| cambridge1 | 18.02.2014 10:40 |
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2014
Ran by karl_02 at 2014-02-17 23:55:06
Running from C:\Users\karl_02\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
AbiWord 2.9.4 (x32 Version: 2.9.4 - AbiSource Developers)
Acer Power Management (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (Version: 6.00.3017 - Acer Incorporated)
Acer Remote (x32 Version: 1.0 - Acer Inc.)
AcerCloud Docs (x32 Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (x32 Version: 2.02.2021 - Acer Incorporated)
Amazon 1Button App (x32 Version: 1.0.4 - Amazon) Hidden
Amazon 1Button App (x32 Version: 3.0 - Amazon)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
clear.fi Media (x32 Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (x32 Version: 2.02.2016 - Acer Incorporated)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3318_45364 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3318_45364 - CyberLink Corp.) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DMUninstaller (x32 Version: - ) <==== ATTENTION
eBay Worldwide (x32 Version: 2.4.0105 - OEM)
EVEREST Home Edition v2.20 (x32 Version: 2.20 - Lavalys Inc)
FileZilla Client 3.7.4.1 (x32 Version: 3.7.4.1 - Tim Kosse)
FlvPlayer (x32 Version: ${VERSION} - )
GitHub (HKCU Version: 1.2.9.0 - GitHub, Inc.)
GnuWin32: Jwhois version 3.2.3 (x32 Version: 3.2.3 - GnuWin32)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hotkey Utility (x32 Version: 3.00.8100 - Acer Incorporated)
ICQ 8.2 (build 6901) (HKCU Version: 8.2.6901.0 - ICQ)
Identity Card (x32 Version: 2.00.3009 - Acer Incorporated)
IePluginService12.27.0.3326 (x32 Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Intel(R) Management Engine Components (x32 Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3379 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.66956 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Live Updater (x32 Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee Internet Security Suite (x32 Version: 12.8.908 - McAfee, Inc.)
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (x32 Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (x32 Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0 (x86 de) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (x32 Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (x32 Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Notepad++ (x32 Version: 6.5.3 - Notepad++ Team)
Office Addin (x32 Version: 2.02.2008 - Acer)
PDF Architect (x32 Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (x32 Version: 1.7.2 - pdfforge)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QIP Shot 3.1 (x32 Version: 3.1.8 - OOO Media Mir)
Realtek Card Reader (x32 Version: 6.2.9200.39044 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (x32 Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6859 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Skype™ 6.13 (x32 Version: 6.13.104 - Skype Technologies S.A.)
Speccy (Version: 1.25 - Piriform)
Spotify (x32 Version: 0.8.4.99.ga249b5f1 - Spotify AB)
SupTab (x32 Version: 1.1.1.0 - ) <==== ATTENTION
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (x32 Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1 - Microsoft Corporation)
WildTangent Games (x32 Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WinRAR 5.01 (64-Bit) (Version: 5.01.0 - win.rar GmbH)
WPM17.8.0.3325 (x32 Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
ZTE Handset USB Driver (Version: - ZTE Corporation)
ZTE Handset USB Driver (Version: 5.2088.1.A02B07 - ZTE Corporation)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\UpdaterEX.job => ?
==================== Loaded Modules (whitelisted) =============
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-10-31 01:09 - 2013-03-21 18:40 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/17/2014 11:29:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: iertutil.dll, Version: 11.0.9600.16518, Zeitstempel: 0x52f35c70
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000e21d1
ID des fehlerhaften Prozesses: 0x598
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (02/17/2014 05:15:18 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a24
Startzeit: 01cf2bfabcdd7287
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: b05ceed1-97ee-11e3-be79-448a5b21e60f
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness
Error: (02/17/2014 04:57:42 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 20bc
Startzeit: 01cf2bf84795e019
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: 3b18f7c6-97ec-11e3-be79-448a5b21e60f
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness
Error: (02/17/2014 04:29:31 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 42d0
Startzeit: 01cf2bf457a3e345
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: 4b227989-97e8-11e3-be79-448a5b21e60f
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness
Error: (02/17/2014 04:14:34 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2ba4
Startzeit: 01cf2bf23f325ae3
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: 34b8e3c2-97e6-11e3-be79-448a5b21e60f
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness
Error: (02/17/2014 03:59:31 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2e3c
Startzeit: 01cf2bf026c0f291
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: 1a43baaf-97e4-11e3-be79-448a5b21e60f
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness
Error: (02/17/2014 03:29:31 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a54
Startzeit: 01cf2bebf5dd40fb
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: e95dfcae-97df-11e3-be79-448a5b21e60f
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness
Error: (02/17/2014 03:14:31 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3130
Startzeit: 01cf2be9dd6c1b95
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: d10c1104-97dd-11e3-be79-448a5b21e60f
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness
Error: (02/17/2014 02:52:41 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3850
Startzeit: 01cf2be6ce75c045
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: c3af4d7e-97da-11e3-be79-448a5b21e60f
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness
Error: (02/17/2014 00:30:36 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3d90
Startzeit: 01cf2bd2f7a4e6f3
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: eb04f555-97c6-11e3-be79-448a5b21e60f
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness
System errors:
=============
Error: (02/17/2014 09:30:31 PM) (Source: DCOM) (User: ACER_007)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Error: (02/17/2014 08:39:50 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (02/17/2014 06:30:31 PM) (Source: DCOM) (User: ACER_007)
Description: c:\PROGRA~1\mcafee\msc\mcmscsub.dll -Embedding193{9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Error: (02/17/2014 06:14:35 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (02/17/2014 05:45:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Inc. mfeapfk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1243
Error: (02/17/2014 05:38:42 PM) (Source: DCOM) (User: ACER_007)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/17/2014 05:38:11 PM) (Source: DCOM) (User: ACER_007)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/17/2014 04:53:28 PM) (Source: DCOM) (User: ACER_007)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/17/2014 04:52:57 PM) (Source: DCOM) (User: ACER_007)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/17/2014 03:35:20 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.
Microsoft Office Sessions:
=========================
Error: (02/17/2014 11:29:06 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1651852f347b2iertutil.dll11.0.9600.1651852f35c70c0000005000e21d159801cf2c001dec1e14C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\iertutil.dlle8a26aee-9822-11e3-be7a-448a5b21e60f
Error: (02/17/2014 05:15:18 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.164311a2401cf2bfabcdd72874294967295C:\WINDOWS\system32\wwahost.exeb05ceed1-97ee-11e3-be79-448a5b21e60fMicrosoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbweAppexHealthAndFitness
Error: (02/17/2014 04:57:42 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.1643120bc01cf2bf84795e0194294967295C:\WINDOWS\system32\wwahost.exe3b18f7c6-97ec-11e3-be79-448a5b21e60fMicrosoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbweAppexHealthAndFitness
Error: (02/17/2014 04:29:31 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.1643142d001cf2bf457a3e3454294967295C:\WINDOWS\system32\wwahost.exe4b227989-97e8-11e3-be79-448a5b21e60fMicrosoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbweAppexHealthAndFitness
Error: (02/17/2014 04:14:34 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.164312ba401cf2bf23f325ae34294967295C:\WINDOWS\system32\wwahost.exe34b8e3c2-97e6-11e3-be79-448a5b21e60fMicrosoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbweAppexHealthAndFitness
Error: (02/17/2014 03:59:31 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.164312e3c01cf2bf026c0f2914294967295C:\WINDOWS\system32\wwahost.exe1a43baaf-97e4-11e3-be79-448a5b21e60fMicrosoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbweAppexHealthAndFitness
Error: (02/17/2014 03:29:31 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.164311a5401cf2bebf5dd40fb4294967295C:\WINDOWS\system32\wwahost.exee95dfcae-97df-11e3-be79-448a5b21e60fMicrosoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbweAppexHealthAndFitness
Error: (02/17/2014 03:14:31 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.16431313001cf2be9dd6c1b954294967295C:\WINDOWS\system32\wwahost.exed10c1104-97dd-11e3-be79-448a5b21e60fMicrosoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbweAppexHealthAndFitness
Error: (02/17/2014 02:52:41 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.16431385001cf2be6ce75c0454294967295C:\WINDOWS\system32\wwahost.exec3af4d7e-97da-11e3-be79-448a5b21e60fMicrosoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbweAppexHealthAndFitness
Error: (02/17/2014 00:30:36 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.164313d9001cf2bd2f7a4e6f34294967295C:\WINDOWS\system32\wwahost.exeeb04f555-97c6-11e3-be79-448a5b21e60fMicrosoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbweAppexHealthAndFitness
CodeIntegrity Errors:
===================================
Date: 2014-02-01 01:20:38.184
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Karl_01\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-01 01:20:38.020
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 58%
Total physical RAM: 3905.33 MB
Available physical RAM: 1624.87 MB
Total Pagefile: 7873.33 MB
Available Pagefile: 5253.44 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:224.11 GB) (Free:185.1 GB) NTFS
Drive d: (DATA) (Fixed) (Total:224.45 GB) (Free:223.92 GB) NTFS
Drive f: (32_GB) (Removable) (Total:29.66 GB) (Free:2.72 GB) FAT32
Drive g: () (Removable) (Total:3.81 GB) (Free:1.86 GB) FAT32
Drive i: (4GB) (Removable) (Total:3.74 GB) (Free:0 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by karl_02 (ATTENTION: The logged in user is not administrator) on ACER_007 on 17-02-2014 23:54:26
Running from C:\Users\karl_02\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ICQ) C:\Users\karl_02\AppData\Roaming\ICQM\icq.exe
(Acer) C:\Program Files (x86)\Acer Remote\ArcServer.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13425224 2013-03-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-520351262-3805593758-3337490235-1007\...\Run: [icq] - C:\Users\karl_02\AppData\Roaming\ICQM\icq.exe [33664344 2014-02-13] (ICQ)
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [155456 2013-12-15] ()
AppInit_DLLs-x32: c:\progra~2\amazon\amazon~1\\amazon~3.dll => c:\progra~2\amazon\amazon~1\\amazon~3.dll [138048 2013-12-15] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5&q={searchTerms}
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM - {DE638FD9-254F-49E4-8A7E-DA5956C79DA3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391774122&from=cor&uid=ST500DM002-1BD142_W3T0FFS5XXXXW3T0FFS5&q={searchTerms}
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - {DE638FD9-254F-49E4-8A7E-DA5956C79DA3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll (Amazon Inc.)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\karl_02\AppData\Roaming\Mozilla\Firefox\Profiles\pouib2zs.default
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-07-31]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-02-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-07-31]
==================== Services (Whitelisted) =================
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-01-14] (Cherished Technololgy LIMITED)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-05] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [184800 2013-12-05] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-02-07] (Cherished Technololgy LIMITED)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-12-05] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-03] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-12-05] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-12-05] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-12-05] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-12-05] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782616 2013-12-05] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-12-05] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [38504 2012-04-16] (Windows (R) Codename Longhorn DDK provider)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-03] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 zghsser; C:\Windows\system32\DRIVERS\zghsser.sys [131976 2012-10-31] (ZTE Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-17 23:54 - 2014-02-17 23:54 - 00016732 _____ () C:\Users\karl_02\Desktop\FRST.txt
2014-02-17 23:54 - 2014-02-17 23:54 - 00000000 ____D () C:\FRST
2014-02-17 23:53 - 2014-02-17 23:53 - 02152448 _____ (Farbar) C:\Users\karl_02\Desktop\FRST64.exe
2014-02-17 23:50 - 2014-02-17 23:50 - 00027549 _____ () C:\Users\karl_02\Favorites_karl02.rar
2014-02-17 23:40 - 2014-02-17 23:40 - 00000000 ____D () C:\Users\Karl_03\AppData\Roaming\WinRAR
2014-02-17 23:37 - 2014-02-17 23:37 - 00000000 ____D () C:\Users\Karl_03\AppData\Roaming\Macromedia
2014-02-17 23:36 - 2014-02-17 23:36 - 00000000 ____D () C:\Users\Karl_03\AppData\Roaming\AcerRemote
2014-02-17 23:35 - 2014-02-17 23:35 - 00000020 ___SH () C:\Users\Karl_03\ntuser.ini
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Vorlagen
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Startmenü
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Netzwerkumgebung
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Lokale Einstellungen
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Eigene Dateien
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Druckumgebung
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Anwendungsdaten
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 ____D () C:\Users\Karl_03\AppData\Roaming\Adobe
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 ____D () C:\Users\Karl_03
2014-02-17 02:52 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-17 02:52 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-17 02:52 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-17 02:52 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-17 02:52 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-17 02:52 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-17 02:52 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-17 02:52 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-17 02:52 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-17 02:52 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-17 02:52 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-17 02:52 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-17 02:52 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-17 02:52 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-17 02:52 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-17 02:52 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-17 02:52 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-17 02:52 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-17 02:52 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-17 02:52 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-17 02:52 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-17 02:52 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-17 02:52 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-17 02:52 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-17 02:52 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-17 02:52 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-17 02:52 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-17 02:52 - 2013-11-25 02:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-17 02:52 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-17 02:52 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-17 02:52 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-17 02:52 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-17 02:52 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-17 02:52 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-17 02:52 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-17 02:52 - 2013-11-23 08:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-17 02:52 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-17 02:52 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-17 02:52 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-17 02:52 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-17 02:52 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-17 02:52 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-17 02:52 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-17 02:52 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-17 02:52 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-17 02:52 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-17 02:52 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-17 02:52 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-17 02:52 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-17 02:52 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-17 02:52 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-17 02:52 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-17 02:52 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-17 02:52 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-17 02:52 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-16 23:37 - 2014-02-16 23:37 - 00075995 _____ () C:\Users\karl_02\Downloads\foundation.min.js
2014-02-16 23:31 - 2014-02-16 23:31 - 00009288 _____ () C:\Users\karl_02\Downloads\modernizr.js
2014-02-14 20:26 - 2014-02-17 08:32 - 00195072 ___SH () C:\Users\karl_02\Desktop\Thumbs.db
2014-02-13 22:33 - 2014-02-13 22:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-13 22:12 - 2014-02-13 22:57 - 00000000 ____D () C:\php
2014-02-13 21:52 - 2014-02-13 21:52 - 00000000 ____D () C:\Users\karl_02\Documents\GitHub
2014-02-13 21:42 - 2014-02-13 22:11 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\GitHub
2014-02-13 21:42 - 2014-02-13 22:11 - 00000000 ____D () C:\Users\karl_02\AppData\Local\GitHub
2014-02-13 21:42 - 2014-02-13 21:42 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2014-02-13 21:40 - 2014-02-13 21:42 - 00000000 ____D () C:\Users\karl_02\AppData\Local\Deployment
2014-02-13 21:40 - 2014-02-13 21:40 - 00000000 ____D () C:\Users\karl_02\AppData\Local\Apps\2.0
2014-02-13 18:01 - 2014-02-17 23:31 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\FileZilla
2014-02-13 17:03 - 2014-02-13 17:03 - 00071200 _____ () C:\Users\karl_02\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-13 17:03 - 2014-02-13 17:03 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\PDF Architect
2014-02-13 14:31 - 2014-02-13 15:12 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Notepad++
2014-02-13 13:25 - 2014-02-14 00:46 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\AbiSuite
2014-02-13 12:48 - 2014-02-13 12:48 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\AbiSuite
2014-02-13 12:47 - 2014-02-13 12:47 - 00000000 ____D () C:\Program Files (x86)\AbiWord
2014-02-13 12:13 - 2014-02-13 12:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\SearchProtect
2014-02-13 12:08 - 2014-02-13 12:08 - 00000000 _____ () C:\END
2014-02-13 12:07 - 2014-02-16 20:55 - 00000000 ____D () C:\Program Files (x86)\FlvPlayer
2014-02-13 11:04 - 2014-02-14 00:39 - 00000000 ____D () C:\Users\karl_02\Desktop\_lnk
2014-02-13 09:07 - 2014-02-13 09:08 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\ICQ-Profile
2014-02-13 09:07 - 2014-02-13 09:07 - 00001716 _____ () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-02-13 09:07 - 2014-02-13 09:07 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-02-13 09:07 - 2014-02-13 09:07 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\ICQM
2014-02-13 06:44 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 06:44 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 06:44 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 06:44 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 06:44 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 06:44 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 06:44 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 06:44 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 06:43 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 06:43 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 06:43 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 06:43 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 06:43 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 06:43 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 06:43 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 06:43 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 06:43 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 06:43 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 06:43 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 06:43 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 06:43 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 06:43 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 06:43 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 06:43 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 06:43 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 06:43 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 06:43 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 06:43 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 06:43 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 06:43 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 06:43 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 06:43 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 06:43 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 06:43 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 06:43 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 06:43 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 06:43 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 06:43 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 06:43 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 06:43 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 06:43 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 06:43 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 06:43 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 06:43 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 06:43 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 06:43 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 06:43 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 06:43 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 06:43 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 06:43 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 06:43 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 06:43 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 06:43 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 06:43 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 06:43 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 06:43 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 06:43 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 06:43 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 06:43 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 06:43 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 06:43 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 06:43 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 06:43 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 06:43 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 06:43 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 06:43 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 06:43 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 06:43 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 06:43 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-13 06:43 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 06:43 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-12 19:26 - 2014-02-12 19:26 - 00000000 _____ () C:\Users\karl_02\Desktop\Neues Textdokument.txt
2014-02-12 18:54 - 2014-02-17 00:28 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Skype
2014-02-12 18:54 - 2014-02-12 18:54 - 00000000 ____D () C:\Users\karl_02\AppData\Local\Skype
2014-02-12 14:38 - 2014-02-12 14:38 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\WinRAR
2014-02-12 14:36 - 2014-02-12 14:36 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Mozilla
2014-02-12 14:36 - 2014-02-12 14:36 - 00000000 ____D () C:\Users\karl_02\AppData\Local\Mozilla
2014-02-12 01:13 - 2014-02-12 01:13 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Macromedia
2014-02-12 00:11 - 2014-02-12 00:11 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\AcerRemote
2014-02-12 00:10 - 2014-02-17 23:50 - 00000000 ____D () C:\Users\karl_02
2014-02-12 00:10 - 2014-02-17 17:48 - 00000000 ___RD () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-12 00:10 - 2014-02-17 17:48 - 00000000 ___RD () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-12 00:10 - 2014-02-12 00:11 - 00000000 ____D () C:\Users\karl_02\AppData\Local\Packages
2014-02-12 00:10 - 2014-02-12 00:10 - 00001454 _____ () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-12 00:10 - 2014-02-12 00:10 - 00000020 ___SH () C:\Users\karl_02\ntuser.ini
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Vorlagen
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Startmenü
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Netzwerkumgebung
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Lokale Einstellungen
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Eigene Dateien
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Druckumgebung
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Documents\Eigene Musik
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Documents\Eigene Bilder
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\AppData\Local\Verlauf
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\AppData\Local\Anwendungsdaten
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Anwendungsdaten
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Adobe
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 ____D () C:\Users\karl_02\AppData\Local\VirtualStore
2014-02-12 00:10 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-12 00:10 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-12 00:10 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-12 00:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-12 00:06 - 2014-02-12 00:06 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\Mozilla
2014-02-11 10:23 - 2014-02-11 10:23 - 00000732 _____ () C:\WINDOWS\setupact.log
2014-02-11 10:23 - 2014-02-11 10:23 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-02-08 20:56 - 2014-02-17 17:44 - 00006294 _____ () C:\WINDOWS\PFRO.log
2014-02-08 08:57 - 2014-02-17 23:45 - 02043519 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-07 13:39 - 2014-02-17 22:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-07 13:39 - 2014-02-17 22:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-07 13:39 - 2014-02-07 13:39 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Mozilla
2014-02-07 13:39 - 2014-02-07 13:39 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-07 13:01 - 2014-02-07 13:01 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Systweak
2014-02-07 12:58 - 2014-02-07 12:58 - 00000000 ____D () C:\Program Files (x86)\Amazon Browser Bar
2014-02-07 12:58 - 2014-02-07 12:58 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-02-07 12:55 - 2014-02-17 23:55 - 00000318 _____ () C:\WINDOWS\Tasks\UpdaterEX.job
2014-02-07 12:55 - 2014-02-17 23:55 - 00000064 _____ () C:\Users\Karl_01\AppData\Roaming\WB.CFG
2014-02-07 12:55 - 2014-02-13 12:21 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\systweak
2014-02-07 12:55 - 2014-02-07 12:55 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\UpdaterEX
2014-02-07 12:55 - 2014-02-07 12:55 - 00000000 ____D () C:\ProgramData\WPM
2014-02-07 12:55 - 2014-02-07 12:55 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-07 12:55 - 2014-02-07 12:55 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-07 12:55 - 2013-12-13 17:53 - 00019544 _____ (System Speedup) C:\WINDOWS\system32\roboot64.exe
2014-02-06 17:45 - 2014-02-06 17:45 - 00000000 ____D () C:\Programme86
2014-02-05 09:03 - 2014-02-05 09:03 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-02-03 14:47 - 2014-02-03 14:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-02-03 13:44 - 2014-02-03 13:44 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\CyberLink
2014-02-03 13:36 - 2014-02-03 13:36 - 00000000 ____D () C:\Users\Karl_01\.android
2014-02-03 13:36 - 2014-02-03 13:36 - 00000000 ____D () C:\Program Files\ZTE_Handset_USB_Driver
2014-02-03 13:36 - 2013-03-19 16:38 - 00821544 _____ () C:\WINDOWS\adb.exe
2014-02-03 13:36 - 2012-12-20 09:04 - 00123520 _____ (HS Coporation) C:\WINDOWS\system32\Drivers\ghsser.sys
2014-02-03 13:36 - 2012-11-09 15:14 - 00062728 _____ (VIA Telecom) C:\WINDOWS\system32\Drivers\viahsser.sys
2014-02-03 13:36 - 2012-10-31 16:02 - 00032136 _____ (Via Telecom, Inc.) C:\WINDOWS\system32\Drivers\viahsets.sys
2014-02-03 13:36 - 2012-10-31 16:00 - 00131976 _____ (ZTE Corporation) C:\WINDOWS\system32\Drivers\zghsser.sys
2014-02-03 13:36 - 2012-09-04 13:49 - 00162816 _____ (HS Coporation) C:\WINDOWS\system32\Drivers\ghsnet.sys
2014-02-03 13:36 - 2012-06-20 11:51 - 00171272 _____ (ZTE Incorporated) C:\WINDOWS\system32\Drivers\zghsnet.sys
2014-02-03 13:36 - 2012-06-20 11:51 - 00020232 _____ (HandSet Incorporated) C:\WINDOWS\system32\Drivers\massfilter_hs.sys
2014-02-03 13:36 - 2012-06-08 14:56 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2014-02-03 13:36 - 2011-10-26 15:31 - 00067608 _____ (Google, inc) C:\WINDOWS\AdbWinUsbApi.dll
2014-02-03 13:36 - 2011-08-15 16:43 - 00102936 _____ (Google, inc) C:\WINDOWS\AdbWinApi.dll
2014-02-03 11:46 - 2014-02-03 11:46 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\PDF Architect
2014-02-03 11:30 - 2014-02-03 11:30 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\pdfforge
2014-02-03 11:30 - 2014-02-03 11:30 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-02-03 11:30 - 2014-02-03 11:30 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-02-03 11:30 - 2013-04-09 14:13 - 00110264 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2014-02-03 11:30 - 2013-01-09 14:52 - 01070152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2014-02-03 11:30 - 2012-05-05 10:54 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2014-02-03 11:30 - 2012-05-05 10:54 - 00137000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMAPI32.OCX
2014-02-03 11:30 - 2012-05-05 10:54 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIDE.DLL
2014-02-03 11:30 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2014-02-03 11:30 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2014-02-03 11:30 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2014-02-03 10:37 - 2014-02-03 10:37 - 00000020 ___SH () C:\Users\Karl_01_2\ntuser.ini
2014-02-03 10:34 - 2014-02-03 10:34 - 00000020 ___SH () C:\Users\Karl_01\ntuser.ini
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-02-03 10:31 - 2014-02-03 10:31 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-03 10:19 - 2014-02-03 10:31 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-02-03 10:19 - 2014-02-03 10:31 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-02-03 10:18 - 2014-02-12 14:33 - 00000000 ____D () C:\Users\Karl_01_2
2014-02-03 10:18 - 2014-02-03 13:36 - 00000000 ____D () C:\Users\Karl_01
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Vorlagen
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Startmenü
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Netzwerkumgebung
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Lokale Einstellungen
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Eigene Dateien
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Druckumgebung
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Anwendungsdaten
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Vorlagen
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Startmenü
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Netzwerkumgebung
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Lokale Einstellungen
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Eigene Dateien
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Druckumgebung
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Anwendungsdaten
2014-02-03 10:15 - 2014-02-03 10:20 - 00000000 ____D () C:\Program Files\Intel
2014-02-03 10:15 - 2014-02-03 10:20 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-03 10:15 - 2014-02-03 10:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-02-03 10:15 - 2014-02-03 10:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-02-03 10:15 - 2014-02-03 10:15 - 00000000 ____D () C:\Program Files\Realtek
2014-02-03 10:15 - 2013-12-21 00:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-02-03 10:15 - 2013-12-21 00:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-02-03 10:13 - 2014-02-07 13:00 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-03 10:13 - 2014-02-03 10:13 - 00000000 __SHD () C:\Recovery
2014-02-03 10:12 - 2014-02-03 10:12 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-03 10:12 - 2014-02-03 10:12 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-02-03 10:11 - 2014-02-03 10:11 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-03 10:11 - 2014-02-03 10:11 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-03 10:11 - 2014-02-03 10:11 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-03 10:08 - 2014-02-03 10:08 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-02-03 10:08 - 2014-02-03 10:08 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-03 10:08 - 2014-02-03 10:08 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-03 10:08 - 2014-02-03 10:08 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-02-03 10:08 - 2014-02-03 10:08 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-03 10:08 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-02-03 10:08 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-03 10:08 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-02-03 10:08 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-02-03 10:08 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-03 10:08 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-02-01 15:32 - 2014-02-02 12:06 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Notepad++
2014-02-01 15:31 - 2014-02-01 15:31 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\Notepad++
2014-02-01 15:31 - 2014-02-01 15:31 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-02-01 15:28 - 2014-02-13 18:01 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-02-01 15:28 - 2014-02-01 15:29 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\ICQ-Profile
2014-02-01 15:28 - 2014-02-01 15:28 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\ICQM
2014-02-01 15:27 - 2014-02-13 18:13 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\FileZilla
2014-02-01 15:14 - 2014-02-01 15:14 - 00000000 ____D () C:\Program Files\Speccy
2014-02-01 10:25 - 2014-02-01 10:25 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\WinRAR
2014-02-01 09:18 - 2014-02-11 23:47 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Skype
2014-02-01 09:17 - 2014-02-01 09:17 - 00000000 ____D () C:\Users\Public\OEM
2014-02-01 09:17 - 2014-02-01 09:17 - 00000000 ____D () C:\Users\Karl_01_2\PicStream
2014-02-01 09:14 - 2014-02-01 09:14 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Macromedia
2014-02-01 09:11 - 2014-02-01 09:11 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Adobe
2014-02-01 09:11 - 2014-02-01 09:11 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\AcerRemote
2014-02-01 08:33 - 2014-02-17 11:14 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-01 08:32 - 2014-02-17 11:14 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-01 01:20 - 2014-02-01 01:20 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-01-31 23:38 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2014-01-31 23:38 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-01-31 23:16 - 2014-01-31 23:16 - 00000000 ____D () C:\ICQ
2014-01-31 23:15 - 2014-02-01 00:08 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\QipShot
2014-01-31 23:15 - 2014-01-31 23:15 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\QipGuard
2014-01-31 23:15 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-01-31 23:14 - 2014-01-31 23:14 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\QIP
2014-01-31 23:14 - 2014-01-31 23:14 - 00000000 ____D () C:\Program Files (x86)\QIP 2012
2014-01-31 22:51 - 2014-01-31 22:51 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-31 22:47 - 2014-02-17 23:50 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\Skype
2014-01-31 22:46 - 2014-02-13 09:03 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\ICQM
2014-01-31 22:46 - 2014-02-01 09:18 - 00000000 ____D () C:\ProgramData\Skype
2014-01-31 22:46 - 2014-01-31 22:52 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\ICQ-Profile
2014-01-31 22:46 - 2014-01-31 22:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-31 22:41 - 2014-01-31 22:41 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\Macromedia
2014-01-31 22:41 - 2014-01-31 22:41 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\Adobe
2014-01-31 22:41 - 2014-01-31 22:41 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\AcerRemote
2014-01-29 09:15 - 2014-01-29 09:15 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-01-29 09:15 - 2014-01-29 09:15 - 00000000 ____D () C:\Program Files\Preload
2014-01-29 09:15 - 2014-01-29 09:15 - 00000000 ____D () C:\Program Files\Accessory Store
2014-01-29 09:15 - 2014-01-29 09:15 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Programme
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Dokumente und Einstellungen
==================== One Month Modified Files and Folders =======
2014-02-17 23:55 - 2014-02-07 12:55 - 00000318 _____ () C:\WINDOWS\Tasks\UpdaterEX.job
2014-02-17 23:55 - 2014-02-07 12:55 - 00000064 _____ () C:\Users\Karl_01\AppData\Roaming\WB.CFG
2014-02-17 23:54 - 2014-02-17 23:54 - 00016732 _____ () C:\Users\karl_02\Desktop\FRST.txt
2014-02-17 23:54 - 2014-02-17 23:54 - 00000000 ____D () C:\FRST
2014-02-17 23:53 - 2014-02-17 23:53 - 02152448 _____ (Farbar) C:\Users\karl_02\Desktop\FRST64.exe
2014-02-17 23:50 - 2014-02-17 23:50 - 00027549 _____ () C:\Users\karl_02\Favorites_karl02.rar
2014-02-17 23:50 - 2014-02-12 00:10 - 00000000 ____D () C:\Users\karl_02
2014-02-17 23:50 - 2014-01-31 22:47 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\Skype
2014-02-17 23:45 - 2014-02-08 08:57 - 02043519 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-17 23:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-17 23:40 - 2014-02-17 23:40 - 00000000 ____D () C:\Users\Karl_03\AppData\Roaming\WinRAR
2014-02-17 23:37 - 2014-02-17 23:37 - 00000000 ____D () C:\Users\Karl_03\AppData\Roaming\Macromedia
2014-02-17 23:36 - 2014-02-17 23:36 - 00000000 ____D () C:\Users\Karl_03\AppData\Roaming\AcerRemote
2014-02-17 23:35 - 2014-02-17 23:35 - 00000020 ___SH () C:\Users\Karl_03\ntuser.ini
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Vorlagen
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Startmenü
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Netzwerkumgebung
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Lokale Einstellungen
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Eigene Dateien
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Druckumgebung
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 _SHDL () C:\Users\Karl_03\Anwendungsdaten
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 ____D () C:\Users\Karl_03\AppData\Roaming\Adobe
2014-02-17 23:35 - 2014-02-17 23:35 - 00000000 ____D () C:\Users\Karl_03
2014-02-17 23:31 - 2014-02-13 18:01 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\FileZilla
2014-02-17 23:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-17 22:47 - 2014-02-07 13:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-17 22:47 - 2014-02-07 13:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 19:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-17 17:49 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-17 17:49 - 2013-11-14 08:11 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-17 17:49 - 2013-11-14 08:11 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-17 17:48 - 2014-02-12 00:10 - 00000000 ___RD () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-17 17:48 - 2014-02-12 00:10 - 00000000 ___RD () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-17 17:45 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-17 17:44 - 2014-02-08 20:56 - 00006294 _____ () C:\WINDOWS\PFRO.log
2014-02-17 17:44 - 2013-08-22 15:44 - 00335992 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-17 17:43 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-17 17:42 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-17 17:42 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-17 11:14 - 2014-02-01 08:33 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-17 11:14 - 2014-02-01 08:32 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-17 08:32 - 2014-02-14 20:26 - 00195072 ___SH () C:\Users\karl_02\Desktop\Thumbs.db
2014-02-17 00:28 - 2014-02-12 18:54 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Skype
2014-02-16 23:37 - 2014-02-16 23:37 - 00075995 _____ () C:\Users\karl_02\Downloads\foundation.min.js
2014-02-16 23:31 - 2014-02-16 23:31 - 00009288 _____ () C:\Users\karl_02\Downloads\modernizr.js
2014-02-16 20:55 - 2014-02-13 12:07 - 00000000 ____D () C:\Program Files (x86)\FlvPlayer
2014-02-14 00:46 - 2014-02-13 13:25 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\AbiSuite
2014-02-14 00:39 - 2014-02-13 11:04 - 00000000 ____D () C:\Users\karl_02\Desktop\_lnk
2014-02-13 22:57 - 2014-02-13 22:12 - 00000000 ____D () C:\php
2014-02-13 22:35 - 2014-02-13 22:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-13 22:11 - 2014-02-13 21:42 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\GitHub
2014-02-13 22:11 - 2014-02-13 21:42 - 00000000 ____D () C:\Users\karl_02\AppData\Local\GitHub
2014-02-13 21:52 - 2014-02-13 21:52 - 00000000 ____D () C:\Users\karl_02\Documents\GitHub
2014-02-13 21:42 - 2014-02-13 21:42 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2014-02-13 21:42 - 2014-02-13 21:40 - 00000000 ____D () C:\Users\karl_02\AppData\Local\Deployment
2014-02-13 21:40 - 2014-02-13 21:40 - 00000000 ____D () C:\Users\karl_02\AppData\Local\Apps\2.0
2014-02-13 18:13 - 2014-02-01 15:27 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\FileZilla
2014-02-13 18:01 - 2014-02-01 15:28 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-02-13 17:03 - 2014-02-13 17:03 - 00071200 _____ () C:\Users\karl_02\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-13 17:03 - 2014-02-13 17:03 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\PDF Architect
2014-02-13 15:12 - 2014-02-13 14:31 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Notepad++
2014-02-13 12:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-13 12:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-13 12:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-13 12:48 - 2014-02-13 12:48 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\AbiSuite
2014-02-13 12:47 - 2014-02-13 12:47 - 00000000 ____D () C:\Program Files (x86)\AbiWord
2014-02-13 12:21 - 2014-02-07 12:55 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\systweak
2014-02-13 12:13 - 2014-02-13 12:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\SearchProtect
2014-02-13 12:08 - 2014-02-13 12:08 - 00000000 _____ () C:\END
2014-02-13 09:08 - 2014-02-13 09:07 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\ICQ-Profile
2014-02-13 09:07 - 2014-02-13 09:07 - 00001716 _____ () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-02-13 09:07 - 2014-02-13 09:07 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-02-13 09:07 - 2014-02-13 09:07 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\ICQM
2014-02-13 09:03 - 2014-01-31 22:46 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\ICQM
2014-02-12 19:26 - 2014-02-12 19:26 - 00000000 _____ () C:\Users\karl_02\Desktop\Neues Textdokument.txt
2014-02-12 18:54 - 2014-02-12 18:54 - 00000000 ____D () C:\Users\karl_02\AppData\Local\Skype
2014-02-12 14:38 - 2014-02-12 14:38 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\WinRAR
2014-02-12 14:36 - 2014-02-12 14:36 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Mozilla
2014-02-12 14:36 - 2014-02-12 14:36 - 00000000 ____D () C:\Users\karl_02\AppData\Local\Mozilla
2014-02-12 14:33 - 2014-02-03 10:18 - 00000000 ____D () C:\Users\Karl_01_2
2014-02-12 01:13 - 2014-02-12 01:13 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Macromedia
2014-02-12 00:11 - 2014-02-12 00:11 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\AcerRemote
2014-02-12 00:11 - 2014-02-12 00:10 - 00000000 ____D () C:\Users\karl_02\AppData\Local\Packages
2014-02-12 00:10 - 2014-02-12 00:10 - 00001454 _____ () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-12 00:10 - 2014-02-12 00:10 - 00000020 ___SH () C:\Users\karl_02\ntuser.ini
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Vorlagen
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Startmenü
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Netzwerkumgebung
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Lokale Einstellungen
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Eigene Dateien
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Druckumgebung
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Documents\Eigene Musik
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Documents\Eigene Bilder
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\AppData\Local\Verlauf
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\AppData\Local\Anwendungsdaten
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 _SHDL () C:\Users\karl_02\Anwendungsdaten
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 ____D () C:\Users\karl_02\AppData\Roaming\Adobe
2014-02-12 00:10 - 2014-02-12 00:10 - 00000000 ____D () C:\Users\karl_02\AppData\Local\VirtualStore
2014-02-12 00:06 - 2014-02-12 00:06 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\Mozilla
2014-02-11 23:47 - 2014-02-01 09:18 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Skype
2014-02-11 17:17 - 2013-07-31 11:53 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-02-11 10:23 - 2014-02-11 10:23 - 00000732 _____ () C:\WINDOWS\setupact.log
2014-02-11 10:23 - 2014-02-11 10:23 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-02-07 19:25 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-02-07 13:39 - 2014-02-07 13:39 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Mozilla
2014-02-07 13:39 - 2014-02-07 13:39 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-07 13:01 - 2014-02-07 13:01 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Systweak
2014-02-07 13:00 - 2014-02-03 10:13 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-07 12:58 - 2014-02-07 12:58 - 00000000 ____D () C:\Program Files (x86)\Amazon Browser Bar
2014-02-07 12:58 - 2014-02-07 12:58 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-02-07 12:55 - 2014-02-07 12:55 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\UpdaterEX
2014-02-07 12:55 - 2014-02-07 12:55 - 00000000 ____D () C:\ProgramData\WPM
2014-02-07 12:55 - 2014-02-07 12:55 - 00000000 ____D () C:\ProgramData\IePluginService
2014-02-07 12:55 - 2014-02-07 12:55 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-02-06 17:45 - 2014-02-06 17:45 - 00000000 ____D () C:\Programme86
2014-02-06 13:16 - 2014-02-13 06:43 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 06:43 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 06:43 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 06:43 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 06:43 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 06:43 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 06:43 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 06:43 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-13 06:43 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 06:43 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 06:43 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 06:43 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 06:43 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 06:43 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 06:43 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 06:43 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 06:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 06:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 06:43 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 06:43 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 06:43 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 06:43 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 06:43 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-13 06:43 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 06:43 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 06:43 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 06:43 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 06:43 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 06:43 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 06:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 06:43 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 06:43 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 06:43 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 06:43 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 06:43 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 06:43 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 06:43 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-02-05 09:03 - 2014-02-05 09:03 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-02-05 09:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-02-03 14:47 - 2014-02-03 14:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-02-03 13:44 - 2014-02-03 13:44 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\CyberLink
2014-02-03 13:36 - 2014-02-03 13:36 - 00000000 ____D () C:\Users\Karl_01\.android
2014-02-03 13:36 - 2014-02-03 13:36 - 00000000 ____D () C:\Program Files\ZTE_Handset_USB_Driver
2014-02-03 13:36 - 2014-02-03 10:18 - 00000000 ____D () C:\Users\Karl_01
2014-02-03 11:46 - 2014-02-03 11:46 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\PDF Architect
2014-02-03 11:30 - 2014-02-03 11:30 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\pdfforge
2014-02-03 11:30 - 2014-02-03 11:30 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-02-03 11:30 - 2014-02-03 11:30 - 00000000 ____D () C:\Program Files (x86)\PDF Architect
2014-02-03 10:37 - 2014-02-03 10:37 - 00000020 ___SH () C:\Users\Karl_01_2\ntuser.ini
2014-02-03 10:34 - 2014-02-03 10:34 - 00000020 ___SH () C:\Users\Karl_01\ntuser.ini
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-02-03 10:32 - 2014-02-03 10:32 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-02-03 10:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-02-03 10:32 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-02-03 10:31 - 2014-02-03 10:31 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-03 10:31 - 2014-02-03 10:19 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-02-03 10:31 - 2014-02-03 10:19 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-02-03 10:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-02-03 10:25 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-02-03 10:25 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-03 10:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2014-02-03 10:21 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-02-03 10:21 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-02-03 10:20 - 2014-02-03 10:15 - 00000000 ____D () C:\Program Files\Intel
2014-02-03 10:20 - 2014-02-03 10:15 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-02-03 10:20 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-02-03 10:20 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-02-03 10:20 - 2013-11-14 08:11 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-02-03 10:20 - 2013-10-31 00:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-02-03 10:20 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-02-03 10:20 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-02-03 10:20 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-02-03 10:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-02-03 10:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-02-03 10:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-02-03 10:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-02-03 10:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-02-03 10:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-02-03 10:20 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-03 10:20 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-02-03 10:20 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-02-03 10:20 - 2013-07-31 11:33 - 00000000 ____D () C:\ProgramData\PRICache
2014-02-03 10:19 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Vorlagen
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Startmenü
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Netzwerkumgebung
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Lokale Einstellungen
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Eigene Dateien
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Druckumgebung
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01_2\Anwendungsdaten
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Vorlagen
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Startmenü
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Netzwerkumgebung
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Lokale Einstellungen
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Eigene Dateien
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Druckumgebung
2014-02-03 10:18 - 2014-02-03 10:18 - 00000000 _SHDL () C:\Users\Karl_01\Anwendungsdaten
2014-02-03 10:15 - 2014-02-03 10:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-02-03 10:15 - 2014-02-03 10:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-02-03 10:15 - 2014-02-03 10:15 - 00000000 ____D () C:\Program Files\Realtek
2014-02-03 10:13 - 2014-02-03 10:13 - 00000000 __SHD () C:\Recovery
2014-02-03 10:12 - 2014-02-03 10:12 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-03 10:12 - 2014-02-03 10:12 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-03 10:12 - 2014-02-03 10:12 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-03 10:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-02-03 10:11 - 2014-02-03 10:11 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-02-03 10:11 - 2014-02-03 10:11 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-03 10:11 - 2014-02-03 10:11 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-03 10:11 - 2014-02-03 10:11 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-03 10:11 - 2014-02-03 10:11 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-03 10:11 - 2014-02-03 10:11 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-03 10:11 - 2014-02-03 10:11 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-03 10:08 - 2014-02-03 10:08 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-02-03 10:08 - 2014-02-03 10:08 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-03 10:08 - 2014-02-03 10:08 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-03 10:08 - 2014-02-03 10:08 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-02-03 10:08 - 2014-02-03 10:08 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-03 10:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-02-03 10:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-02-02 12:06 - 2014-02-01 15:32 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Notepad++
2014-02-01 20:53 - 2013-07-31 11:53 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-01 17:37 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-02-01 15:46 - 2013-10-31 01:05 - 00000000 ____D () C:\ProgramData\Norton
2014-02-01 15:31 - 2014-02-01 15:31 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\Notepad++
2014-02-01 15:31 - 2014-02-01 15:31 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-02-01 15:29 - 2014-02-01 15:28 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\ICQ-Profile
2014-02-01 15:28 - 2014-02-01 15:28 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\ICQM
2014-02-01 15:14 - 2014-02-01 15:14 - 00000000 ____D () C:\Program Files\Speccy
2014-02-01 10:25 - 2014-02-01 10:25 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\WinRAR
2014-02-01 09:18 - 2014-01-31 22:46 - 00000000 ____D () C:\ProgramData\Skype
2014-02-01 09:17 - 2014-02-01 09:17 - 00000000 ____D () C:\Users\Public\OEM
2014-02-01 09:17 - 2014-02-01 09:17 - 00000000 ____D () C:\Users\Karl_01_2\PicStream
2014-02-01 09:14 - 2014-02-01 09:14 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Macromedia
2014-02-01 09:11 - 2014-02-01 09:11 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\Adobe
2014-02-01 09:11 - 2014-02-01 09:11 - 00000000 ____D () C:\Users\Karl_01_2\AppData\Roaming\AcerRemote
2014-02-01 01:20 - 2014-02-01 01:20 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-02-01 00:08 - 2014-01-31 23:15 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\QipShot
2014-01-31 23:19 - 2013-07-31 11:53 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-01-31 23:16 - 2014-01-31 23:16 - 00000000 ____D () C:\ICQ
2014-01-31 23:15 - 2014-01-31 23:15 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\QipGuard
2014-01-31 23:15 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-01-31 23:14 - 2014-01-31 23:14 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\QIP
2014-01-31 23:14 - 2014-01-31 23:14 - 00000000 ____D () C:\Program Files (x86)\QIP 2012
2014-01-31 22:52 - 2014-01-31 22:46 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\ICQ-Profile
2014-01-31 22:51 - 2014-01-31 22:51 - 00000000 ____D () C:\Program Files\WinRAR
2014-01-31 22:47 - 2014-01-31 22:46 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-31 22:41 - 2014-01-31 22:41 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\Macromedia
2014-01-31 22:41 - 2014-01-31 22:41 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\Adobe
2014-01-31 22:41 - 2014-01-31 22:41 - 00000000 ____D () C:\Users\Karl_01\AppData\Roaming\AcerRemote
2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-29 09:15 - 2014-01-29 09:15 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-01-29 09:15 - 2014-01-29 09:15 - 00000000 ____D () C:\Program Files\Preload
2014-01-29 09:15 - 2014-01-29 09:15 - 00000000 ____D () C:\Program Files\Accessory Store
2014-01-29 09:15 - 2014-01-29 09:15 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-01-29 09:15 - 2013-10-31 01:03 - 00000000 ____D () C:\ProgramData\OEM
2014-01-29 09:15 - 2013-07-31 12:18 - 00000000 ___HD () C:\OEM
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Programme
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-01-29 06:07 - 2014-01-29 06:07 - 00000000 _SHDL () C:\Dokumente und Einstellungen
Some content of TEMP:
====================
C:\Users\karl_02\AppData\Local\Temp\SPSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- --- |
So funktioniert es:
AdwCleaner auf deinen Desktop.
SecurityCheck und:
