58.201]) by smtp.web.de (mrweb102) with ESMTPA (Nemesis) id 0LfiqM-1WsUFk3Uks-00pJpL; Thu, 20 Mar 2014 07:12:19 +0100 From: mina_hierl@web.de Date: Thu, 20 Mar 2014 07:00:39 -0700 Subject: Viagra To: <cm02_69@hotmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Message-ID: <0MdLsF-1WhuTI0sUd-00IWC2@smtp.web.de> X-Provags-ID: V03:K0  ebe7M988cFhECnUMRg3LZvSVpv9IdPWlGMc7oix6TZRHAfM8YwFjexsognnEn99DHA5uENJeWKG7dfsg2iMWUuYgVTxZqFHntP07X4GqLb7pBCbfmp8RZN2oN 0vAYLGPTIPwdwrwG2ywNJwvGoy0LelIv59UI2bfFBhsTLjArs9MGog9U66911vo/Ygx/3mj TVf+1ua4Qqg98PrNkvjzQ== habe bereits das passwort zum web.de account geändert. Was soll ich noch tun? Vielen Dank schon mal! |
|
20.03.2014, 09:12
| #2 |
| /// the machine /// TB-Ausbilder    | Win8: maildelivery failed hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
20.03.2014, 09:23
| #3 |
| | Win8: maildelivery failed FRST Additions Logfile:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Marina at 2014-03-20 09:20:43
Running from C:\Users\Marina\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{54e41ca6-dd37-46c6-ac9e-32183e09bfcd}) (Version: 1.0.5186.22941 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.0.5186.22941 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Benutzerhandbuch (x32 Version: 1.0.0.15 - Lenovo) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
EndNote X6 (HKLM-x32\...\{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}) (Version: 16.0.1.6599 - Thomson Reuters)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Energy Manager (x32 Version: 1.0.0.24 - Lenovo) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.0.1.0037 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1304-148929CC1385}) (Version: 3.0.1304.0338 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.4.1001 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (x32 Version: 1.6.0.56 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{12fc27dc-b637-4ebb-b424-26feff9598c5}) (Version: 16.0.4 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.4241 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
OpenOffice Beta 4.1.0 (HKLM-x32\...\{E0284E69-DDCE-4AB0-9A6B-22DC9CB8D7DB}) (Version: 4.10.9760 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6899 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.0.0 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
==================== Restore Points =========================
12-03-2014 19:33:48 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
18-03-2014 16:51:45 Installed EndNote X6
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3ABB5AEF-820B-4502-9763-E25B08B494AC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {47BC4EF2-02D2-47AC-9791-7558B30F89A8} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {501EB261-2B59-4104-853D-134C760D1578} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {543DBB41-8EC2-417D-BFCD-4BEE60E8139A} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {55511CEE-934A-49BE-8533-4FBB3AE30B93} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-02] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DEDCB9F0-2915-4F8D-B988-EC9D4588003A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2013-04-15 15:45 - 2013-04-15 15:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 15:45 - 2013-04-15 15:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-23 08:49 - 2013-12-23 08:49 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-12-23 08:49 - 2013-12-23 08:49 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2013-12-23 08:49 - 2013-12-23 08:49 - 00172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2014-03-12 20:18 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-12-23 08:09 - 2013-05-09 13:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-14 12:46 - 2014-03-14 12:46 - 00111696 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-03-14 12:46 - 2014-03-14 12:46 - 00061520 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-03-12 16:07 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-23 08:49 - 2013-12-23 08:49 - 01623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2013-12-23 08:49 - 2013-12-23 08:49 - 00030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2014-03-12 20:19 - 2014-03-14 12:46 - 00049744 _____ () C:\Users\Marina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\Users\Marina\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/20/2014 09:09:52 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/18/2014 05:48:53 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/17/2014 10:15:55 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/16/2014 04:28:30 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a10
Startzeit: 01cf412bac5167c1
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 9fce5263-ad1f-11e3-be7f-c454441ed4e6
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 03:58:30 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: dd4
Startzeit: 01cf41277b684f56
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 6ee94fa7-ad1b-11e3-be7f-c454441ed4e6
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 03:28:31 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: cb8
Startzeit: 01cf41234a83e1b9
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 3e07b547-ad17-11e3-be7f-c454441ed4e6
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 02:58:31 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a98
Startzeit: 01cf411f199f5190
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 0d2375dc-ad13-11e3-be7f-c454441ed4e6
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 02:28:31 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f60
Startzeit: 01cf411ae8bcf8c4
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: dc3af3d2-ad0e-11e3-be7f-c454441ed4e6
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 02:06:18 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 8f0
Startzeit: 01cf4117ce928c45
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: c20e2cc4-ad0b-11e3-be7f-c454441ed4e6
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 02:01:13 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20413 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 172c
Startzeit: 01cf41171892211f
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 0c142e9d-ad0b-11e3-be7f-c454441ed4e6
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
System errors:
=============
Error: (03/20/2014 08:47:14 AM) (Source: Microsoft-Windows-NDIS) (User: NT-AUTORITÄT)
Description: Für den Miniport "Realtek PCIe GBE Family Controller, {4BDC8003-FCA1-4608-8DB7-CEC6B06E8BB5}" ist das Ereignis "74" aufgetreten.
Error: (03/19/2014 08:01:48 PM) (Source: Microsoft-Windows-NDIS) (User: )
Description: Für den Miniport "Controller der Familie Realtek PCIe GBE, {D6220C7A-9B56-4CB6-ADE9-A509B47AFB38}" ist das Ereignis "74" aufgetreten.
Error: (03/19/2014 03:20:58 PM) (Source: Microsoft-Windows-NDIS) (User: NT-AUTORITÄT)
Description: Für den Miniport "Realtek PCIe GBE Family Controller, {4BDC8003-FCA1-4608-8DB7-CEC6B06E8BB5}" ist das Ereignis "74" aufgetreten.
Error: (03/19/2014 00:26:35 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/19/2014 08:33:37 AM) (Source: Microsoft-Windows-NDIS) (User: )
Description: Für den Miniport "Controller der Familie Realtek PCIe GBE, {D6220C7A-9B56-4CB6-ADE9-A509B47AFB38}" ist das Ereignis "74" aufgetreten.
Error: (03/18/2014 08:33:02 PM) (Source: Microsoft-Windows-NDIS) (User: NT-AUTORITÄT)
Description: Für den Miniport "Realtek PCIe GBE Family Controller, {4BDC8003-FCA1-4608-8DB7-CEC6B06E8BB5}" ist das Ereignis "74" aufgetreten.
Error: (03/18/2014 06:35:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (03/18/2014 05:51:52 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/18/2014 07:45:11 AM) (Source: Microsoft-Windows-NDIS) (User: )
Description: Für den Miniport "Controller der Familie Realtek PCIe GBE, {D6220C7A-9B56-4CB6-ADE9-A509B47AFB38}" ist das Ereignis "74" aufgetreten.
Error: (03/17/2014 05:49:01 PM) (Source: Microsoft-Windows-NDIS) (User: )
Description: Für den Miniport "Realtek PCIe GBE Family Controller, {4BDC8003-FCA1-4608-8DB7-CEC6B06E8BB5}" ist das Ereignis "74" aufgetreten.
Microsoft Office Sessions:
=========================
Error: (03/20/2014 09:09:52 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/18/2014 05:48:53 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/17/2014 10:15:55 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/16/2014 04:28:30 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.204131a1001cf412bac5167c14294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe9fce5263-ad1f-11e3-be7f-c454441ed4e6microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 03:58:30 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20413dd401cf41277b684f564294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe6ee94fa7-ad1b-11e3-be7f-c454441ed4e6microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 03:28:31 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20413cb801cf41234a83e1b94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe3e07b547-ad17-11e3-be7f-c454441ed4e6microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 02:58:31 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.204131a9801cf411f199f51904294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe0d2375dc-ad13-11e3-be7f-c454441ed4e6microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 02:28:31 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20413f6001cf411ae8bcf8c44294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exedc3af3d2-ad0e-11e3-be7f-c454441ed4e6microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 02:06:18 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.204138f001cf4117ce928c454294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exec20e2cc4-ad0b-11e3-be7f-c454441ed4e6microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (03/16/2014 02:01:13 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20413172c01cf41171892211f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\LiveComm.exe0c142e9d-ad0b-11e3-be7f-c454441ed4e6microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
CodeIntegrity Errors:
===================================
Date: 2014-03-16 14:11:19.884
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-03-16 14:11:07.575
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-03-12 20:51:49.641
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 54%
Total physical RAM: 4008.27 MB
Available physical RAM: 1810.47 MB
Total Pagefile: 5416.27 MB
Available Pagefile: 2839.41 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.91 GB) (Free:397.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.1 GB) NTFS
Drive e: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:85.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 37C9FCA1)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: BEA37B0B)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
20.03.2014, 10:05
| #4 |
| | Win8: maildelivery failed FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Marina (administrator) on MARINA_H-PC on 20-03-2014 09:19:55
Running from C:\Users\Marina\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Microsoft Corporation) C:\WINDOWS\FileManager\PhotosApp.exe
(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13535304 2013-05-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-25] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] - C:\WINDOWS\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7770936 2013-04-12] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [677616 2013-03-01] (Synaptics)
HKLM\...\Run: [Energy Manager] - C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-12-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] - C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-12-23] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-01] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [172624 2014-03-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
SearchScopes: HKLM - DefaultScope {0DAED61F-EA00-4C9D-86F8-19717E646605} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM - {0DAED61F-EA00-4C9D-86F8-19717E646605} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - DefaultScope {0DAED61F-EA00-4C9D-86F8-19717E646605} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKLM-x32 - {0DAED61F-EA00-4C9D-86F8-19717E646605} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
SearchScopes: HKCU - DefaultScope {0DAED61F-EA00-4C9D-86F8-19717E646605} URL =
SearchScopes: HKCU - {0DAED61F-EA00-4C9D-86F8-19717E646605} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Marina\AppData\Roaming\Mozilla\Firefox\Profiles\eb4e9d7v.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Marina\AppData\Roaming\Mozilla\Firefox\Profiles\eb4e9d7v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [116816 2014-03-14] (Avira Operations GmbH & Co. KG)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-12-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-03-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [86472 2013-04-25] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-12] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-09] (Intel Corporation)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-15] (Realtek Semiconductor Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-12] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-01] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-03-12] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-03-18] ()
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-20 09:19 - 2014-03-20 09:20 - 00014791 _____ () C:\Users\Marina\Downloads\FRST.txt
2014-03-20 09:19 - 2014-03-20 09:19 - 00000000 ____D () C:\FRST
2014-03-20 09:18 - 2014-03-20 09:18 - 02157056 _____ (Farbar) C:\Users\Marina\Downloads\FRST64.exe
2014-03-19 09:02 - 2014-03-19 12:26 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-19 09:02 - 2014-03-02 14:05 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-18 21:20 - 2014-03-18 21:22 - 00011316 _____ () C:\Users\Marina\Desktop\rezepte_linsen.odt
2014-03-18 20:33 - 2014-03-19 08:33 - 00000000 ____D () C:\WINDOWS\LastGood
2014-03-18 20:04 - 2014-03-18 20:04 - 00176398 _____ () C:\Users\Marina\Desktop\Marina Doktorarbeit Copy_Maerz Copy.enl
2014-03-18 20:04 - 2014-03-18 20:04 - 00000000 ____D () C:\Users\Marina\Desktop\Marina Doktorarbeit Copy_Maerz Copy.Data
2014-03-18 18:36 - 2014-03-18 18:36 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-03-18 18:19 - 2014-03-18 18:19 - 00176266 _____ () C:\Users\Marina\Desktop\Marina Doktorarbeit Copy.enl
2014-03-18 18:19 - 2014-03-18 18:19 - 00000000 ____D () C:\Users\Marina\Desktop\Marina Doktorarbeit Copy.Data
2014-03-18 17:58 - 2014-03-18 18:27 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\EndNote
2014-03-18 17:54 - 2014-03-18 17:54 - 00000000 ____D () C:\Users\Public\Documents\EndNote
2014-03-18 17:52 - 2014-03-18 17:54 - 00000000 ____D () C:\Program Files (x86)\EndNote X6
2014-03-18 17:51 - 2014-03-18 17:54 - 00000000 ____D () C:\ProgramData\Thomson.ResearchSoft.Installers
2014-03-18 17:51 - 2014-03-18 17:51 - 00000000 ____D () C:\Users\Marina\Desktop\X6
2014-03-16 13:14 - 2014-03-18 20:03 - 00000000 ____D () C:\Users\Marina\Desktop\ArtikelOncology
2014-03-16 12:08 - 2014-03-16 12:08 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-03-14 23:16 - 2014-03-15 17:44 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-14 19:15 - 2014-03-14 19:16 - 00000000 ____D () C:\Users\Marina\Documents\adblockplus-2.5.1
2014-03-14 09:08 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-14 09:08 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-14 09:08 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-14 09:08 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-14 09:08 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-14 09:08 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-14 09:08 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-14 09:08 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-14 09:08 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-14 09:08 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-14 09:08 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-14 09:08 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-14 09:08 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-14 09:08 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-14 09:08 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-14 09:08 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-14 09:08 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-14 09:06 - 2014-03-14 09:06 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-03-12 22:14 - 2014-03-12 22:14 - 00002050 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-12 22:14 - 2014-03-12 22:14 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-12 22:13 - 2014-03-13 07:20 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-12 22:12 - 2014-03-12 22:12 - 00000000 ____D () C:\Users\Marina\AppData\Local\Macromedia
2014-03-12 22:05 - 2014-03-18 21:22 - 00013312 ___SH () C:\Users\Marina\Desktop\Thumbs.db
2014-03-12 22:05 - 2014-03-12 22:05 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Nitro
2014-03-12 22:04 - 2014-03-18 19:18 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Nitro PDF
2014-03-12 22:02 - 2014-03-20 09:12 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-12 22:02 - 2014-03-12 22:17 - 00000000 ____D () C:\Users\Marina\AppData\Local\Adobe
2014-03-12 22:02 - 2014-03-12 22:02 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-12 21:14 - 2014-03-12 21:21 - 00000000 ____D () C:\Users\Marina\AppData\Local\Intel_Corporation
2014-03-12 20:44 - 2014-03-12 20:44 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\OpenOfficeBeta
2014-03-12 20:35 - 2014-03-12 20:43 - 00000000 ____D () C:\Program Files (x86)\OpenOffice Beta 4
2014-03-12 20:35 - 2014-03-12 20:35 - 00001166 _____ () C:\Users\Public\Desktop\OpenOffice Beta 4.1.0.lnk
2014-03-12 20:33 - 2014-03-12 20:33 - 00000000 ____D () C:\Users\Marina\Desktop\OpenOffice Beta 4.1.0 (de) Installation Files
2014-03-12 20:24 - 2014-03-12 20:24 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Avira
2014-03-12 20:23 - 2014-03-12 20:27 - 160989045 _____ () C:\Users\Marina\Downloads\Apache_OpenOffice_Beta_4.1.0_Win_x86_install_de.exe
2014-03-12 20:18 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-03-12 20:18 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-03-12 20:18 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-03-12 20:14 - 2014-03-18 18:42 - 00001164 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-03-12 20:14 - 2014-03-18 18:42 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-12 20:14 - 2014-03-12 20:18 - 00000000 ____D () C:\ProgramData\Avira
2014-03-12 20:14 - 2014-03-12 20:14 - 04051048 _____ (Avira Operations GmbH & Co. KG) C:\Users\Marina\Downloads\avira_de_av___ws.exe
2014-03-12 20:03 - 2014-03-12 20:03 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-12 19:40 - 2014-03-20 08:47 - 00000000 __RDO () C:\Users\Marina\SkyDrive
2014-03-12 19:38 - 2014-03-12 19:38 - 00001461 _____ () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-12 19:38 - 2014-03-12 19:38 - 00000020 ___SH () C:\Users\Marina\ntuser.ini
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Programme
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-12 18:25 - 2014-03-20 09:18 - 01109065 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-12 18:25 - 2014-03-12 18:25 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-03-12 18:17 - 2014-03-12 18:17 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-03-12 18:16 - 2014-03-18 17:54 - 00000000 ____D () C:\Users\Marina
2014-03-12 18:16 - 2014-03-12 18:25 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-03-12 18:16 - 2014-03-12 18:25 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-03-12 18:16 - 2014-03-12 18:17 - 00000000 ___RD () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 18:16 - 2014-03-12 18:17 - 00000000 ___RD () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Vorlagen
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Startmenü
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Netzwerkumgebung
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Lokale Einstellungen
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Eigene Dateien
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Druckumgebung
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Documents\Eigene Musik
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Documents\Eigene Bilder
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\AppData\Local\Verlauf
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\AppData\Local\Anwendungsdaten
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Anwendungsdaten
2014-03-12 18:16 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-12 18:16 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-12 18:11 - 2014-03-12 18:11 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-03-12 18:11 - 2014-03-12 18:11 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-03-12 18:11 - 2014-03-12 18:11 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_btmhsf_01011.Wdf
2014-03-12 18:11 - 2014-03-12 18:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-03-12 18:11 - 2014-03-12 18:11 - 00000000 ____D () C:\Program Files\Realtek
2014-03-12 18:10 - 2014-03-12 18:17 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-12 18:10 - 2014-03-12 18:10 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-03-12 18:10 - 2014-03-12 18:10 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-03-12 18:10 - 2014-03-12 18:10 - 00000000 ____D () C:\Program Files\Synaptics
2014-03-12 18:10 - 2014-01-25 02:23 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-03-12 18:10 - 2014-01-25 02:23 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-03-12 18:08 - 2014-03-15 17:44 - 00000000 ___DC () C:\WINDOWS\Panther
2014-03-12 18:08 - 2014-03-12 18:08 - 00000000 __SHD () C:\Recovery
2014-03-12 18:06 - 2014-03-12 18:06 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-12 18:05 - 2014-03-12 18:05 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-12 18:05 - 2014-03-12 18:05 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-12 18:05 - 2014-03-12 18:05 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-03-12 18:05 - 2014-03-12 18:05 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-03-12 18:05 - 2014-03-12 18:05 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-03-12 18:04 - 2014-03-12 18:04 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-03-12 18:04 - 2014-03-12 18:04 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-12 18:04 - 2014-03-12 18:04 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-03-12 18:04 - 2014-03-12 18:04 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-03-12 18:04 - 2014-03-12 18:04 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-03-12 18:04 - 2014-03-12 18:04 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-03-12 18:04 - 2014-03-12 18:04 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-03-12 18:04 - 2014-03-12 18:04 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-03-12 18:04 - 2014-03-12 18:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-03-12 18:03 - 2014-03-12 18:03 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-03-12 18:02 - 2014-03-12 18:02 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-03-12 18:02 - 2014-03-12 18:02 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-12 18:02 - 2014-03-12 18:02 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-12 18:02 - 2014-03-12 18:02 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-12 18:02 - 2014-03-12 18:02 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-12 18:02 - 2014-03-12 18:02 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-12 18:01 - 2014-03-12 18:01 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-03-12 18:01 - 2014-03-12 18:01 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-03-12 18:01 - 2014-03-12 18:01 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-03-12 18:01 - 2014-03-12 18:01 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-03-12 18:01 - 2014-03-12 18:01 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-03-12 17:59 - 2014-03-12 17:59 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-12 17:59 - 2014-03-12 17:59 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-12 17:59 - 2014-03-12 17:59 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-12 17:59 - 2014-03-12 17:59 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-12 17:59 - 2014-03-12 17:59 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-12 17:59 - 2014-03-12 17:59 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-12 17:59 - 2014-03-12 17:59 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-12 17:59 - 2014-03-12 17:59 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-12 17:59 - 2014-03-12 17:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-12 17:58 - 2014-03-12 17:58 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-12 17:58 - 2014-03-12 17:58 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-12 17:58 - 2014-03-12 17:58 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-12 17:58 - 2014-03-12 17:58 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-12 17:58 - 2014-03-12 17:58 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-12 17:58 - 2014-03-12 17:58 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-12 17:58 - 2014-03-12 17:58 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-03-12 17:57 - 2014-03-12 17:57 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-03-12 17:57 - 2014-03-12 17:57 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-03-12 17:57 - 2014-03-12 17:57 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-03-12 17:57 - 2014-03-12 17:57 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-03-12 17:57 - 2014-03-12 17:57 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-03-12 17:57 - 2014-03-12 17:57 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-03-12 17:57 - 2014-03-12 17:57 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-03-12 17:57 - 2014-03-12 17:57 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-03-12 17:57 - 2014-03-12 17:57 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-03-12 17:56 - 2014-03-12 17:56 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-12 17:56 - 2014-03-12 17:56 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-12 17:56 - 2014-03-12 17:56 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-03-12 17:53 - 2014-03-12 17:53 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-03-12 17:53 - 2014-03-12 17:53 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-12 17:53 - 2014-03-12 17:53 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-12 17:53 - 2014-03-12 17:53 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-03-12 17:53 - 2014-03-12 17:53 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-12 17:52 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-03-12 17:52 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-12 17:52 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-03-12 17:52 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-03-12 17:52 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-12 17:52 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-03-12 17:37 - 2014-03-12 18:25 - 00006565 _____ () C:\WINDOWS\comsetup.log
2014-03-12 16:07 - 2014-03-20 09:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-12 16:07 - 2014-03-20 09:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-12 16:07 - 2014-03-12 16:07 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-12 16:07 - 2014-03-12 16:07 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Mozilla
2014-03-12 16:07 - 2014-03-12 16:07 - 00000000 ____D () C:\Users\Marina\AppData\Local\Mozilla
2014-03-12 16:07 - 2014-03-12 16:07 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-12 16:04 - 2014-03-12 16:05 - 00003558 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-03-12 15:55 - 2014-03-12 15:55 - 00000000 ____D () C:\sources
2014-03-12 12:35 - 2014-03-12 12:35 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-03-12 12:35 - 2014-03-12 12:35 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-12 12:20 - 2014-03-18 18:53 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-354787352-3659613777-2342552823-1001
2014-03-12 12:13 - 2014-03-12 12:13 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-03-12 12:13 - 2014-03-12 12:13 - 00000000 ____D () C:\Users\Marina\AppData\Local\MotionControl
2014-03-12 12:12 - 2014-03-15 17:44 - 00000000 ____D () C:\Users\Marina\AppData\Local\Packages
2014-03-12 12:12 - 2014-03-12 22:17 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Adobe
2014-03-12 12:12 - 2014-03-12 19:38 - 00000000 ___RD () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-12 12:12 - 2014-03-12 19:38 - 00000000 ___RD () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-12 12:12 - 2014-03-12 12:12 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-12 12:12 - 2014-03-12 12:12 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Macromedia
2014-03-12 12:12 - 2014-03-12 12:12 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Intel
2014-03-12 12:12 - 2014-03-12 12:12 - 00000000 ____D () C:\Users\Marina\AppData\Local\VirtualStore
==================== One Month Modified Files and Folders =======
2014-03-20 09:20 - 2014-03-20 09:19 - 00014791 _____ () C:\Users\Marina\Downloads\FRST.txt
2014-03-20 09:19 - 2014-03-20 09:19 - 00000000 ____D () C:\FRST
2014-03-20 09:18 - 2014-03-20 09:18 - 02157056 _____ (Farbar) C:\Users\Marina\Downloads\FRST64.exe
2014-03-20 09:18 - 2014-03-12 18:25 - 01109065 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-20 09:18 - 2014-03-12 16:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-20 09:18 - 2014-03-12 16:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-20 09:12 - 2014-03-12 22:02 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-20 09:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-20 08:47 - 2014-03-12 19:40 - 00000000 __RDO () C:\Users\Marina\SkyDrive
2014-03-19 12:26 - 2014-03-19 09:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-19 12:23 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-19 08:33 - 2014-03-18 20:33 - 00000000 ____D () C:\WINDOWS\LastGood
2014-03-18 21:22 - 2014-03-18 21:20 - 00011316 _____ () C:\Users\Marina\Desktop\rezepte_linsen.odt
2014-03-18 21:22 - 2014-03-12 22:05 - 00013312 ___SH () C:\Users\Marina\Desktop\Thumbs.db
2014-03-18 20:04 - 2014-03-18 20:04 - 00176398 _____ () C:\Users\Marina\Desktop\Marina Doktorarbeit Copy_Maerz Copy.enl
2014-03-18 20:04 - 2014-03-18 20:04 - 00000000 ____D () C:\Users\Marina\Desktop\Marina Doktorarbeit Copy_Maerz Copy.Data
2014-03-18 20:03 - 2014-03-16 13:14 - 00000000 ____D () C:\Users\Marina\Desktop\ArtikelOncology
2014-03-18 19:18 - 2014-03-12 22:04 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Nitro PDF
2014-03-18 18:53 - 2014-03-12 12:20 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-354787352-3659613777-2342552823-1001
2014-03-18 18:42 - 2014-03-12 20:14 - 00001164 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-03-18 18:42 - 2014-03-12 20:14 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-03-18 18:42 - 2013-12-23 08:12 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-18 18:42 - 2013-11-14 08:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-18 18:42 - 2013-11-14 08:11 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-18 18:42 - 2013-11-14 08:11 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-18 18:36 - 2014-03-18 18:36 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-03-18 18:36 - 2013-12-23 08:36 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-03-18 18:36 - 2013-11-13 23:18 - 00086802 _____ () C:\WINDOWS\PFRO.log
2014-03-18 18:36 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-18 18:36 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-18 18:35 - 2013-12-23 08:49 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2014-03-18 18:27 - 2014-03-18 17:58 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\EndNote
2014-03-18 18:19 - 2014-03-18 18:19 - 00176266 _____ () C:\Users\Marina\Desktop\Marina Doktorarbeit Copy.enl
2014-03-18 18:19 - 2014-03-18 18:19 - 00000000 ____D () C:\Users\Marina\Desktop\Marina Doktorarbeit Copy.Data
2014-03-18 17:54 - 2014-03-18 17:54 - 00000000 ____D () C:\Users\Public\Documents\EndNote
2014-03-18 17:54 - 2014-03-18 17:52 - 00000000 ____D () C:\Program Files (x86)\EndNote X6
2014-03-18 17:54 - 2014-03-18 17:51 - 00000000 ____D () C:\ProgramData\Thomson.ResearchSoft.Installers
2014-03-18 17:54 - 2014-03-12 18:16 - 00000000 ____D () C:\Users\Marina
2014-03-18 17:51 - 2014-03-18 17:51 - 00000000 ____D () C:\Users\Marina\Desktop\X6
2014-03-18 17:50 - 2013-08-22 15:46 - 00289334 _____ () C:\WINDOWS\setupact.log
2014-03-16 12:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-16 12:08 - 2014-03-16 12:08 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-03-15 18:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-15 17:44 - 2014-03-14 23:16 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-15 17:44 - 2014-03-12 18:08 - 00000000 ___DC () C:\WINDOWS\Panther
2014-03-15 17:44 - 2014-03-12 12:12 - 00000000 ____D () C:\Users\Marina\AppData\Local\Packages
2014-03-15 17:29 - 2013-08-22 15:44 - 00360616 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 19:16 - 2014-03-14 19:15 - 00000000 ____D () C:\Users\Marina\Documents\adblockplus-2.5.1
2014-03-14 09:06 - 2014-03-14 09:06 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-03-13 07:20 - 2014-03-12 22:13 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-12 22:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-12 22:17 - 2014-03-12 22:02 - 00000000 ____D () C:\Users\Marina\AppData\Local\Adobe
2014-03-12 22:17 - 2014-03-12 12:12 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Adobe
2014-03-12 22:14 - 2014-03-12 22:14 - 00002050 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-03-12 22:14 - 2014-03-12 22:14 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-12 22:12 - 2014-03-12 22:12 - 00000000 ____D () C:\Users\Marina\AppData\Local\Macromedia
2014-03-12 22:05 - 2014-03-12 22:05 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Nitro
2014-03-12 22:02 - 2014-03-12 22:02 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-12 21:21 - 2014-03-12 21:14 - 00000000 ____D () C:\Users\Marina\AppData\Local\Intel_Corporation
2014-03-12 20:44 - 2014-03-12 20:44 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\OpenOfficeBeta
2014-03-12 20:43 - 2014-03-12 20:35 - 00000000 ____D () C:\Program Files (x86)\OpenOffice Beta 4
2014-03-12 20:35 - 2014-03-12 20:35 - 00001166 _____ () C:\Users\Public\Desktop\OpenOffice Beta 4.1.0.lnk
2014-03-12 20:33 - 2014-03-12 20:33 - 00000000 ____D () C:\Users\Marina\Desktop\OpenOffice Beta 4.1.0 (de) Installation Files
2014-03-12 20:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-03-12 20:27 - 2014-03-12 20:23 - 160989045 _____ () C:\Users\Marina\Downloads\Apache_OpenOffice_Beta_4.1.0_Win_x86_install_de.exe
2014-03-12 20:24 - 2014-03-12 20:24 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Avira
2014-03-12 20:18 - 2014-03-12 20:14 - 00000000 ____D () C:\ProgramData\Avira
2014-03-12 20:14 - 2014-03-12 20:14 - 04051048 _____ (Avira Operations GmbH & Co. KG) C:\Users\Marina\Downloads\avira_de_av___ws.exe
2014-03-12 20:03 - 2014-03-12 20:03 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-12 19:38 - 2014-03-12 19:38 - 00001461 _____ () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-12 19:38 - 2014-03-12 19:38 - 00000020 ___SH () C:\Users\Marina\ntuser.ini
2014-03-12 19:38 - 2014-03-12 12:12 - 00000000 ___RD () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-12 19:38 - 2014-03-12 12:12 - 00000000 ___RD () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Programme
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-12 18:54 - 2014-03-12 18:54 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-12 18:26 - 2014-03-12 18:26 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-12 18:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-12 18:26 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-03-12 18:25 - 2014-03-12 18:25 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-03-12 18:25 - 2014-03-12 18:16 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-03-12 18:25 - 2014-03-12 18:16 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-03-12 18:25 - 2014-03-12 17:37 - 00006565 _____ () C:\WINDOWS\comsetup.log
2014-03-12 18:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-03-12 18:24 - 2013-12-23 08:12 - 01804472 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-03-12 18:22 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-03-12 18:22 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-12 18:19 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-03-12 18:18 - 2013-12-23 08:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-03-12 18:18 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-03-12 18:18 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-03-12 18:18 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-03-12 18:18 - 2013-08-22 16:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-03-12 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-03-12 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-03-12 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-03-12 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-03-12 18:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-03-12 18:18 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-03-12 18:18 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-03-12 18:18 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-03-12 18:17 - 2014-03-12 18:17 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-03-12 18:17 - 2014-03-12 18:16 - 00000000 ___RD () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 18:17 - 2014-03-12 18:16 - 00000000 ___RD () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-12 18:17 - 2014-03-12 18:10 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-12 18:17 - 2013-12-23 08:50 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-12 18:17 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-03-12 18:17 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-03-12 18:17 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-03-12 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-03-12 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-03-12 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2014-03-12 18:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-12 18:17 - 2013-03-25 22:03 - 00000000 ____D () C:\ProgramData\PRICache
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Vorlagen
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Startmenü
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Netzwerkumgebung
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Lokale Einstellungen
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Eigene Dateien
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Druckumgebung
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Documents\Eigene Musik
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Documents\Eigene Bilder
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\AppData\Local\Verlauf
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\AppData\Local\Anwendungsdaten
2014-03-12 18:16 - 2014-03-12 18:16 - 00000000 _SHDL () C:\Users\Marina\Anwendungsdaten
2014-03-12 18:11 - 2014-03-12 18:11 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-03-12 18:11 - 2014-03-12 18:11 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-03-12 18:11 - 2014-03-12 18:11 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_btmhsf_01011.Wdf
2014-03-12 18:11 - 2014-03-12 18:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-03-12 18:11 - 2014-03-12 18:11 - 00000000 ____D () C:\Program Files\Realtek
2014-03-12 18:11 - 2013-08-22 15:46 - 00000084 _____ () C:\WINDOWS\setuperr.log
2014-03-12 18:10 - 2014-03-12 18:10 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-03-12 18:10 - 2014-03-12 18:10 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-03-12 18:10 - 2014-03-12 18:10 - 00000000 ____D () C:\Program Files\Synaptics
2014-03-12 18:08 - 2014-03-12 18:08 - 00000000 __SHD () C:\Recovery
2014-03-12 18:07 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-03-12 18:06 - 2014-03-12 18:06 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-03-12 18:06 - 2014-03-12 18:06 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-12 18:05 - 2014-03-12 18:05 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-12 18:05 - 2014-03-12 18:05 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-12 18:05 - 2014-03-12 18:05 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-03-12 18:05 - 2014-03-12 18:05 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-03-12 18:05 - 2014-03-12 18:05 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-03-12 18:05 - 2014-03-12 18:05 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-03-12 18:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-03-12 18:04 - 2014-03-12 18:04 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-03-12 18:04 - 2014-03-12 18:04 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-12 18:04 - 2014-03-12 18:04 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-03-12 18:04 - 2014-03-12 18:04 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-03-12 18:04 - 2014-03-12 18:04 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-03-12 18:04 - 2014-03-12 18:04 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-03-12 18:04 - 2014-03-12 18:04 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-03-12 18:04 - 2014-03-12 18:04 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-03-12 18:04 - 2014-03-12 18:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-12 18:04 - 2014-03-12 18:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-03-12 18:03 - 2014-03-12 18:03 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-03-12 18:03 - 2014-03-12 18:03 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-03-12 18:03 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-12 18:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-12 18:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-12 18:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-12 18:02 - 2014-03-12 18:02 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-03-12 18:02 - 2014-03-12 18:02 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-12 18:02 - 2014-03-12 18:02 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-12 18:02 - 2014-03-12 18:02 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-12 18:02 - 2014-03-12 18:02 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-12 18:02 - 2014-03-12 18:02 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-03-12 18:02 - 2014-03-12 18:02 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-12 18:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 18:02 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-12 18:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-12 18:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-12 18:01 - 2014-03-12 18:01 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-03-12 18:01 - 2014-03-12 18:01 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-03-12 18:01 - 2014-03-12 18:01 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-03-12 18:01 - 2014-03-12 18:01 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-03-12 18:01 - 2014-03-12 18:01 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-03-12 18:01 - 2014-03-12 18:01 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-03-12 18:01 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-12 18:01 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-12 17:59 - 2014-03-12 17:59 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-12 17:59 - 2014-03-12 17:59 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-12 17:59 - 2014-03-12 17:59 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-12 17:59 - 2014-03-12 17:59 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-12 17:59 - 2014-03-12 17:59 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-12 17:59 - 2014-03-12 17:59 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-12 17:59 - 2014-03-12 17:59 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-12 17:59 - 2014-03-12 17:59 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-12 17:59 - 2014-03-12 17:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-12 17:59 - 2014-03-12 17:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-12 17:58 - 2014-03-12 17:58 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-12 17:58 - 2014-03-12 17:58 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-12 17:58 - 2014-03-12 17:58 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-12 17:58 - 2014-03-12 17:58 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-12 17:58 - 2014-03-12 17:58 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-12 17:58 - 2014-03-12 17:58 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-12 17:58 - 2014-03-12 17:58 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-12 17:58 - 2014-03-12 17:58 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-03-12 17:57 - 2014-03-12 17:57 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-03-12 17:57 - 2014-03-12 17:57 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-03-12 17:57 - 2014-03-12 17:57 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-03-12 17:57 - 2014-03-12 17:57 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-03-12 17:57 - 2014-03-12 17:57 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-03-12 17:57 - 2014-03-12 17:57 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-03-12 17:57 - 2014-03-12 17:57 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-03-12 17:57 - 2014-03-12 17:57 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-03-12 17:57 - 2014-03-12 17:57 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-03-12 17:57 - 2014-03-12 17:57 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-03-12 17:56 - 2014-03-12 17:56 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-12 17:56 - 2014-03-12 17:56 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-12 17:56 - 2014-03-12 17:56 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-03-12 17:53 - 2014-03-12 17:53 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-03-12 17:53 - 2014-03-12 17:53 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-12 17:53 - 2014-03-12 17:53 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-12 17:53 - 2014-03-12 17:53 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-03-12 17:53 - 2014-03-12 17:53 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-12 17:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-03-12 17:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-03-12 17:44 - 2013-12-23 07:46 - 01915753 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-03-12 17:13 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-03-12 16:07 - 2014-03-12 16:07 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-12 16:07 - 2014-03-12 16:07 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Mozilla
2014-03-12 16:07 - 2014-03-12 16:07 - 00000000 ____D () C:\Users\Marina\AppData\Local\Mozilla
2014-03-12 16:07 - 2014-03-12 16:07 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-12 16:05 - 2014-03-12 16:04 - 00003558 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-03-12 15:55 - 2014-03-12 15:55 - 00000000 ____D () C:\sources
2014-03-12 12:36 - 2013-12-23 08:03 - 00000000 ____D () C:\ProgramData\Intel
2014-03-12 12:35 - 2014-03-12 12:35 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-03-12 12:35 - 2014-03-12 12:35 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-12 12:33 - 2013-12-23 08:03 - 00000000 ____D () C:\Program Files\Intel
2014-03-12 12:32 - 2013-12-23 08:04 - 00000000 ___HD () C:\Intel
2014-03-12 12:17 - 2013-12-23 08:56 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-03-12 12:13 - 2014-03-12 12:13 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-03-12 12:13 - 2014-03-12 12:13 - 00000000 ____D () C:\Users\Marina\AppData\Local\MotionControl
2014-03-12 12:12 - 2014-03-12 12:12 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-12 12:12 - 2014-03-12 12:12 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Macromedia
2014-03-12 12:12 - 2014-03-12 12:12 - 00000000 ____D () C:\Users\Marina\AppData\Roaming\Intel
2014-03-12 12:12 - 2014-03-12 12:12 - 00000000 ____D () C:\Users\Marina\AppData\Local\VirtualStore
2014-03-12 12:12 - 2013-12-23 18:03 - 00132043 ____H () C:\WINDOWS\modules.log
2014-03-04 23:53 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:53 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 14:05 - 2014-03-19 09:02 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-01 07:05 - 2014-03-14 09:08 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-01 05:58 - 2014-03-14 09:08 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-01 05:30 - 2014-03-14 09:08 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-01 05:17 - 2014-03-14 09:08 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-01 04:54 - 2014-03-14 09:08 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-01 04:47 - 2014-03-14 09:08 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-01 04:42 - 2014-03-14 09:08 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-01 04:18 - 2014-03-14 09:08 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-01 04:14 - 2014-03-14 09:08 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-14 09:08 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-01 04:03 - 2014-03-14 09:08 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-01 03:57 - 2014-03-14 09:08 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-14 09:08 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-14 09:08 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-14 09:08 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-14 09:08 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-14 09:08 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-25 11:41 - 2014-03-12 20:18 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-02-25 11:41 - 2014-03-12 20:18 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-02-25 11:41 - 2014-03-12 20:18 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
Some content of TEMP:
====================
C:\Users\Marina\AppData\Local\Temp\avgnt.exe
C:\Users\Marina\AppData\Local\Temp\Risweb32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-12 17:59] - [2014-03-12 17:59] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-03-12 18:09
==================== End Of Log ============================
--- --- --- Hat das gepasst? |
|
20.03.2014, 10:47
| #5 |
| /// the machine /// TB-Ausbilder | Win8: maildelivery failed Rechner ist sauber. Ändere das Passwort zum Mailaccount.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.03.2014, 10:51
| #6 |
| | Win8: maildelivery failed Hallo! vielen Dank für die Hilfe! Passwort wurde geändert! Kann es sein, dass dann ein anderer PC betroffen ist, bzw. ist die Externe Festplatte, die gerade an dem überprüften PC angesteckt war ebenfalls überprüft worden? Sorry wegen den dummen Fragen, aber ich kenne mich halt leider gar nicht aus  |
|
20.03.2014, 12:09
| #7 |
| /// the machine /// TB-Ausbilder | Win8: maildelivery failed Jeder Rechner, von dem sich auf diesen Email Account eingeloggt wurde, könnte betroffen sein. Ne Externe nicht. Aber Email Konten werden zu 99% Online gehackt, ohne zutun von malware auf dem Rechner.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win8: maildelivery failed |
| .com, access, account, admin, alter, detected, failed, gmx, interne, internet, leute, mail, message, messages, nachrichten, nemesis, network, not, passwort, please, remote, server, service, spam, system, win |
Linear-Darstellung
