FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Henrike (administrator) on MAMA on 02-04-2014 19:26:58
Running from C:\Users\Henrike\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SAsrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [RtsFT] - C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-13] (Synaptics Incorporated)
HKLM\...\Run: [Energy Manager] - C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2013-11-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] - C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2013-11-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Lenovo App Shop] - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe [156000 2013-07-19] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-1522708369-816609994-2301351515-1001\...\Run: [Pokki] - C:\WINDOWS\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
SearchScopes: HKLM - DefaultScope {64191AC3-C59E-4787-8221-E361A491400F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {64191AC3-C59E-4787-8221-E361A491400F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - DefaultScope {64191AC3-C59E-4787-8221-E361A491400F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {64191AC3-C59E-4787-8221-E361A491400F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
SearchScopes: HKCU - DefaultScope {64191AC3-C59E-4787-8221-E361A491400F} URL =
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Henrike\AppData\Roaming\Mozilla\Firefox\Profiles\iz8yf9k2.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-11-21]
==================== Services (Whitelisted) =================
S2 0327171396211031mcinstcleanup; C:\WINDOWS\TEMP\032717~1.EXE [834664 2013-07-30] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-07-24] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-11-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-13] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-02 19:26 - 2014-04-02 19:27 - 00015570 _____ () C:\Users\Henrike\Downloads\FRST.txt
2014-04-02 19:26 - 2014-04-02 19:26 - 00000000 ____D () C:\FRST
2014-04-02 19:25 - 2014-04-02 19:25 - 02157056 _____ (Farbar) C:\Users\Henrike\Downloads\FRST64.exe
2014-04-02 19:20 - 2014-04-02 19:21 - 01145856 _____ (Farbar) C:\Users\Henrike\Downloads\FRST.exe
2014-04-02 16:24 - 2014-04-02 16:24 - 00000000 ____D () C:\Users\Henrike\AppData\Local\CrashDumps
2014-03-29 22:11 - 2014-03-29 22:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-19 21:00 - 2014-03-19 21:00 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-19 20:58 - 2014-03-19 20:57 - 00007642 _____ () C:\Users\Henrike\Downloads\pädalogik.php
2014-03-17 20:00 - 2014-03-17 20:00 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-17 19:59 - 2014-03-17 20:00 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Nitro PDF
2014-03-17 17:46 - 2014-03-18 18:08 - 00013223 _____ () C:\Users\Henrike\Documents\Ernährungsverbote.odt
2014-03-16 22:35 - 2014-01-04 22:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-03-16 22:35 - 2014-01-04 21:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-03-16 22:35 - 2014-01-04 16:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-03-16 22:35 - 2014-01-04 16:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-03-16 22:35 - 2014-01-04 15:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-03-16 22:35 - 2014-01-04 15:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-03-16 22:35 - 2014-01-04 15:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-03-16 22:35 - 2014-01-04 15:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-03-16 22:35 - 2013-12-21 04:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-03-16 22:35 - 2013-12-21 04:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-03-16 22:34 - 2013-12-20 12:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-03-16 22:34 - 2013-12-20 08:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-03-16 22:34 - 2013-11-23 06:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-03-16 22:34 - 2013-11-23 06:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-03-16 22:33 - 2014-01-09 10:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-03-16 22:33 - 2014-01-09 09:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-03-16 22:33 - 2014-01-09 09:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-03-16 22:33 - 2014-01-09 09:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-03-16 22:33 - 2014-01-09 09:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-03-16 22:33 - 2014-01-09 09:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-03-16 22:33 - 2014-01-09 09:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-03-16 22:33 - 2014-01-09 09:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-03-16 22:33 - 2014-01-09 09:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-03-16 22:33 - 2014-01-09 09:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-03-16 22:33 - 2014-01-07 09:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-03-16 22:33 - 2014-01-07 07:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-03-16 22:33 - 2013-12-09 02:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-16 22:33 - 2013-12-09 02:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-03-16 22:33 - 2013-12-09 01:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-03-16 22:33 - 2013-11-09 08:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-03-16 22:33 - 2013-11-09 08:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-03-16 22:33 - 2013-11-09 07:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-03-15 00:17 - 2014-03-15 00:17 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-14 23:29 - 2014-03-14 23:29 - 00000000 ____D () C:\Users\Henrike\AppData\Local\Macromedia
2014-03-14 23:28 - 2014-04-02 17:37 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-14 23:28 - 2014-03-15 00:17 - 00001958 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-14 23:28 - 2014-03-14 23:28 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-14 23:28 - 2014-03-14 23:28 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-14 23:24 - 2014-03-14 23:28 - 00000000 ____D () C:\Users\Henrike\AppData\Local\Adobe
2014-03-14 21:57 - 2014-03-30 22:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-14 21:57 - 2014-03-14 21:58 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Mozilla
2014-03-14 21:57 - 2014-03-14 21:58 - 00000000 ____D () C:\Users\Henrike\AppData\Local\Mozilla
2014-03-14 21:57 - 2014-03-14 21:57 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-14 21:57 - 2014-03-14 21:57 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-14 21:52 - 2014-03-14 21:52 - 00283256 _____ (Mozilla) C:\Users\Henrike\Downloads\Firefox Setup Stub 27.0.1 (1).exe
2014-03-14 21:50 - 2014-03-14 21:50 - 00283256 _____ (Mozilla) C:\Users\Henrike\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-14 21:41 - 2014-03-14 21:45 - 24545904 _____ (Mozilla) C:\Users\Henrike\Downloads\Firefox Setup 27.0.1.exe
2014-03-14 21:38 - 2014-03-14 21:38 - 00003546 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-03-14 20:08 - 2014-03-14 20:10 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-14 20:08 - 2014-03-02 15:05 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-14 19:59 - 2014-03-14 19:59 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-14 19:59 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-14 19:59 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-14 19:59 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-14 19:59 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-14 19:59 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-14 19:59 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-14 19:59 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-14 19:59 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-14 19:59 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-14 19:59 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-14 19:59 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-14 19:59 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-14 19:59 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-14 19:59 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-14 19:59 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-14 19:59 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-14 19:59 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-14 19:59 - 2014-02-06 13:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-14 19:59 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-03-14 19:59 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-14 19:59 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-03-14 19:59 - 2014-02-06 12:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-14 19:59 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-14 19:59 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-03-14 19:59 - 2014-02-06 12:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-03-14 19:59 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-03-14 19:59 - 2014-02-06 12:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-03-14 19:59 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-14 19:59 - 2014-02-06 12:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-14 19:59 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-03-14 19:59 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-14 19:59 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-14 19:59 - 2014-02-06 11:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-03-14 19:59 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-03-14 19:59 - 2014-02-06 11:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-03-14 19:59 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-14 19:59 - 2014-02-06 11:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-03-14 19:53 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-14 19:53 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-14 19:53 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-14 19:53 - 2014-01-31 18:15 - 00311640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-14 19:53 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-14 19:53 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-14 19:53 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-14 19:53 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-14 19:53 - 2014-01-29 11:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-14 19:53 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-14 19:53 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-14 19:53 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-14 19:53 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-14 19:53 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-14 19:53 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-14 19:53 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-14 19:53 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-14 19:53 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-14 19:53 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-14 19:53 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-14 19:53 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-14 19:53 - 2014-01-27 20:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-14 19:53 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-14 19:53 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-14 19:53 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-14 19:53 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-14 19:53 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-14 19:53 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-14 19:53 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-14 19:53 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-14 19:53 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-14 19:53 - 2014-01-27 13:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-14 19:53 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-14 19:53 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-14 19:53 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-14 19:53 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-14 19:52 - 2014-01-08 03:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-14 19:52 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-14 19:52 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-14 19:52 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-14 19:52 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-14 19:52 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-14 19:52 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-14 19:52 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-14 19:52 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-14 19:52 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-14 19:52 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-14 19:52 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-14 19:52 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-14 19:52 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-14 19:52 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-14 19:52 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-14 19:52 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-14 19:52 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-14 19:52 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-14 19:52 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-14 19:52 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-14 19:52 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-14 19:52 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-14 19:52 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-14 19:52 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-14 19:52 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-14 19:52 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-14 19:52 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-14 19:52 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-14 19:52 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-14 19:52 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-14 19:52 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-14 19:52 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-14 19:52 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-14 19:52 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-14 19:52 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-14 19:52 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-14 19:50 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-14 19:50 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-14 19:50 - 2013-11-27 17:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-03-14 19:50 - 2013-11-27 13:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-03-14 19:50 - 2013-11-27 10:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-14 19:50 - 2013-11-27 10:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-14 19:50 - 2013-11-27 10:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-03-14 19:50 - 2013-11-27 10:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-03-14 19:50 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-14 19:50 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-14 19:50 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-14 19:44 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-14 19:44 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-14 19:43 - 2013-12-09 02:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-03-14 19:43 - 2013-12-09 02:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-03-14 19:43 - 2013-11-27 17:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-03-14 19:43 - 2013-11-27 17:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-03-14 19:43 - 2013-11-27 16:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-03-14 19:43 - 2013-11-27 15:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-03-14 19:43 - 2013-11-27 14:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-03-14 19:43 - 2013-11-27 12:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-03-14 19:43 - 2013-11-27 11:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-03-14 19:43 - 2013-11-27 11:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-03-14 19:43 - 2013-11-27 11:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-03-14 19:43 - 2013-11-27 11:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-03-14 19:43 - 2013-11-27 10:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-03-14 19:43 - 2013-11-27 10:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-03-14 19:43 - 2013-11-26 15:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-03-14 19:43 - 2013-11-26 15:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-03-14 19:43 - 2013-11-26 13:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-03-14 19:43 - 2013-11-25 03:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-03-14 19:43 - 2013-11-25 03:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-03-14 19:43 - 2013-11-25 01:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-03-14 19:43 - 2013-11-25 01:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-03-14 19:43 - 2013-11-23 14:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-03-14 19:43 - 2013-11-23 09:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-03-14 19:43 - 2013-11-23 09:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-03-14 19:43 - 2013-11-23 09:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-03-14 19:43 - 2013-11-23 06:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-03-14 19:43 - 2013-11-23 05:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-03-14 19:43 - 2013-11-23 05:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-03-14 19:43 - 2013-11-21 08:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-03-14 19:43 - 2013-11-21 08:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-03-14 19:43 - 2013-11-15 16:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-03-14 19:43 - 2013-11-15 16:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-03-14 19:43 - 2013-11-15 16:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-03-14 19:43 - 2013-11-15 15:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-03-14 19:43 - 2013-10-31 02:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-03-14 19:43 - 2013-10-31 01:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-03-14 19:39 - 2013-11-11 04:48 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-03-14 19:39 - 2013-11-09 08:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-03-14 19:39 - 2013-11-09 07:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-03-14 19:39 - 2013-11-08 12:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-03-14 19:39 - 2013-11-08 06:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-03-14 19:39 - 2013-11-08 06:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-03-14 19:39 - 2013-11-08 06:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-03-14 19:39 - 2013-11-08 05:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-03-14 19:39 - 2013-11-08 05:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-03-14 19:39 - 2013-11-05 16:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-03-14 19:39 - 2013-11-04 15:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-03-14 19:39 - 2013-11-04 13:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-03-14 19:39 - 2013-11-04 12:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-03-14 19:39 - 2013-11-04 04:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-03-14 19:39 - 2013-11-04 03:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-03-14 19:39 - 2013-11-01 13:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-03-14 19:39 - 2013-11-01 08:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-03-14 19:39 - 2013-11-01 07:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-03-14 19:39 - 2013-10-31 02:58 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-03-14 19:39 - 2013-10-31 02:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-03-14 19:39 - 2013-10-31 02:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-03-14 19:39 - 2013-10-31 02:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-03-14 19:39 - 2013-10-26 03:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-03-14 19:39 - 2013-10-24 11:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-03-14 19:39 - 2013-10-24 11:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-03-14 19:39 - 2013-10-17 13:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-03-14 19:39 - 2013-10-17 12:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-03-14 19:39 - 2013-10-05 16:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-03-14 19:39 - 2013-10-05 16:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-03-14 19:39 - 2013-10-05 14:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-03-14 19:39 - 2013-10-05 14:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-03-14 19:36 - 2013-10-23 13:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2014-03-14 19:36 - 2013-10-23 13:21 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-03-14 19:36 - 2013-10-23 13:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2014-03-14 19:36 - 2013-10-22 09:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-03-14 19:36 - 2013-10-22 08:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-03-14 19:36 - 2013-10-22 07:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-03-14 19:36 - 2013-10-22 06:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-03-14 19:36 - 2013-10-22 05:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-03-14 19:36 - 2013-10-22 05:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-03-14 19:36 - 2013-10-22 04:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-03-14 19:36 - 2013-10-22 04:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-03-14 19:36 - 2013-10-22 04:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-03-14 19:36 - 2013-10-22 03:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-03-14 19:36 - 2013-10-19 06:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-03-14 19:36 - 2013-10-19 06:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-03-14 19:36 - 2013-10-19 05:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-03-14 19:36 - 2013-10-19 05:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-03-14 19:36 - 2013-10-16 11:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-03-14 19:36 - 2013-10-16 11:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-03-14 19:36 - 2013-10-13 05:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-03-14 19:36 - 2013-10-13 04:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-03-14 19:36 - 2013-10-10 18:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-03-14 19:36 - 2013-10-10 18:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-03-14 19:36 - 2013-10-10 16:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-03-14 19:36 - 2013-10-10 16:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-03-14 19:36 - 2013-10-10 13:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-03-14 19:36 - 2013-10-10 13:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-03-14 19:36 - 2013-10-10 13:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-03-14 19:36 - 2013-10-08 12:28 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-03-14 19:36 - 2013-10-08 08:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-03-14 19:36 - 2013-10-08 07:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2014-03-14 19:36 - 2013-10-08 07:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-03-14 19:36 - 2013-10-08 07:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-03-14 19:36 - 2013-10-08 07:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-03-14 19:36 - 2013-10-08 07:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2014-03-14 19:36 - 2013-10-08 06:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-03-14 19:36 - 2013-10-08 06:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2014-03-14 19:36 - 2013-10-07 09:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-03-14 19:36 - 2013-10-07 04:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-03-14 19:36 - 2013-10-05 17:25 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2014-03-14 19:36 - 2013-10-05 16:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2014-03-14 19:36 - 2013-10-05 14:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2014-03-14 19:36 - 2013-10-05 13:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-03-14 19:36 - 2013-10-05 13:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2014-03-14 19:36 - 2013-10-05 13:00 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-03-14 19:36 - 2013-10-05 11:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2014-03-14 19:36 - 2013-10-05 11:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2014-03-14 19:36 - 2013-10-05 11:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-03-14 19:36 - 2013-10-05 10:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2014-03-14 19:36 - 2013-10-05 10:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2014-03-14 19:36 - 2013-10-05 10:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2014-03-14 19:36 - 2013-10-05 10:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2014-03-14 19:36 - 2013-10-05 10:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2014-03-14 19:36 - 2013-10-05 10:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-03-14 19:36 - 2013-10-05 09:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-03-14 19:36 - 2013-10-05 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-03-14 19:36 - 2013-10-04 10:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-03-14 19:36 - 2013-09-17 11:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2014-03-14 19:36 - 2013-09-17 11:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-03-14 19:36 - 2013-09-17 08:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2014-03-14 19:36 - 2013-09-17 08:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-03-14 19:36 - 2013-09-17 06:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-03-14 19:36 - 2013-09-14 16:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-03-14 19:36 - 2013-09-14 16:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2014-03-14 19:36 - 2013-09-14 14:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-03-14 19:36 - 2013-09-14 14:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2014-03-14 19:36 - 2013-09-14 12:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2014-03-14 19:36 - 2013-09-14 11:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2014-03-14 19:36 - 2013-09-13 10:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2014-03-14 19:36 - 2013-09-13 09:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2014-03-14 19:36 - 2013-09-12 10:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2014-03-14 19:36 - 2013-09-12 10:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2014-03-14 19:36 - 2013-09-12 10:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-03-14 19:36 - 2013-09-12 10:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2014-03-14 19:36 - 2013-09-12 09:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2014-03-14 19:36 - 2013-09-12 09:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2014-03-14 19:36 - 2013-09-12 09:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-03-14 19:36 - 2013-09-12 09:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2014-03-14 19:36 - 2013-09-12 09:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2014-03-14 19:36 - 2013-09-12 09:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2014-03-14 19:36 - 2013-09-10 06:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2014-03-14 19:32 - 2013-10-10 12:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-03-14 19:32 - 2013-10-10 12:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-03-14 19:27 - 2013-12-09 02:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-03-14 19:27 - 2013-12-09 01:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-03-14 19:26 - 2014-01-07 07:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-03-14 19:26 - 2014-01-07 06:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-03-14 19:26 - 2013-11-21 08:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-03-14 19:26 - 2013-11-21 07:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-03-14 19:26 - 2013-10-19 10:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-03-14 19:26 - 2013-10-19 09:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-03-14 19:26 - 2013-10-16 17:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-03-14 19:26 - 2013-10-16 15:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-03-14 19:26 - 2013-10-13 04:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-03-14 19:26 - 2013-10-12 23:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-03-14 19:26 - 2013-10-12 23:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-03-14 19:24 - 2014-03-14 19:24 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\OpenOffice
2014-03-14 19:22 - 2013-12-09 04:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-03-14 19:22 - 2013-12-09 03:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-03-14 19:22 - 2013-10-23 13:01 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-03-14 19:22 - 2013-10-23 10:59 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-03-14 19:22 - 2013-10-15 10:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-03-14 19:22 - 2013-10-15 10:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-03-14 19:22 - 2013-10-05 16:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-03-14 19:22 - 2013-10-05 10:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-03-14 19:19 - 2014-03-14 19:19 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-03-14 19:18 - 2014-03-14 19:18 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-03-14 19:15 - 2014-03-14 19:15 - 00000000 ____D () C:\Users\Henrike\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-03-14 18:37 - 2014-03-14 19:07 - 163606685 _____ () C:\Users\Henrike\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-03-14 17:36 - 2014-03-14 17:36 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Nitro
2014-03-14 17:36 - 2014-03-14 17:36 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\FileOpen
2014-03-14 17:36 - 2014-03-14 17:36 - 00000000 ____D () C:\ProgramData\FileOpen
2014-03-14 16:33 - 2013-09-23 14:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Programme
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-03-13 21:17 - 2014-04-02 18:00 - 00328704 _____ () C:\Users\Public\CAFADEBUG.log
2014-03-13 19:07 - 2014-04-02 19:25 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1522708369-816609994-2301351515-1001
2014-03-13 19:07 - 2014-04-02 16:40 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BED94E5B-9F41-471B-9245-5F67E0DA87EB}
2014-03-13 19:03 - 2014-03-13 21:17 - 00002169 _____ () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\Users\Public\Pokki
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\Users\Henrike\Documents\Bluetooth Folder
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Intel Corporation
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\ATI
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\Users\Henrike\AppData\Local\BMExplorer
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\ProgramData\ATI
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-13 19:02 - 2014-03-13 19:02 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-13 19:02 - 2014-03-13 19:02 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Lenovo
2014-03-13 19:02 - 2014-03-13 19:02 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Atheros
2014-03-13 19:02 - 2014-03-13 19:02 - 00000000 ____D () C:\Users\Henrike\AppData\Local\ATI
2014-03-13 19:01 - 2014-03-17 17:26 - 00000000 ____D () C:\Users\Henrike\AppData\Local\Pokki
2014-03-13 19:01 - 2014-03-14 21:38 - 00000000 ___RD () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-13 19:01 - 2014-03-14 21:38 - 00000000 ___RD () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-13 19:01 - 2014-03-14 19:59 - 00000000 ____D () C:\Users\Henrike\AppData\Local\Packages
2014-03-13 19:01 - 2014-03-13 19:01 - 00001461 _____ () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-13 19:01 - 2014-03-13 19:01 - 00000139 _____ () C:\Users\Public\Desktop\eBay.url
2014-03-13 19:01 - 2014-03-13 19:01 - 00000020 ___SH () C:\Users\Henrike\ntuser.ini
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Vorlagen
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Startmenü
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Netzwerkumgebung
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Lokale Einstellungen
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Eigene Dateien
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Druckumgebung
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Documents\Eigene Musik
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Documents\Eigene Bilder
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\AppData\Local\Verlauf
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\AppData\Local\Anwendungsdaten
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Anwendungsdaten
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Adobe
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 ____D () C:\Users\Henrike\AppData\Local\VirtualStore
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 ____D () C:\Users\Henrike
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 ____D () C:\ProgramData\eBay
2014-03-13 19:01 - 2013-11-21 22:33 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Macromedia
2014-03-13 19:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-13 19:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-13 19:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-13 19:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-13 19:01 - 2013-02-04 08:18 - 00000189 _____ () C:\Users\Henrike\Desktop\Lenovo Telephony Start Now.url
==================== One Month Modified Files and Folders =======
2014-04-02 19:27 - 2014-04-02 19:26 - 00015570 _____ () C:\Users\Henrike\Downloads\FRST.txt
2014-04-02 19:26 - 2014-04-02 19:26 - 00000000 ____D () C:\FRST
2014-04-02 19:25 - 2014-04-02 19:25 - 02157056 _____ (Farbar) C:\Users\Henrike\Downloads\FRST64.exe
2014-04-02 19:25 - 2014-03-13 19:07 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1522708369-816609994-2301351515-1001
2014-04-02 19:21 - 2014-04-02 19:20 - 01145856 _____ (Farbar) C:\Users\Henrike\Downloads\FRST.exe
2014-04-02 19:21 - 2013-11-21 22:07 - 01055415 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-02 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-02 19:12 - 2013-11-21 22:31 - 00001871 _____ () C:\Users\Public\Desktop\McAfee LiveSafe – Internet Security.lnk
2014-04-02 19:11 - 2013-11-22 06:50 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-02 19:11 - 2013-11-22 06:50 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-02 19:11 - 2013-10-07 20:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-02 18:00 - 2014-03-13 21:17 - 00328704 _____ () C:\Users\Public\CAFADEBUG.log
2014-04-02 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-02 17:37 - 2014-03-14 23:28 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-02 16:40 - 2014-03-13 19:07 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BED94E5B-9F41-471B-9245-5F67E0DA87EB}
2014-04-02 16:24 - 2014-04-02 16:24 - 00000000 ____D () C:\Users\Henrike\AppData\Local\CrashDumps
2014-03-30 22:23 - 2013-11-21 22:29 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-03-30 22:23 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-30 22:11 - 2014-03-14 21:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 22:11 - 2014-03-29 22:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-25 19:48 - 2013-11-21 22:37 - 00002560 _____ () C:\WINDOWS\system32\VfService.trf
2014-03-25 19:48 - 2013-10-07 20:23 - 00004352 _____ () C:\WINDOWS\PFRO.log
2014-03-25 19:48 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-25 19:48 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-21 17:02 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-21 17:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-21 17:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-21 17:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-19 21:00 - 2014-03-19 21:00 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-19 21:00 - 2013-08-22 16:46 - 00017117 _____ () C:\WINDOWS\setupact.log
2014-03-19 20:57 - 2014-03-19 20:58 - 00007642 _____ () C:\Users\Henrike\Downloads\pädalogik.php
2014-03-18 20:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-18 20:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-18 18:12 - 2013-11-21 22:29 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-03-18 18:11 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-03-18 18:08 - 2014-03-17 17:46 - 00013223 _____ () C:\Users\Henrike\Documents\Ernährungsverbote.odt
2014-03-17 20:00 - 2014-03-17 20:00 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-17 20:00 - 2014-03-17 19:59 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Nitro PDF
2014-03-17 17:26 - 2014-03-13 19:01 - 00000000 ____D () C:\Users\Henrike\AppData\Local\Pokki
2014-03-15 00:17 - 2014-03-15 00:17 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-15 00:17 - 2014-03-14 23:28 - 00001958 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-14 23:29 - 2014-03-14 23:29 - 00000000 ____D () C:\Users\Henrike\AppData\Local\Macromedia
2014-03-14 23:28 - 2014-03-14 23:28 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-03-14 23:28 - 2014-03-14 23:28 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-14 23:28 - 2014-03-14 23:24 - 00000000 ____D () C:\Users\Henrike\AppData\Local\Adobe
2014-03-14 21:58 - 2014-03-14 21:57 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Mozilla
2014-03-14 21:58 - 2014-03-14 21:57 - 00000000 ____D () C:\Users\Henrike\AppData\Local\Mozilla
2014-03-14 21:57 - 2014-03-14 21:57 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-14 21:57 - 2014-03-14 21:57 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-14 21:52 - 2014-03-14 21:52 - 00283256 _____ (Mozilla) C:\Users\Henrike\Downloads\Firefox Setup Stub 27.0.1 (1).exe
2014-03-14 21:50 - 2014-03-14 21:50 - 00283256 _____ (Mozilla) C:\Users\Henrike\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-14 21:45 - 2014-03-14 21:41 - 24545904 _____ (Mozilla) C:\Users\Henrike\Downloads\Firefox Setup 27.0.1.exe
2014-03-14 21:38 - 2014-03-14 21:38 - 00003546 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-03-14 21:38 - 2014-03-13 19:01 - 00000000 ___RD () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-14 21:38 - 2014-03-13 19:01 - 00000000 ___RD () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-14 21:36 - 2013-08-22 16:44 - 00370496 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-14 21:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 21:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 21:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-03-14 21:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-14 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-03-14 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-03-14 21:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-14 21:03 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-14 21:03 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-14 20:10 - 2014-03-14 20:08 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-14 19:59 - 2014-03-14 19:59 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-03-14 19:59 - 2014-03-13 19:01 - 00000000 ____D () C:\Users\Henrike\AppData\Local\Packages
2014-03-14 19:24 - 2014-03-14 19:24 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\OpenOffice
2014-03-14 19:19 - 2014-03-14 19:19 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-03-14 19:18 - 2014-03-14 19:18 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-03-14 19:15 - 2014-03-14 19:15 - 00000000 ____D () C:\Users\Henrike\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-03-14 19:07 - 2014-03-14 18:37 - 163606685 _____ () C:\Users\Henrike\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-03-14 17:36 - 2014-03-14 17:36 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Nitro
2014-03-14 17:36 - 2014-03-14 17:36 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\FileOpen
2014-03-14 17:36 - 2014-03-14 17:36 - 00000000 ____D () C:\ProgramData\FileOpen
2014-03-14 16:32 - 2013-11-21 22:29 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Programme
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-14 01:42 - 2014-03-14 01:42 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-03-14 01:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-14 01:42 - 2013-08-22 15:36 - 00000000 ___HD () C:\Users\Default
2014-03-13 21:17 - 2014-03-13 19:03 - 00002169 _____ () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-03-13 19:06 - 2013-11-21 22:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\Users\Public\Pokki
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\Users\Henrike\Documents\Bluetooth Folder
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Intel Corporation
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\ATI
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\Users\Henrike\AppData\Local\BMExplorer
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\ProgramData\ATI
2014-03-13 19:03 - 2014-03-13 19:03 - 00000000 ____D () C:\ProgramData\Atheros
2014-03-13 19:03 - 2013-11-21 22:38 - 00000000 ____D () C:\ProgramData\Energy Manager
2014-03-13 19:02 - 2014-03-13 19:02 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-13 19:02 - 2014-03-13 19:02 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Lenovo
2014-03-13 19:02 - 2014-03-13 19:02 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Atheros
2014-03-13 19:02 - 2014-03-13 19:02 - 00000000 ____D () C:\Users\Henrike\AppData\Local\ATI
2014-03-13 19:01 - 2014-03-13 19:01 - 00001461 _____ () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-13 19:01 - 2014-03-13 19:01 - 00000139 _____ () C:\Users\Public\Desktop\eBay.url
2014-03-13 19:01 - 2014-03-13 19:01 - 00000020 ___SH () C:\Users\Henrike\ntuser.ini
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Vorlagen
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Startmenü
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Netzwerkumgebung
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Lokale Einstellungen
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Eigene Dateien
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Druckumgebung
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Documents\Eigene Musik
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Documents\Eigene Bilder
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\AppData\Local\Verlauf
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\AppData\Local\Anwendungsdaten
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 _SHDL () C:\Users\Henrike\Anwendungsdaten
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 ____D () C:\Users\Henrike\AppData\Roaming\Adobe
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 ____D () C:\Users\Henrike\AppData\Local\VirtualStore
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 ____D () C:\Users\Henrike
2014-03-13 19:01 - 2014-03-13 19:01 - 00000000 ____D () C:\ProgramData\eBay
2014-03-13 19:01 - 2013-11-22 06:44 - 00071048 ____H () C:\WINDOWS\modules.log
2014-03-13 18:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-03-05 00:53 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-05 00:53 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\Henrike\AppData\Local\Temp\oct681.tmp.exe
C:\Users\Henrike\AppData\Local\Temp\octCB32.tmp.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-14 19:53] - [2014-01-31 18:15] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-04-02 17:29
==================== End Of Log ============================
--- --- ---
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Henrike at 2014-04-02 19:28:17
Running from C:\Users\Henrike\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.4.0.2710 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.20.100.30911 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0911.2154.37488 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{EE19B92D-1F52-D7C1-81BF-326A3405A422}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4107 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.2.1000 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.4.0 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{4041B18B-DE30-4D78-9D60-6ADC586C5E00}) (Version: 2.1.003.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Nitro Pro 8 (HKLM\...\{C0EE31FB-F593-4128-8A86-FDB37BA2486D}) (Version: 8.5.6.5 - Nitro)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Ihr Firmenname)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Pokki (HKCU\...\Pokki) (Version: 0.267.1.208 - Pokki)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Restore Points =========================
13-03-2014 16:51:36 Windows Modules Installer
14-03-2014 17:15:59 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
18-03-2014 18:34:14 Windows Update
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {063CF139-88F3-4561-9187-BF47D372DBA6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-17] (Lenovo)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2CFCEE87-7936-4367-9B03-293FA74CC66C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-02] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {46E7038F-4D1A-4FB1-BEDC-3E4828E8BCDE} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {580E0143-C1AC-40E1-9F47-A81BA69F42C0} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {5EE5E80B-69C3-4C0F-8DA8-175292DE469E} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-06-03] (Lenovo)
Task: {66A98674-0792-44F1-80A6-E73142ECC9FE} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8C06229C-646C-467D-98E3-66E9CDC9D9DD} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8FB21559-836B-4A0A-BF72-57C60C3F8CFF} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-17] ()
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C34E91E0-83EB-4EF4-8017-BB356BE3C31A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EACCFF2D-3CB6-45E8-B33F-44C22CD4386A} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-17] (Lenovo)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-11-21 22:33 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-11-21 22:37 - 2013-11-21 22:37 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-11-21 22:37 - 2013-11-21 22:37 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2013-09-07 02:48 - 2013-09-07 02:48 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 02:45 - 2013-09-07 02:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 02:52 - 2013-09-07 02:52 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-03-29 22:11 - 2014-03-29 22:11 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/02/2014 04:38:35 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (04/02/2014 04:24:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.3.9600.16384, Zeitstempel: 0x52157be5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x75514551
ID des fehlerhaften Prozesses: 0x98
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5
Error: (04/02/2014 04:24:25 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.3.9600.16384, Zeitstempel: 0x52157be5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x75514551
ID des fehlerhaften Prozesses: 0x7f8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5
Error: (04/01/2014 06:04:14 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client has failed to start
Error: (04/01/2014 05:41:16 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/31/2014 05:32:37 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/30/2014 10:35:26 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client has failed to start
Error: (03/29/2014 09:48:33 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (03/27/2014 04:45:30 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client has failed to start
Error: (03/26/2014 09:10:39 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
System errors:
=============
Error: (04/02/2014 05:30:31 PM) (Source: DCOM) (User: mama)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (04/02/2014 05:30:01 PM) (Source: DCOM) (User: mama)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/30/2014 10:23:45 PM) (Source: DCOM) (User: mama)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (03/27/2014 04:23:01 PM) (Source: DCOM) (User: mama)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (03/26/2014 08:54:06 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "F:" können nicht gelesen werden.
Error: (03/25/2014 07:49:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1243
Error: (03/24/2014 05:12:51 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: 1053mcpltsvcNicht verfügbar{20966775-18A4-4299-B8E3-772C336B52A7}
Error: (03/24/2014 05:12:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/24/2014 05:12:51 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.
Error: (03/24/2014 05:12:51 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: 1053mcpltsvcNicht verfügbar{20966775-18A4-4299-B8E3-772C336B52A7}
Microsoft Office Sessions:
=========================
Error: (04/02/2014 04:38:35 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (04/02/2014 04:24:57 PM) (Source: Application Error)(User: )
Description: svchost.exe6.3.9600.1638452157be5unknown0.0.0.000000000c0000005755145519801cf4e7f51359304C:\WINDOWS\SysWOW64\svchost.exeunknown90c61d77-ba72-11e3-825a-40f02f39e423
Error: (04/02/2014 04:24:25 PM) (Source: Application Error)(User: )
Description: svchost.exe6.3.9600.1638452157be5unknown0.0.0.000000000c0000005755145517f801cf4e7f3d57414bC:\WINDOWS\SysWOW64\svchost.exeunknown7d31c778-ba72-11e3-825a-40f02f39e423
Error: (04/01/2014 06:04:14 PM) (Source: ATIeRecord)(User: )
Description:
Error: (04/01/2014 05:41:16 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/31/2014 05:32:37 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/30/2014 10:35:26 PM) (Source: ATIeRecord)(User: )
Description:
Error: (03/29/2014 09:48:33 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (03/27/2014 04:45:30 PM) (Source: ATIeRecord)(User: )
Description:
Error: (03/26/2014 09:10:39 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 4008.27 MB
Available physical RAM: 2356.34 MB
Total Pagefile: 4712.27 MB
Available Pagefile: 2739.75 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:426.42 GB) (Free:396.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:20.84 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 1C150F9D)
Partition: GPT Partition Type.
==================== End Of Log ============================
--- --- ---
Hi,
Vielen Dank, dass du mir helfen willst.
Hab ich das so richtig gemacht? Wie geht's jetzt weiter? |
FRST 32-Bit | FRST 64-Bit