Lenoxenery | 12.11.2013 18:50 | Danke, hier die .txt s:
[CODE]
FRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2013 01
Ran by Carsten (administrator) on CARSTENS-PC on 12-11-2013 18:41:38
Running from C:\Users\Carsten\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\NLSSRV32.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\WINDOWS\WinStore\WSHost.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13262480 2012-12-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1256080 2012-12-03] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-08-27] (Synaptics)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [OnekeyStudio] - C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-03-15] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [191544 2013-03-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-27] (Synaptics Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM - DefaultScope {09E4DA69-AAEF-4514-A89E-DAC2601A3A29} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM - {09E4DA69-AAEF-4514-A89E-DAC2601A3A29} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - DefaultScope {09E4DA69-AAEF-4514-A89E-DAC2601A3A29} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {09E4DA69-AAEF-4514-A89E-DAC2601A3A29} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {09E4DA69-AAEF-4514-A89E-DAC2601A3A29} URL =
SearchScopes: HKCU - {09E4DA69-AAEF-4514-A89E-DAC2601A3A29} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\ulfn1d4s.default
FF Homepage: hxxp://www.deutschebahn.com/de/start.html
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\ulfn1d4s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-09-24] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-09-24] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [182752 2013-09-24] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-11-15] ()
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-11-15] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-09-24] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-09-24] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-09-24] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-09-24] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519192 2013-09-24] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [781312 2013-09-24] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-09-24] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56672 2013-08-22] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [990976 2012-10-23] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-12 18:41 - 2013-11-12 18:41 - 00000000 ____D C:\FRST
2013-11-12 18:37 - 2013-11-12 18:37 - 00003172 _____ C:\WINDOWS\System32\Tasks\{AC82E480-331F-4C7E-84E3-817585AED11A}
2013-11-11 20:52 - 2013-11-12 18:35 - 00028672 ___SH C:\Users\Carsten\Desktop\Thumbs.db
2013-11-11 18:52 - 2013-11-11 18:52 - 00000000 ____D C:\ProgramData\ALM
2013-11-11 18:48 - 2013-11-11 18:48 - 01970848 _____ C:\Users\Carsten\Downloads\winrar-x64-500.exe
2013-11-11 18:38 - 2013-11-11 18:38 - 00002050 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-11-11 18:31 - 2013-11-11 18:31 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-11-11 18:05 - 2013-11-11 18:05 - 00066751 _____ C:\Users\Carsten\Downloads\FRST.txt
2013-11-11 18:04 - 2013-11-11 18:05 - 00021192 _____ C:\Users\Carsten\Downloads\Addition.txt
2013-11-11 18:03 - 2013-11-11 18:03 - 00000000 ____D C:\Users\Carsten\Desktop\FRST
2013-11-11 18:02 - 2013-11-11 18:02 - 01957590 _____ (Farbar) C:\Users\Carsten\Desktop\FRST64.exe
2013-11-11 17:17 - 2013-11-11 20:06 - 00000000 ____D C:\Program Files\Adobe
2013-11-11 17:00 - 2013-11-11 17:00 - 00000000 ____D C:\Users\Public\CyberLink
2013-11-11 17:00 - 2013-11-11 17:00 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Nitro
2013-11-11 17:00 - 2013-11-11 17:00 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\CyberLink
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 ____D C:\ProgramData\tmp
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 ____D C:\ProgramData\hps
2013-11-11 16:34 - 2013-11-12 18:16 - 00000000 __RDO C:\Users\Carsten\SkyDrive
2013-11-11 16:30 - 2013-11-11 16:30 - 00001461 _____ C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-11 16:30 - 2013-11-11 16:30 - 00000020 ___SH C:\Users\Carsten\ntuser.ini
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-11-11 16:18 - 2013-11-11 16:18 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-11-11 16:13 - 2013-11-11 16:13 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-11 16:05 - 2013-11-11 16:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-11-11 16:05 - 2013-11-11 16:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-11-11 16:00 - 2013-11-11 16:00 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-11-11 15:59 - 2013-11-11 16:34 - 00000000 ____D C:\Users\Carsten
2013-11-11 15:59 - 2013-11-11 16:26 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2013-11-11 15:59 - 2013-11-11 16:26 - 00028578 _____ C:\WINDOWS\diagerr.xml
2013-11-11 15:59 - 2013-11-11 16:00 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-11 15:59 - 2013-11-11 16:00 - 00000000 ___RD C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Vorlagen
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Startmenü
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Netzwerkumgebung
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Lokale Einstellungen
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Eigene Dateien
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Druckumgebung
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Documents\Eigene Musik
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Documents\Eigene Bilder
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\AppData\Local\Verlauf
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\AppData\Local\Anwendungsdaten
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Anwendungsdaten
2013-11-11 15:59 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-11 15:59 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-11 15:59 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-11 15:59 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-11 15:59 - 2013-08-22 16:36 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-11 15:59 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-11 15:55 - 2013-11-11 16:02 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-11 15:55 - 2013-11-11 15:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-11 15:55 - 2013-11-11 15:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-11 15:55 - 2013-11-11 15:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2013-11-11 15:55 - 2013-11-11 15:55 - 00000000 ____D C:\Program Files (x86)\USB Camera
2013-11-11 15:55 - 2013-10-03 23:43 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2013-11-11 15:55 - 2013-10-03 23:43 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2013-11-11 15:54 - 2013-11-12 18:39 - 01634398 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-11 15:54 - 2013-11-11 15:54 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-11-11 15:54 - 2013-11-11 15:54 - 00000000 ____D C:\Program Files\Realtek
2013-11-11 15:53 - 2013-11-11 16:02 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-11 15:53 - 2013-11-11 16:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-11 15:53 - 2013-11-11 15:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2013-11-11 15:53 - 2013-11-11 15:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2013-11-11 15:53 - 2013-11-11 15:53 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-11 15:53 - 2013-11-11 15:53 - 00000000 ____D C:\Program Files\Synaptics
2013-11-11 15:51 - 2013-11-11 16:30 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-11 15:51 - 2013-11-11 15:51 - 00000000 __SHD C:\Recovery
2013-11-11 15:50 - 2013-11-11 15:50 - 23213056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 17143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 12995072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 11222016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 02763776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-11-11 15:50 - 2013-11-11 15:50 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-11-11 15:50 - 2013-11-11 15:50 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 00000000 ____D C:\Windows.old
2013-11-11 15:49 - 2013-11-11 15:49 - 02144768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 01537880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-11 15:49 - 2013-11-11 15:49 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-11 15:49 - 2013-11-11 15:49 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-11 15:49 - 2013-11-11 15:49 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-11 15:47 - 2013-11-11 15:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-11-11 15:47 - 2013-11-11 15:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-11 15:47 - 2013-11-11 15:47 - 00000000 ____D C:\Program Files\MSBuild
2013-11-11 15:47 - 2013-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-11 15:47 - 2013-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-11 15:46 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-11-11 15:46 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-11 15:46 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-11-11 15:46 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-11-11 15:46 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-11 15:46 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-11-11 15:18 - 2013-11-11 15:18 - 00000000 ____D C:\Users\Carsten\Documents\Benutzerdefinierte Office-Vorlagen
2013-11-11 14:20 - 2013-11-11 16:26 - 00006547 _____ C:\WINDOWS\comsetup.log
2013-11-07 20:29 - 2013-11-07 20:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-11-07 19:52 - 2013-11-07 19:53 - 00003560 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2013-11-07 19:34 - 2013-11-11 20:06 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-07 19:29 - 2013-11-07 19:29 - 00000000 ____D C:\Users\Carsten\048298C9A4D3490B9FF9AB023A9238F3.TMP
2013-11-07 19:28 - 2013-11-07 19:28 - 08531968 _____ C:\Users\Carsten\Downloads\SteamInstall_German.msi
2013-11-07 19:15 - 2013-11-07 19:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-07 19:15 - 2013-09-26 01:46 - 80541720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-07 19:11 - 2013-11-11 19:51 - 00000000 ____D C:\ProgramData\Adobe
2013-11-07 19:07 - 2013-11-07 19:07 - 00001070 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2013-11-07 19:06 - 2013-11-11 20:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-07 19:05 - 2013-11-12 18:14 - 00000000 ____D C:\Users\Carsten\AppData\Local\Adobe
2013-11-07 19:05 - 2013-11-07 19:05 - 02841464 _____ (Adobe Systems Incorporated) C:\Users\Carsten\Downloads\CreativeCloudSet-Up.exe
2013-11-07 18:45 - 2013-05-04 05:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2013-11-07 18:45 - 2013-05-04 05:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2013-11-07 18:44 - 2013-11-07 20:28 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Apple Computer
2013-11-07 18:44 - 2013-11-07 18:44 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-07 18:44 - 2013-11-07 18:44 - 00000000 ____D C:\Users\Carsten\AppData\Local\Apple Computer
2013-11-07 18:44 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2013-11-07 18:43 - 2013-11-07 18:44 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 18:43 - 2013-11-07 18:44 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 18:43 - 2013-11-07 18:44 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 18:43 - 2013-11-07 18:43 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-07 18:43 - 2013-11-07 18:43 - 00000000 ____D C:\Program Files\iPod
2013-11-07 18:42 - 2013-11-07 18:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-11-07 18:42 - 2013-11-07 18:42 - 00000000 ____D C:\Users\Carsten\AppData\Local\Apple
2013-11-07 18:42 - 2013-11-07 18:42 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-07 18:42 - 2013-11-07 18:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-11-07 18:41 - 2013-11-07 18:42 - 00000000 ____D C:\ProgramData\Apple
2013-11-07 18:41 - 2013-11-07 18:41 - 00000000 ____D C:\Program Files\Bonjour
2013-11-07 18:41 - 2013-11-07 18:41 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-07 18:38 - 2013-11-11 21:34 - 00000000 ____D C:\Users\Carsten\Documents\Outlook-Dateien
2013-11-07 18:37 - 2013-11-07 18:38 - 100400976 _____ (Apple Inc.) C:\Users\Carsten\Downloads\iTunes64Setup.exe
2013-11-07 18:32 - 2013-11-12 18:14 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Skype
2013-11-07 18:32 - 2013-11-07 18:32 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-07 18:32 - 2013-11-07 18:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-07 18:32 - 2013-11-07 18:32 - 00000000 ____D C:\ProgramData\Skype
2013-11-07 18:27 - 2013-11-11 16:34 - 00000000 ___RD C:\Users\Carsten\SkyDrive.old
2013-11-07 18:27 - 2013-11-07 18:27 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-11-07 18:27 - 2013-11-07 18:27 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-11-07 18:21 - 2013-11-07 18:21 - 01550496 _____ (Skype Technologies S.A.) C:\Users\Carsten\Downloads\SkypeSetup.exe
2013-11-07 18:19 - 2013-11-12 18:24 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-07 18:19 - 2013-11-07 18:19 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-11-07 18:19 - 2013-11-07 18:19 - 00000000 ____D C:\Users\Carsten\AppData\Local\Macromedia
2013-11-07 18:17 - 2013-11-07 18:17 - 01351264 _____ C:\WINDOWS\NIRMALA.tt2
2013-11-07 18:17 - 2013-11-07 18:17 - 01303396 _____ C:\WINDOWS\NIRMALAB.tt2
2013-11-07 18:15 - 2013-11-07 18:15 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-11-07 18:15 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2013-11-07 18:14 - 2013-11-07 18:14 - 00575168 _____ (Microsoft Corporation) C:\Users\Carsten\Downloads\Setup.X86.de-DE_O365HomePremRetail_2023ffc9-cdc8-4a40-af5d-03f6a10bb7a7_TX_DB_.exe
2013-11-07 18:10 - 2013-11-12 18:40 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3073063704-1126900295-319766848-1002
2013-11-07 18:10 - 2013-11-07 18:10 - 00001289 _____ C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2013-11-07 18:09 - 2013-11-11 14:13 - 00000000 ____D C:\Users\Carsten\AppData\Local\Mozilla
2013-11-07 18:09 - 2013-11-07 18:10 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Mozilla
2013-11-07 18:09 - 2013-11-07 18:09 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-07 18:09 - 2013-11-07 18:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-07 18:09 - 2013-11-07 18:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-07 18:04 - 2013-11-07 18:04 - 00000000 ____D C:\ProgramData\Energy Management
2013-11-07 18:03 - 2013-11-11 20:18 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Adobe
2013-11-07 18:03 - 2013-11-11 16:30 - 00000000 ___RD C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-07 18:03 - 2013-11-11 16:30 - 00000000 ___RD C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-07 18:03 - 2013-11-07 18:03 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Macromedia
2013-11-07 18:03 - 2013-11-07 18:03 - 00000000 ____D C:\ProgramData\eBay
2013-11-07 18:02 - 2013-11-11 17:02 - 00000000 ____D C:\Users\Carsten\AppData\Local\Packages
2013-11-07 18:02 - 2013-11-11 16:00 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-11-07 18:02 - 2013-11-07 18:16 - 00000000 ____D C:\Users\Carsten\AppData\Local\VirtualStore
2013-11-07 18:02 - 2013-11-07 18:02 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Intel
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Programme
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Dokumente und Einstellungen
==================== One Month Modified Files and Folders =======
2013-11-12 18:41 - 2013-11-12 18:41 - 00000000 ____D C:\FRST
2013-11-12 18:40 - 2013-11-07 18:10 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3073063704-1126900295-319766848-1002
2013-11-12 18:39 - 2013-11-11 15:54 - 01634398 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-12 18:37 - 2013-11-12 18:37 - 00003172 _____ C:\WINDOWS\System32\Tasks\{AC82E480-331F-4C7E-84E3-817585AED11A}
2013-11-12 18:35 - 2013-11-11 20:52 - 00028672 ___SH C:\Users\Carsten\Desktop\Thumbs.db
2013-11-12 18:24 - 2013-11-07 18:19 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-12 18:20 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-11-12 18:16 - 2013-11-11 16:34 - 00000000 __RDO C:\Users\Carsten\SkyDrive
2013-11-12 18:15 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-12 18:15 - 2013-09-30 04:56 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2013-11-12 18:15 - 2013-09-30 04:56 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2013-11-12 18:14 - 2013-11-07 19:05 - 00000000 ____D C:\Users\Carsten\AppData\Local\Adobe
2013-11-12 18:14 - 2013-11-07 18:32 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Skype
2013-11-12 18:10 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-12 18:09 - 2013-08-22 15:44 - 05143976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-11-12 18:08 - 2013-09-29 20:04 - 00001514 _____ C:\WINDOWS\PFRO.log
2013-11-11 21:42 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-11-11 21:34 - 2013-11-07 18:38 - 00000000 ____D C:\Users\Carsten\Documents\Outlook-Dateien
2013-11-11 21:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-11-11 20:19 - 2013-03-15 22:05 - 00000000 ____D C:\ProgramData\McAfee
2013-11-11 20:18 - 2013-11-07 19:06 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-11 20:18 - 2013-11-07 18:03 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Adobe
2013-11-11 20:06 - 2013-11-11 17:17 - 00000000 ____D C:\Program Files\Adobe
2013-11-11 20:06 - 2013-11-07 19:34 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-11-11 19:51 - 2013-11-07 19:11 - 00000000 ____D C:\ProgramData\Adobe
2013-11-11 18:52 - 2013-11-11 18:52 - 00000000 ____D C:\ProgramData\ALM
2013-11-11 18:48 - 2013-11-11 18:48 - 01970848 _____ C:\Users\Carsten\Downloads\winrar-x64-500.exe
2013-11-11 18:38 - 2013-11-11 18:38 - 00002050 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-11-11 18:31 - 2013-11-11 18:31 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-11-11 18:05 - 2013-11-11 18:05 - 00066751 _____ C:\Users\Carsten\Downloads\FRST.txt
2013-11-11 18:05 - 2013-11-11 18:04 - 00021192 _____ C:\Users\Carsten\Downloads\Addition.txt
2013-11-11 18:03 - 2013-11-11 18:03 - 00000000 ____D C:\Users\Carsten\Desktop\FRST
2013-11-11 18:02 - 2013-11-11 18:02 - 01957590 _____ (Farbar) C:\Users\Carsten\Desktop\FRST64.exe
2013-11-11 17:30 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-11-11 17:02 - 2013-11-07 18:02 - 00000000 ____D C:\Users\Carsten\AppData\Local\Packages
2013-11-11 17:00 - 2013-11-11 17:00 - 00000000 ____D C:\Users\Public\CyberLink
2013-11-11 17:00 - 2013-11-11 17:00 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Nitro
2013-11-11 17:00 - 2013-11-11 17:00 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\CyberLink
2013-11-11 17:00 - 2013-03-15 22:00 - 00000000 ____D C:\ProgramData\CyberLink
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 ____D C:\ProgramData\tmp
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 ____D C:\ProgramData\hps
2013-11-11 16:34 - 2013-11-11 15:59 - 00000000 ____D C:\Users\Carsten
2013-11-11 16:34 - 2013-11-07 18:27 - 00000000 ___RD C:\Users\Carsten\SkyDrive.old
2013-11-11 16:33 - 2013-09-30 05:53 - 00000000 ___HD C:\$Windows.~BT
2013-11-11 16:30 - 2013-11-11 16:30 - 00001461 _____ C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-11 16:30 - 2013-11-11 16:30 - 00000020 ___SH C:\Users\Carsten\ntuser.ini
2013-11-11 16:30 - 2013-11-11 15:51 - 00000000 ___DC C:\WINDOWS\Panther
2013-11-11 16:30 - 2013-11-07 18:03 - 00000000 ___RD C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-11 16:30 - 2013-11-07 18:03 - 00000000 ___RD C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-11 16:27 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-11-11 16:26 - 2013-11-11 16:26 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-11-11 16:26 - 2013-11-11 15:59 - 00028578 _____ C:\WINDOWS\diagwrn.xml
2013-11-11 16:26 - 2013-11-11 15:59 - 00028578 _____ C:\WINDOWS\diagerr.xml
2013-11-11 16:26 - 2013-11-11 14:20 - 00006547 _____ C:\WINDOWS\comsetup.log
2013-11-11 16:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2013-11-11 16:26 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2013-11-11 16:26 - 2013-08-22 15:46 - 00330400 _____ C:\WINDOWS\setupact.log
2013-11-11 16:26 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-11-11 16:18 - 2013-11-11 16:18 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-11-11 16:15 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media
2013-11-11 16:15 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-11-11 16:13 - 2013-11-11 16:13 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-11-11 16:08 - 2013-03-15 21:27 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2013-11-11 16:08 - 2013-03-15 21:27 - 00000000 ____D C:\WINDOWS\system32\NV
2013-11-11 16:06 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-11-11 16:06 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-11-11 16:05 - 2013-11-11 16:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-11-11 16:05 - 2013-11-11 16:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-11-11 16:05 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2013-11-11 16:05 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-11-11 16:05 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-11-11 16:05 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2013-11-11 16:05 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2013-11-11 16:05 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\winrm
2013-11-11 16:05 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-11-11 16:05 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\slmgr
2013-11-11 16:05 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2013-11-11 16:05 - 2013-08-22 16:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2013-11-11 16:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-11 16:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-11-11 16:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-11-11 16:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-11-11 16:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-11-11 16:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2013-11-11 16:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-11-11 16:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-11-11 16:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-11-11 16:05 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-11-11 16:05 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-11-11 16:05 - 2013-03-15 21:32 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2013-11-11 16:05 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2013-11-11 16:04 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-11-11 16:04 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2013-11-11 16:04 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME
2013-11-11 16:04 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-11-11 16:02 - 2013-11-11 15:55 - 00000000 ____D C:\Program Files (x86)\Intel
2013-11-11 16:02 - 2013-11-11 15:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-11 16:02 - 2013-11-11 15:53 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-11-11 16:02 - 2013-09-30 04:59 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-11 16:02 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-11-11 16:02 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-11-11 16:02 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-11 16:02 - 2012-10-10 00:10 - 00000000 ____D C:\ProgramData\PRICache
2013-11-11 16:00 - 2013-11-11 16:00 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-11-11 16:00 - 2013-11-11 15:59 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-11 16:00 - 2013-11-11 15:59 - 00000000 ___RD C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-11 16:00 - 2013-11-07 18:02 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-11-11 16:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-11-11 16:00 - 2013-03-15 22:03 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Vorlagen
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Startmenü
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Netzwerkumgebung
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Lokale Einstellungen
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Eigene Dateien
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Druckumgebung
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Documents\Eigene Musik
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Documents\Eigene Bilder
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\AppData\Local\Verlauf
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\AppData\Local\Anwendungsdaten
2013-11-11 15:59 - 2013-11-11 15:59 - 00000000 _SHDL C:\Users\Carsten\Anwendungsdaten
2013-11-11 15:55 - 2013-11-11 15:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-11 15:55 - 2013-11-11 15:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-11-11 15:55 - 2013-11-11 15:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2013-11-11 15:55 - 2013-11-11 15:55 - 00000000 ____D C:\Program Files (x86)\USB Camera
2013-11-11 15:55 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\System
2013-11-11 15:55 - 2013-08-22 15:46 - 00000084 _____ C:\WINDOWS\setuperr.log
2013-11-11 15:54 - 2013-11-11 15:54 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-11-11 15:54 - 2013-11-11 15:54 - 00000000 ____D C:\Program Files\Realtek
2013-11-11 15:53 - 2013-11-11 15:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2013-11-11 15:53 - 2013-11-11 15:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2013-11-11 15:53 - 2013-11-11 15:53 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-11 15:53 - 2013-11-11 15:53 - 00000000 ____D C:\Program Files\Synaptics
2013-11-11 15:51 - 2013-11-11 15:51 - 00000000 __SHD C:\Recovery
2013-11-11 15:50 - 2013-11-11 15:50 - 23213056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 17143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 12995072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 11222016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 02763776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-11-11 15:50 - 2013-11-11 15:50 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-11-11 15:50 - 2013-11-11 15:50 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-11 15:50 - 2013-11-11 15:50 - 00000000 ____D C:\Windows.old
2013-11-11 15:50 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-11-11 15:49 - 2013-11-11 15:49 - 02144768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 01537880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-11 15:49 - 2013-11-11 15:49 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-11 15:49 - 2013-11-11 15:49 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-11-11 15:49 - 2013-11-11 15:49 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-11-11 15:49 - 2013-11-11 15:49 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-11 15:49 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-11-11 15:49 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-11 15:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-11-11 15:47 - 2013-11-11 15:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-11-11 15:47 - 2013-11-11 15:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-11-11 15:47 - 2013-11-11 15:47 - 00000000 ____D C:\Program Files\MSBuild
2013-11-11 15:47 - 2013-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-11-11 15:47 - 2013-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-11-11 15:37 - 2013-03-15 21:14 - 01648698 _____ C:\WINDOWS\WindowsUpdate (1).log
2013-11-11 15:18 - 2013-11-11 15:18 - 00000000 ____D C:\Users\Carsten\Documents\Benutzerdefinierte Office-Vorlagen
2013-11-11 14:13 - 2013-11-07 18:09 - 00000000 ____D C:\Users\Carsten\AppData\Local\Mozilla
2013-11-11 14:00 - 2013-03-15 22:07 - 00001869 _____ C:\Users\Public\Desktop\McAfee Internet Security.lnk
2013-11-11 13:49 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-11-07 20:29 - 2013-11-07 20:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-11-07 20:28 - 2013-11-07 18:44 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Apple Computer
2013-11-07 19:53 - 2013-11-07 19:52 - 00003560 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2013-11-07 19:48 - 2013-03-15 22:05 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-11-07 19:48 - 2013-03-15 22:05 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-11-07 19:29 - 2013-11-07 19:29 - 00000000 ____D C:\Users\Carsten\048298C9A4D3490B9FF9AB023A9238F3.TMP
2013-11-07 19:28 - 2013-11-07 19:28 - 08531968 _____ C:\Users\Carsten\Downloads\SteamInstall_German.msi
2013-11-07 19:16 - 2013-11-07 19:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-07 19:07 - 2013-11-07 19:07 - 00001070 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2013-11-07 19:05 - 2013-11-07 19:05 - 02841464 _____ (Adobe Systems Incorporated) C:\Users\Carsten\Downloads\CreativeCloudSet-Up.exe
2013-11-07 18:44 - 2013-11-07 18:44 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-07 18:44 - 2013-11-07 18:44 - 00000000 ____D C:\Users\Carsten\AppData\Local\Apple Computer
2013-11-07 18:44 - 2013-11-07 18:43 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-07 18:44 - 2013-11-07 18:43 - 00000000 ____D C:\Program Files\iTunes
2013-11-07 18:44 - 2013-11-07 18:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-07 18:43 - 2013-11-07 18:43 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-07 18:43 - 2013-11-07 18:43 - 00000000 ____D C:\Program Files\iPod
2013-11-07 18:42 - 2013-11-07 18:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-11-07 18:42 - 2013-11-07 18:42 - 00000000 ____D C:\Users\Carsten\AppData\Local\Apple
2013-11-07 18:42 - 2013-11-07 18:42 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-07 18:42 - 2013-11-07 18:42 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-11-07 18:42 - 2013-11-07 18:41 - 00000000 ____D C:\ProgramData\Apple
2013-11-07 18:41 - 2013-11-07 18:41 - 00000000 ____D C:\Program Files\Bonjour
2013-11-07 18:41 - 2013-11-07 18:41 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-11-07 18:38 - 2013-11-07 18:37 - 100400976 _____ (Apple Inc.) C:\Users\Carsten\Downloads\iTunes64Setup.exe
2013-11-07 18:32 - 2013-11-07 18:32 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2013-11-07 18:32 - 2013-11-07 18:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-07 18:32 - 2013-11-07 18:32 - 00000000 ____D C:\ProgramData\Skype
2013-11-07 18:27 - 2013-11-07 18:27 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-11-07 18:27 - 2013-11-07 18:27 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2013-11-07 18:27 - 2013-03-15 21:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-11-07 18:21 - 2013-11-07 18:21 - 01550496 _____ (Skype Technologies S.A.) C:\Users\Carsten\Downloads\SkypeSetup.exe
2013-11-07 18:19 - 2013-11-07 18:19 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-11-07 18:19 - 2013-11-07 18:19 - 00000000 ____D C:\Users\Carsten\AppData\Local\Macromedia
2013-11-07 18:17 - 2013-11-07 18:17 - 01351264 _____ C:\WINDOWS\NIRMALA.tt2
2013-11-07 18:17 - 2013-11-07 18:17 - 01303396 _____ C:\WINDOWS\NIRMALAB.tt2
2013-11-07 18:16 - 2013-11-07 18:02 - 00000000 ____D C:\Users\Carsten\AppData\Local\VirtualStore
2013-11-07 18:15 - 2013-11-07 18:15 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-11-07 18:14 - 2013-11-07 18:14 - 00575168 _____ (Microsoft Corporation) C:\Users\Carsten\Downloads\Setup.X86.de-DE_O365HomePremRetail_2023ffc9-cdc8-4a40-af5d-03f6a10bb7a7_TX_DB_.exe
2013-11-07 18:14 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-11-07 18:10 - 2013-11-07 18:10 - 00001289 _____ C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2013-11-07 18:10 - 2013-11-07 18:09 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Mozilla
2013-11-07 18:09 - 2013-11-07 18:09 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-07 18:09 - 2013-11-07 18:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-07 18:09 - 2013-11-07 18:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-07 18:04 - 2013-11-07 18:04 - 00000000 ____D C:\ProgramData\Energy Management
2013-11-07 18:03 - 2013-11-07 18:03 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Macromedia
2013-11-07 18:03 - 2013-11-07 18:03 - 00000000 ____D C:\ProgramData\eBay
2013-11-07 18:03 - 2013-03-16 07:17 - 00102345 _____ C:\WINDOWS\modules.log
2013-11-07 18:02 - 2013-11-07 18:02 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Intel
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Programme
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-11-07 17:56 - 2013-11-07 17:56 - 00000000 _SHDL C:\Dokumente und Einstellungen
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-11 15:52
==================== End Of Log ============================ --- --- --- Code:
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2013 01
Ran by Carsten at 2013-11-12 18:43:32
Running from C:\Users\Carsten\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
Adobe After Effects CC (x32 Version: 12)
Adobe Creative Cloud (x32 Version: 2.2.1.260)
Adobe Dreamweaver CC (x32 Version: 13)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Illustrator CC (x32 Version: 17.0)
Adobe InDesign CC (x32 Version: 9.0)
Adobe Photoshop CC (x32 Version: 14.0)
Adobe Premiere Pro CC (x32 Version: 7.0.0)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Amazon Browser App (x32 Version: 1.0.0.0)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Benutzerhandbuch (x32 Version: 1.0.0.9)
Bonjour (Version: 3.0.0.10)
Dolby Home Theater v4 (x32 Version: 7.2.8000.17)
Energy Management (x32 Version: 8.0.2.4)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel PROSet Wireless
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3316)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.5.5.0480)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.6.1209.0268)
Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® PROSet/Wireless WiFi-Software (Version: 15.05.7000.1709)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.1.3.8)
Lenovo EasyCamera (x32 Version: 3.12.1023.1)
Lenovo OneKey Recovery (Version: 8.0.0.0710)
Lenovo OneKey Recovery (x32 Version: 8.0.0.0710)
Lenovo Photos (x32 Version: 5.0.6)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52)
Lenovo YouCam (x32 Version: 4.1.3423)
McAfee Internet Security (x32 Version: 12.8.856)
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4535.1511)
Microsoft SkyDrive (HKCU Version: 17.0.2003.1112)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 25.0)
Nitro Pro 8 (Version: 8.0.10.7)
NVIDIA Grafiktreiber 311.27 (Version: 311.27)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA Optimus 1.11.3 (Version: 1.11.3)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Systemsteuerung 311.27 (Version: 311.27)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4535.1511)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4535.1511)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4535.1511)
Onekey Theater (x32 Version: 3.0.1.0)
PDF Settings CC (x32 Version: 12.0)
Power2Go (x32 Version: 5.6.0.9109)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6798)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39029)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 6.10 (x32 Version: 6.10.104)
SugarSync Manager (x32 Version: 1.9.61.90905)
Synaptics Pointing Device Driver (Version: 16.2.10.13)
UserGuide (x32 Version: 1.0.0.9)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (Version: 06/15/2012 8.1.0.1)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (Version: 06/19/2012 10.13.29.733)
==================== Restore Points =========================
11-11-2013 16:30:33 Windows Update
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2F531EA0-C29C-4C91-A468-4DDCA71A60F0} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\System32\oobe\setupsqm.exe [2013-08-22] (Microsoft Corporation)
Task: {3363BCE8-9AB2-4D98-A431-0D63948A2DD6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-11-07] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7D46E322-8844-4D9D-BBFC-0129824D6A5C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-06] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-30] (Microsoft Corporation)
Task: {97A49166-CD28-4310-8FA2-35278A770370} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B8611AAC-CCEE-45F9-90E1-1AF4D1FBF707} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {BCB5EE76-CBE1-4481-8C82-4B7A424BF72B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-07] (Adobe Systems Incorporated)
Task: {C94F6EEC-E10B-4EA3-B0E6-3986110ACC43} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-07 18:09 - 2013-10-26 02:53 - 03368048 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-17 16:45 - 2013-10-17 16:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 13:42 - 2013-06-05 14:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2013-10-17 16:44 - 2013-10-17 16:44 - 00736256 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libglesv2.dll
2013-10-17 16:44 - 2013-10-17 16:44 - 00130048 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libegl.dll
2013-03-15 21:34 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\Users\Carsten\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/11/2013 08:23:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Creative Cloud.exe, Version: 2.2.1.260, Zeitstempel: 0x5278f843
Name des fehlerhaften Moduls: AppsPanelBL.dll, Version: 2.2.0.248, Zeitstempel: 0x525ff988
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0010e047
ID des fehlerhaften Prozesses: 0x10a8
Startzeit der fehlerhaften Anwendung: 0xCreative Cloud.exe0
Pfad der fehlerhaften Anwendung: Creative Cloud.exe1
Pfad des fehlerhaften Moduls: Creative Cloud.exe2
Berichtskennung: Creative Cloud.exe3
Vollständiger Name des fehlerhaften Pakets: Creative Cloud.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Creative Cloud.exe5
Error: (11/11/2013 05:07:48 PM) (Source: MsiInstaller) (User: CARSTENS-PC)
Description: Produkt: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 -- Fehler 1704.Eine Installation von Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 ist im Augenblick unterbrochen. Sie müssen die von dieser Installation vorgenommenen Änderungen rückgängig machen, bevor Sie den Vorgang fortsetzen können. Möchten Sie diese Änderungen rückgängig machen?
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "IntelWLANEventProvider" wurde versucht, die Abfrage "select * from CIntelQosEvent" zu registrieren, deren Zielklasse "CIntelQosEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "IntelWLANEventProvider" wurde versucht, die Abfrage "select * from CIntelDot1xEvent" zu registrieren, deren Zielklasse "CIntelDot1xEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "IntelWLANEventProvider" wurde versucht, die Abfrage "select * from CIntelWLANEvent" zu registrieren, deren Zielklasse "CIntelWLANEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "" wurde versucht, die Abfrage "select * from CIntelQosEvent" zu registrieren, deren Zielklasse "CIntelQosEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "" wurde versucht, die Abfrage "select * from CIntelDot1xEvent" zu registrieren, deren Zielklasse "CIntelDot1xEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "" wurde versucht, die Abfrage "select * from CIntelWLANEvent" zu registrieren, deren Zielklasse "CIntelWLANEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (11/07/2013 07:54:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: CARSTENS-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Chat“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/07/2013 07:54:01 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1654
Startzeit: 01cedbea8c434d66
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: d96fa7a5-47dd-11e3-be79-2089844a9cef
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.WindowsLive.Chat
System errors:
=============
Error: (11/12/2013 06:39:49 PM) (Source: DCOM) (User: CARSTENS-PC)
Description: {9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Error: (11/11/2013 08:20:03 PM) (Source: DCOM) (User: CARSTENS-PC)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (11/11/2013 07:53:32 PM) (Source: DCOM) (User: CARSTENS-PC)
Description: {9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Error: (11/11/2013 04:53:26 PM) (Source: DCOM) (User: CARSTENS-PC)
Description: {9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Error: (11/11/2013 04:33:54 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (11/11/2013 04:26:14 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {9E175B68-F52A-11D8-B9A5-505054503030}
Error: (11/11/2013 04:24:14 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {9E175B68-F52A-11D8-B9A5-505054503030}
Error: (11/11/2013 04:22:14 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {9E175B68-F52A-11D8-B9A5-505054503030}
Error: (11/11/2013 04:20:13 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {9E175B68-F52A-11D8-B9A5-505054503030}
Error: (11/11/2013 04:17:21 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {9E175B6D-F52A-11D8-B9A5-505054503030}
Microsoft Office Sessions:
=========================
Error: (11/11/2013 08:23:40 PM) (Source: Application Error)(User: )
Description: Creative Cloud.exe2.2.1.2605278f843AppsPanelBL.dll2.2.0.248525ff988c00000050010e04710a801cedef3316eab47C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\AppsPanel\AppsPanelBL.dllc509d047-4b06-11e3-8250-606c6631749f
Error: (11/11/2013 05:07:48 PM) (Source: MsiInstaller)(User: CARSTENS-PC)
Description: Produkt: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 -- Fehler 1704.Eine Installation von Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 ist im Augenblick unterbrochen. Sie müssen die von dieser Installation vorgenommenen Änderungen rückgängig machen, bevor Sie den Vorgang fortsetzen können. Möchten Sie diese Änderungen rückgängig machen?(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: IntelWLANEventProviderselect * from CIntelQosEventCIntelQosEvent//./ROOT/default
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: IntelWLANEventProviderselect * from CIntelDot1xEventCIntelDot1xEvent//./ROOT/default
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: IntelWLANEventProviderselect * from CIntelWLANEventCIntelWLANEvent//./ROOT/default
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: select * from CIntelQosEventCIntelQosEvent//./ROOT/default
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: select * from CIntelDot1xEventCIntelDot1xEvent//./ROOT/default
Error: (11/11/2013 04:26:18 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: select * from CIntelWLANEventCIntelWLANEvent//./ROOT/default
Error: (11/07/2013 07:54:01 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: CARSTENS-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Chat-2144927142
Error: (11/07/2013 07:54:01 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.2.9200.16420165401cedbea8c434d664294967295C:\WINDOWS\system32\wwahost.exed96fa7a5-47dd-11e3-be79-2089844a9cefmicrosoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Chat
CodeIntegrity Errors:
===================================
Date: 2013-11-12 18:14:29.964
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-11-11 21:04:11.741
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-11-11 21:03:56.427
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-11-11 19:24:09.811
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-11-11 19:04:43.568
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-11-11 18:52:30.031
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-11-11 18:50:41.957
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-11-11 16:32:33.775
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-11-11 13:59:29.592
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-11-07 19:54:13.255
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 42%
Total physical RAM: 8047.52 MB
Available physical RAM: 4645.1 MB
Total Pagefile: 9967.52 MB
Available Pagefile: 6656.69 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:883.5 GB) (Free:839.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.26 GB) NTFS
Drive f: (INTENSO) (Fixed) (Total:465.64 GB) (Free:452.37 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: BDD7A81C)
Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 4937D92F)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)
==================== End Of Log ============================ |