| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu geringWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.11.2014, 20:25
| #1 |
 |  Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Guten Abend, ich habe mein Laptop vor etwa 1 Woche auf Windows 8.1 upgedatet und nun bekomme ich die Meldung dass mein Arbeitsspeicher zu klein sei. Ich habe 8GB Arbeitsspeicher  Davor habe ich schon gelegentlich das Gefühl gehabt dass auch das Surfen im Internet sehr langsam ging und auch die Bootzeit des Laptops hat sich deutlich erhöht. Kann das sein dass ich mir etwas unerwünschtes eingefangen habe? Könnt ihr mir vielleicht weiterhelfen? Vielen Dank
__________________ Gruß, Kristine  |
|
07.11.2014, 20:33
| #2 |
| /// the machine /// TB-Ausbilder    | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.11.2014, 23:22
| #3 |
| | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Hi Schrauber,
__________________sorry für die doofe Nachfrage: aber wie kontrollier ich das nach bei Windows 8.1? Da hab ich kein *normales* Start  Hallochen...hat sich erledigt, ich habs rausgefunden. Hier sind mal die Texte FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by Kristine (ATTENTION: The logged in user is not administrator) on BIGTOY on 07-11-2014 23:19:10
Running from C:\Users\Kristine\Downloads
Loaded Profile: Kristine (Available profiles: AdMinchen & Kristine & Manuel & Administrator & Gast)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-05] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3760456 2013-04-23] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2985712 2013-06-04] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-02] (AVAST Software)
HKLM\...\RunOnce: [BrowserChoice] => C:\WINDOWS\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM - DefaultScope {5EDCC227-6AE2-4847-81B9-238F45FBD568} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM - {5EDCC227-6AE2-4847-81B9-238F45FBD568} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope {5EDCC227-6AE2-4847-81B9-238F45FBD568} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - {5EDCC227-6AE2-4847-81B9-238F45FBD568} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: The Amazon 1Button App for IE -> {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -> C:\AmazonAppIE.dll (Amazon Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-30]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-30]
CHR Extension: (Google Docs) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-30]
CHR Extension: (Google Drive) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-30]
CHR Extension: (YouTube) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-30]
CHR Extension: (Adblock Plus) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-30]
CHR Extension: (Google-Suche) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-30]
CHR Extension: (Avast SafePrice) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-11-04]
CHR Extension: (Google Tabellen) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-30]
CHR Extension: (Avast Online Security) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-31]
CHR Extension: (Ghostery) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-10-30]
CHR Extension: (Google Wallet) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-30]
CHR Extension: (Google Mail) - C:\Users\Kristine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-30]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-10-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-30]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-10-30] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-10-30] (Avast Software)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-01] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1911312 2013-08-30] (SoftThinks SAS)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-30] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-02] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-10-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-30] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-04-23] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-03] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-06-01] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [450632 2013-02-22] (RTS Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-04] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-04] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-10-30] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-07 23:19 - 2014-11-07 23:19 - 00015992 _____ () C:\Users\Kristine\Downloads\FRST.txt
2014-11-07 23:18 - 2014-11-07 23:19 - 00000000 ____D () C:\FRST
2014-11-07 23:18 - 2014-11-07 23:18 - 02114560 _____ (Farbar) C:\Users\Kristine\Downloads\FRST64.exe
2014-11-07 20:58 - 2014-11-07 20:58 - 00000197 _____ () C:\WINDOWS\system32\2014-11-07-19-58-13.072-AvastVBoxSVC.exe-3860.log
2014-11-02 21:51 - 2014-11-02 21:51 - 00000197 _____ () C:\WINDOWS\system32\2014-11-02-20-51-37.003-AvastVBoxSVC.exe-7472.log
2014-11-02 21:49 - 2014-11-02 21:49 - 00000197 _____ () C:\WINDOWS\system32\2014-11-02-20-49-37.003-AvastVBoxSVC.exe-11384.log
2014-11-02 21:47 - 2014-11-02 21:47 - 00000197 _____ () C:\WINDOWS\system32\2014-11-02-20-47-37.037-AvastVBoxSVC.exe-13080.log
2014-11-02 12:57 - 2014-11-02 13:01 - 00045764 _____ () C:\Users\Kristine\Documents\Vitamin D-Artikel (1).odt
2014-11-02 12:51 - 2014-11-02 12:51 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\OpenOffice
2014-11-02 12:49 - 2014-11-02 12:49 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-11-02 12:49 - 2014-11-02 12:49 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-11-02 12:48 - 2014-11-02 12:48 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-11-02 12:41 - 2014-11-02 12:43 - 164858324 _____ () C:\Users\Kristine\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-10-31 08:46 - 2014-10-31 08:46 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\AVAST Software
2014-10-30 10:05 - 2014-10-30 10:05 - 00000000 ____D () C:\AVAST Software
2014-10-30 09:55 - 2014-10-30 09:56 - 00000247 _____ () C:\WINDOWS\system32\2014-10-30-08-55-48.007-aswFe.exe-6868.log
2014-10-30 09:49 - 2014-10-30 09:55 - 00000247 _____ () C:\WINDOWS\system32\2014-10-30-08-49-57.089-aswFe.exe-7444.log
2014-10-30 09:49 - 2014-10-30 09:49 - 00000197 _____ () C:\WINDOWS\system32\2014-10-30-08-49-56.070-AvastVBoxSVC.exe-6280.log
2014-10-30 09:45 - 2014-10-30 09:46 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-10-30 09:45 - 2014-10-30 09:46 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-10-30 09:45 - 2014-10-30 09:45 - 00002048 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-10-30 09:45 - 2014-10-30 09:45 - 00001988 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2014-10-30 09:45 - 2014-10-30 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-30 09:44 - 2014-11-02 21:44 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-10-30 09:44 - 2014-11-02 21:44 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2014-10-30 09:44 - 2014-10-30 09:44 - 00449936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-10-30 09:44 - 2014-10-30 09:44 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-10-30 09:44 - 2014-10-30 09:44 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-10-30 09:44 - 2014-10-30 09:44 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-30 09:44 - 2014-10-30 09:44 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-10-30 09:44 - 2014-10-30 09:44 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-10-30 09:44 - 2014-10-30 09:44 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-30 09:44 - 2014-10-30 09:44 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-30 09:44 - 2014-10-30 09:44 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-30 09:44 - 2014-10-30 09:44 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2014-10-30 09:41 - 2014-10-30 09:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-30 09:39 - 2014-10-30 09:39 - 00001657 _____ () C:\Users\Kristine\Downloads\License.avastlic
2014-10-30 09:37 - 2014-10-30 09:41 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-30 09:36 - 2014-10-30 09:36 - 04976000 _____ (AVAST Software) C:\Users\Kristine\Downloads\avast_internet_security_setup_online.exe
2014-10-30 09:17 - 2014-10-30 09:17 - 00002269 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-30 09:17 - 2014-10-30 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-30 09:15 - 2014-11-07 20:56 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-30 09:15 - 2014-11-07 20:20 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 09:15 - 2014-10-30 09:17 - 00000000 ____D () C:\Users\Kristine\AppData\Local\Google
2014-10-30 09:14 - 2014-10-30 09:15 - 00000000 ____D () C:\Users\Kristine\AppData\Local\Deployment
2014-10-30 09:14 - 2014-10-30 09:14 - 00000000 __SHD () C:\Users\Kristine\AppData\Local\EmieUserList
2014-10-30 09:14 - 2014-10-30 09:14 - 00000000 __SHD () C:\Users\Kristine\AppData\Local\EmieSiteList
2014-10-30 09:14 - 2014-10-30 09:14 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\Macromedia
2014-10-30 09:14 - 2014-10-30 09:14 - 00000000 ____D () C:\Users\Kristine\AppData\Local\Apps\2.0
2014-10-29 23:41 - 2014-10-29 23:41 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\Leadertech
2014-10-29 23:40 - 2014-10-29 23:40 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\Intel Corporation
2014-10-29 23:40 - 2014-10-29 23:40 - 00000000 ____D () C:\Users\Kristine\AppData\Local\Power2Go8
2014-10-29 23:38 - 2014-10-29 23:38 - 00001452 _____ () C:\Users\Kristine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-29 23:38 - 2014-10-29 23:38 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\Adobe
2014-10-29 23:38 - 2014-10-29 23:38 - 00000000 ____D () C:\Users\Kristine\AppData\Local\VirtualStore
2014-10-29 23:37 - 2014-10-29 23:37 - 00000118 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-10-29 23:37 - 2014-10-29 23:37 - 00000020 ___SH () C:\Users\Kristine\ntuser.ini
2014-10-29 23:37 - 2014-10-29 23:37 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\Intel
2014-10-29 23:31 - 2014-10-29 23:31 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-10-29 23:28 - 2014-09-22 07:42 - 00278152 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-10-29 23:27 - 2014-08-16 05:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-29 23:27 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-29 23:27 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-29 23:27 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-29 23:27 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-29 23:27 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-29 23:27 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-29 23:27 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-29 23:27 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-29 23:27 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-29 23:27 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-29 23:27 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-29 23:27 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-29 23:27 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-29 23:27 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-29 23:27 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-29 23:27 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-29 23:27 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-29 23:27 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-29 23:27 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-29 23:27 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-29 23:27 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-29 23:27 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-29 23:27 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-29 23:27 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-29 23:27 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-29 23:27 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-29 23:27 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-29 23:27 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-29 23:27 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-29 23:27 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-29 23:26 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-29 23:26 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-29 23:26 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-29 23:26 - 2014-08-16 04:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-29 23:26 - 2014-08-16 04:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-29 23:26 - 2014-08-16 04:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-29 23:26 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-29 23:26 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-29 23:26 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-29 23:26 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-29 23:26 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-29 23:26 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-29 23:26 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-29 23:26 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-29 23:26 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-29 23:26 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-29 23:26 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-29 23:26 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-29 23:26 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 23:26 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-29 23:26 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-29 23:26 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-29 23:26 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 23:26 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-29 23:26 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-29 23:26 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-29 23:26 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-29 23:26 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-29 23:26 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-29 23:26 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-29 23:26 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-29 23:26 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-29 23:26 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-29 23:26 - 2014-08-01 00:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-29 23:26 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-29 23:26 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-29 23:26 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-29 23:26 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-29 23:26 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-29 23:26 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-29 23:26 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-29 23:26 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-29 23:25 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-29 23:25 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-10-29 23:25 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-29 23:25 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-29 23:25 - 2014-08-23 05:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-29 23:25 - 2014-08-23 05:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-29 23:25 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-29 23:25 - 2014-08-23 05:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-29 23:25 - 2014-08-23 05:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-29 23:24 - 2014-10-09 23:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-29 23:24 - 2014-10-08 23:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-29 23:24 - 2014-09-19 02:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-29 23:24 - 2014-09-05 03:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-10-29 23:24 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-10-29 23:24 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-29 23:24 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-29 23:24 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-29 23:24 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-29 23:24 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-10-29 23:24 - 2014-07-10 05:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-10-29 23:24 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-29 23:24 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-29 23:22 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-10-29 23:22 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-10-29 23:21 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-29 23:12 - 2014-10-29 23:12 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-10-29 22:57 - 2014-10-29 22:57 - 00000425 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-10-29 22:55 - 2014-11-07 21:04 - 01384985 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-29 22:55 - 2014-10-29 22:55 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-10-29 22:55 - 2014-10-29 22:55 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-10-29 22:46 - 2014-10-29 22:46 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-29 22:43 - 2014-11-07 20:55 - 00000000 ____D () C:\Users\Kristine
2014-10-29 22:43 - 2014-11-03 07:36 - 00000000 ____D () C:\Users\Manuel
2014-10-29 22:43 - 2014-10-29 22:57 - 00000000 ____D () C:\Users\AdMinchen
2014-10-29 22:43 - 2014-10-29 22:55 - 00051438 _____ () C:\WINDOWS\diagwrn.xml
2014-10-29 22:43 - 2014-10-29 22:55 - 00051438 _____ () C:\WINDOWS\diagerr.xml
2014-10-29 22:43 - 2014-10-29 22:53 - 00000000 ____D () C:\Users\Gast
2014-10-29 22:43 - 2014-10-29 22:53 - 00000000 ____D () C:\Users\Administrator
2014-10-29 22:43 - 2014-10-29 22:44 - 00000000 ___RD () C:\Users\Kristine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-29 22:43 - 2014-10-29 22:44 - 00000000 ___RD () C:\Users\Kristine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\Vorlagen
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\Startmenü
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\Netzwerkumgebung
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\Lokale Einstellungen
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\Eigene Dateien
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\Druckumgebung
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\Documents\Eigene Musik
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\Documents\Eigene Bilder
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\AppData\Local\Verlauf
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\AppData\Local\Anwendungsdaten
2014-10-29 22:43 - 2014-10-29 22:43 - 00000000 _SHDL () C:\Users\Kristine\Anwendungsdaten
2014-10-29 22:43 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\Kristine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-29 22:43 - 2014-09-24 07:18 - 00000369 _____ () C:\Users\Kristine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-29 22:43 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Kristine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-29 22:43 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Kristine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-29 22:37 - 2014-10-29 22:45 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-10-29 22:37 - 2014-10-29 22:37 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-10-29 22:37 - 2014-10-29 22:37 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-10-29 22:37 - 2014-10-29 22:37 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-10-29 22:37 - 2014-10-29 22:37 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_btmhsf_01011.Wdf
2014-10-29 22:37 - 2014-10-29 22:37 - 00000000 ____D () C:\Program Files\Synaptics
2014-10-29 22:36 - 2014-10-29 22:45 - 00000000 ____D () C:\Program Files\Intel
2014-10-29 22:36 - 2014-10-29 22:36 - 00849522 _____ () C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2014-10-29 22:36 - 2014-10-29 22:36 - 00458965 _____ () C:\WINDOWS\system32\Drivers\rtwavesmapro.dat
2014-10-29 22:36 - 2014-10-29 22:36 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-10-29 22:36 - 2014-10-29 22:36 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-10-29 22:36 - 2014-10-03 17:37 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-10-29 22:36 - 2014-10-03 17:37 - 00074240 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-10-29 22:35 - 2014-10-29 22:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-10-29 22:35 - 2014-10-29 22:35 - 00000000 ____D () C:\Program Files\Realtek
2014-10-29 22:32 - 2014-10-30 09:04 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-29 22:28 - 2014-10-29 22:28 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-29 22:28 - 2014-10-29 22:28 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-29 22:28 - 2014-10-29 22:28 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-29 22:28 - 2014-10-29 22:28 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-29 22:28 - 2014-10-29 22:28 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-29 22:27 - 2014-10-29 22:27 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-29 22:27 - 2014-10-29 22:27 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-29 22:27 - 2014-10-29 22:27 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-29 22:27 - 2014-10-29 22:27 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-29 22:27 - 2014-10-29 22:27 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-29 22:27 - 2014-10-29 22:27 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-29 22:20 - 2014-10-29 22:20 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-10-29 22:20 - 2014-10-29 22:20 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-29 22:20 - 2014-10-29 22:20 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-29 22:20 - 2014-10-29 22:20 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-29 22:20 - 2014-10-29 22:20 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-29 22:20 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-29 22:20 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-29 22:20 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-29 22:20 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-29 22:08 - 2014-10-29 22:55 - 00006656 _____ () C:\WINDOWS\comsetup.log
2014-10-29 21:00 - 2014-10-29 21:01 - 00000000 ____D () C:\ProgramData\softthinks
2014-10-29 21:00 - 2013-09-04 09:47 - 00000117 ____H () C:\DBAR_Ver.txt
2014-10-29 20:55 - 2014-10-29 20:55 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-10-29 19:50 - 2014-10-03 10:02 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-29 18:38 - 2014-10-29 22:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-10-29 18:37 - 2014-10-29 18:37 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-10-29 18:37 - 2014-10-29 18:37 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-10-29 16:42 - 2014-10-29 19:51 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-29 15:28 - 2014-10-29 15:29 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-29 15:21 - 2014-10-29 22:45 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-29 13:23 - 2014-10-29 13:23 - 00000516 _____ () C:\Users\Kristine\AppData\Local\Application.xml
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-10-29 13:21 - 2014-10-29 13:21 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-10-29 12:57 - 2014-10-29 21:12 - 00000000 ___HD () C:\$SysReset
2014-10-29 12:43 - 2014-10-29 12:44 - 00000000 ____D () C:\Users\Public\Documents\UpdateFehler
2014-10-29 12:43 - 2014-10-29 12:43 - 00000000 ____D () C:\Users\Public\Documents\UpdateWindows
2014-10-27 17:50 - 2014-10-27 17:52 - 00013984 _____ () C:\Users\Kristine\Documents\KücükVereinbarungHaus.odt
2014-10-27 11:02 - 2014-10-27 11:03 - 00000000 ____D () C:\Users\Kristine\Documents\DKVScansUnterlagen
2014-10-18 10:32 - 2014-10-18 10:32 - 00010550 _____ () C:\Users\Kristine\Downloads\Excel Berechnungstabelle (1).xlsx
2014-10-14 11:18 - 2014-10-14 11:19 - 00000000 ____D () C:\Users\Kristine\Documents\VolvoManuals
2014-10-12 17:52 - 2014-10-12 17:52 - 00417064 _____ () C:\Users\AdMinchen\Downloads\DellSystemDetect.exe
2014-10-12 17:27 - 2014-10-12 17:30 - 23794608 _____ (Dell Inc.) C:\Users\AdMinchen\Downloads\Serial-ATA_Driver_75MMV_WN_12.8.2.1000_A02.EXE
2014-10-12 17:26 - 2014-10-12 17:44 - 237912024 _____ (Dell Inc.) C:\Users\AdMinchen\Downloads\7437_Audio_Driver_MFTVK_WN_6.0.1.7111_A02.EXE
2014-10-12 17:26 - 2014-10-12 17:44 - 229016032 _____ (Dell Inc.) C:\Users\AdMinchen\Downloads\Network_Driver_0634F_WN_16.6.0.8_A02.EXE
2014-10-12 17:26 - 2014-10-12 17:43 - 218472312 _____ () C:\Users\AdMinchen\Downloads\App_WIDI_W84_X04_Setup-W1DHF_ZPE.exe
2014-10-12 17:26 - 2014-10-12 17:30 - 35629608 _____ (Dell Inc.) C:\Users\AdMinchen\Downloads\Input_Driver_15K08_WN_17.0.13.51_A02.EXE
2014-10-12 17:26 - 2014-10-12 17:28 - 10739592 _____ (Phoenix Technologies Ltd.) C:\Users\AdMinchen\Downloads\7737A09.exe
2014-10-12 17:26 - 2014-10-12 17:27 - 06660480 _____ (Dell Inc.) C:\Users\AdMinchen\Downloads\Network_Driver_4P0C3_WN_1.4.0.0_A00.EXE
2014-10-12 17:26 - 2014-10-12 17:26 - 12513784 _____ (Dell Inc.) C:\Users\AdMinchen\Downloads\Application_TNCCG_WN_11.1.12_X03.EXE
2014-10-12 17:26 - 2014-10-12 17:26 - 00680632 _____ () C:\Users\AdMinchen\Downloads\DellUpdate.1.0.1059_ZPE.exe
2014-10-12 17:25 - 2014-10-12 17:26 - 01274736 _____ () C:\Users\AdMinchen\Downloads\DellDigitalDelivery.2.9.901.0_Install_ZPE.exe
2014-10-12 12:00 - 2014-10-12 12:00 - 10739592 _____ (Phoenix Technologies Ltd.) C:\Users\Kristine\Downloads\7737A09.exe
2014-10-12 11:53 - 2014-10-12 11:54 - 00417064 _____ () C:\Users\Kristine\Downloads\DellSystemDetect.exe
2014-10-12 10:10 - 2014-10-12 10:10 - 00004768 _____ () C:\Users\AdMinchen\Downloads\Windows 8_1-Upgrade-Assistent.txt
2014-10-12 10:06 - 2014-10-12 17:43 - 00000000 ____D () C:\Users\Public\Documents\Windows 8_1-Upgrade-Assistent-Dateien
2014-10-12 10:06 - 2014-10-12 10:06 - 00025508 _____ () C:\Users\Public\Documents\Windows 8_1-Upgrade-Assistent.html
2014-10-12 10:06 - 2014-10-12 10:06 - 00004768 _____ () C:\Users\Public\Documents\Windows 8_1-Upgrade-Assistent.txt
2014-10-12 09:59 - 2014-10-12 10:00 - 06431728 _____ (Microsoft Corporation) C:\Users\AdMinchen\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411 (1).exe
2014-10-12 09:57 - 2014-10-12 09:57 - 06431728 _____ (Microsoft Corporation) C:\Users\Kristine\Downloads\OSGS14-WindowsUpgradeAssistant-32bitand64bit-ClientSKU-4141411 (1).exe
2014-10-12 09:32 - 2014-10-12 09:32 - 35629608 _____ (Dell Inc.) C:\Users\Kristine\Downloads\Input_Driver_15K08_WN_17.0.13.51_A02.EXE
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-07 23:15 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-07 20:59 - 2014-09-24 07:17 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-07 20:59 - 2014-09-24 06:43 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-07 20:59 - 2014-09-24 06:43 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-07 20:57 - 2013-10-19 15:17 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-11-07 20:57 - 2013-10-19 15:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-11-07 20:55 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-07 20:54 - 2014-09-23 22:06 - 00003968 _____ () C:\WINDOWS\PFRO.log
2014-11-07 20:54 - 2013-08-22 15:44 - 00371584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-07 20:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-07 20:10 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-06 20:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-01 18:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-31 18:28 - 2013-11-30 16:00 - 00000000 ____D () C:\Users\Kristine\AppData\Local\Packages
2014-10-29 23:34 - 2014-09-24 08:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-29 23:34 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-29 23:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-29 23:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-29 23:12 - 2013-08-22 15:46 - 00439068 _____ () C:\WINDOWS\setupact.log
2014-10-29 22:57 - 2013-10-19 14:46 - 00000000 ____D () C:\Intel
2014-10-29 22:55 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-29 22:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-29 22:55 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-10-29 22:53 - 2013-10-19 14:49 - 01804472 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-10-29 22:53 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-29 22:53 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-29 22:47 - 2013-10-19 15:13 - 00000000 ____D () C:\WINDOWS\de
2014-10-29 22:47 - 2013-10-19 15:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2014-10-29 22:47 - 2013-10-19 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2014-10-29 22:47 - 2013-10-19 14:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-10-29 22:47 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-29 22:46 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-10-29 22:46 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-10-29 22:46 - 2014-09-24 06:43 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-10-29 22:46 - 2013-10-19 14:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-10-29 22:46 - 2013-08-22 16:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-29 22:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-29 22:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-29 22:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-29 22:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-10-29 22:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-29 22:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-29 22:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-29 22:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-10-29 22:46 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-29 22:46 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-29 22:46 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-29 22:45 - 2013-10-19 15:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2014-10-29 22:45 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-29 22:45 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-29 22:45 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-29 22:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-29 22:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-29 22:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-29 22:37 - 2013-08-22 15:46 - 00000084 _____ () C:\WINDOWS\setuperr.log
2014-10-29 22:32 - 2014-10-07 19:03 - 00000000 __SHD () C:\Recovery
2014-10-29 22:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-29 22:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-29 22:28 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-29 22:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-29 22:13 - 2013-10-19 14:31 - 01665890 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-29 21:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-29 20:41 - 2013-10-19 15:14 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-29 20:41 - 2013-10-19 15:14 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-10-29 19:30 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-29 18:38 - 2013-10-19 14:51 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-29 18:37 - 2013-10-19 14:47 - 00000000 ____D () C:\ProgramData\Intel
2014-10-29 16:03 - 2013-10-19 15:03 - 00000000 ____D () C:\ProgramData\PCDr
2014-10-14 18:30 - 2014-05-17 10:05 - 00226304 ___SH () C:\Users\Kristine\Downloads\Thumbs.db
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by Kristine at 2014-11-07 23:19:56
Running from C:\Users\Kristine\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Amazon 1Button App for Windows Taskbar (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.2 - Amazon)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.0.3 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.0.3 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.13 - Synaptics Incorporated)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36943 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0354 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.0.56 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.12 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21220 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => ?
==================== Loaded Modules (whitelisted) =============
2013-10-19 15:18 - 2013-08-19 09:21 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-10-19 15:18 - 2013-08-19 09:21 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-10-19 15:18 - 2013-08-19 09:21 - 00035104 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRShellExtension.dll
2014-10-03 17:36 - 2014-10-03 17:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-03-11 09:17 - 2013-03-11 09:17 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
AdMinchen (S-1-5-21-3988005159-474404469-3811382638-1001 - Administrator - Enabled) => C:\Users\AdMinchen
Administrator (S-1-5-21-3988005159-474404469-3811382638-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-3988005159-474404469-3811382638-501 - Limited - Enabled) => C:\Users\Gast
Kristine (S-1-5-21-3988005159-474404469-3811382638-1002 - Limited - Enabled) => C:\Users\Kristine
Manuel (S-1-5-21-3988005159-474404469-3811382638-1003 - Limited - Enabled) => C:\Users\Manuel
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/07/2014 08:57:39 PM) (Source: MsiInstaller) (EventID: 11939) (User: NT-AUTORITÄT)
Description: Product: Dell Update -- Error 1939. Service 'Dell Update Service' (DellUpdate) could not be configured. This could be a problem with the package or your permissions. Verify that you have sufficient privileges to configure system services.
Error: (11/07/2014 08:57:39 PM) (Source: MsiInstaller) (EventID: 11923) (User: NT-AUTORITÄT)
Description: Product: Dell Update -- Error 1923. Service 'Dell Update Service' (DellUpdate) could not be installed. Verify that you have sufficient privileges to install system services.
Error: (11/07/2014 08:46:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: chrome.dll, Version: 38.0.2125.111, Zeitstempel: 0x54471342
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000027b3
ID des fehlerhaften Prozesses: 0x39b0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5
Error: (11/07/2014 01:43:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: chrome.dll, Version: 38.0.2125.111, Zeitstempel: 0x54471342
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000027b3
ID des fehlerhaften Prozesses: 0x383c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5
Error: (11/02/2014 04:15:43 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/01/2014 03:26:52 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (10/31/2014 08:56:15 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (10/29/2014 10:55:12 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "IntelWLANEventProvider" wurde versucht, die Abfrage "select * from CIntelQosEvent" zu registrieren, deren Zielklasse "CIntelQosEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (10/29/2014 10:55:12 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "IntelWLANEventProvider" wurde versucht, die Abfrage "select * from CIntelDot1xEvent" zu registrieren, deren Zielklasse "CIntelDot1xEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (10/29/2014 10:55:12 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "IntelWLANEventProvider" wurde versucht, die Abfrage "select * from CIntelWLANEvent" zu registrieren, deren Zielklasse "CIntelWLANEvent" im Namespace "//./ROOT/default" nicht vorhanden ist. Die Abfrage wird ignoriert.
System errors:
=============
Error: (11/07/2014 08:54:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.11.2014 um 20:25:20 unerwartet heruntergefahren.
Error: (11/07/2014 08:10:49 PM) (Source: DCOM) (EventID: 10010) (User: BigToy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (11/07/2014 08:10:19 PM) (Source: DCOM) (EventID: 10010) (User: BigToy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (11/07/2014 08:09:49 PM) (Source: DCOM) (EventID: 10010) (User: BigToy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (11/07/2014 08:09:19 PM) (Source: DCOM) (EventID: 10010) (User: BigToy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (11/07/2014 07:39:12 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 70. Der Windows-SChannel-Fehlerstatus lautet: 105.
Error: (11/07/2014 04:18:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (11/07/2014 04:17:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/07/2014 04:09:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/07/2014 02:04:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (11/07/2014 08:57:39 PM) (Source: MsiInstaller) (EventID: 11939) (User: NT-AUTORITÄT)
Description: Product: Dell Update -- Error 1939. Service 'Dell Update Service' (DellUpdate) could not be configured. This could be a problem with the package or your permissions. Verify that you have sufficient privileges to configure system services.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/07/2014 08:57:39 PM) (Source: MsiInstaller) (EventID: 11923) (User: NT-AUTORITÄT)
Description: Product: Dell Update -- Error 1923. Service 'Dell Update Service' (DellUpdate) could not be installed. Verify that you have sufficient privileges to install system services.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/07/2014 08:46:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe38.0.2125.1115447163bchrome.dll38.0.2125.11154471342c0000005000027b339b001cffabaf502babbC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\chrome.dllc4eddc4a-66b6-11e4-be72-0c8bfd9c4586
Error: (11/07/2014 01:43:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe38.0.2125.1115447163bchrome.dll38.0.2125.11154471342c0000005000027b3383c01cffa82ad68e58aC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\chrome.dllb1f13fd1-667b-11e4-be72-0c8bfd9c4586
Error: (11/02/2014 04:15:43 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (11/01/2014 03:26:52 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (10/31/2014 08:56:15 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (10/29/2014 10:55:12 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: IntelWLANEventProviderselect * from CIntelQosEventCIntelQosEvent//./ROOT/default
Error: (10/29/2014 10:55:12 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: IntelWLANEventProviderselect * from CIntelDot1xEventCIntelDot1xEvent//./ROOT/default
Error: (10/29/2014 10:55:12 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: IntelWLANEventProviderselect * from CIntelWLANEventCIntelWLANEvent//./ROOT/default
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 33%
Total physical RAM: 8090.57 MB
Available physical RAM: 5374.64 MB
Total Pagefile: 27546.57 MB
Available Pagefile: 24602.73 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.09 GB) (Free:768.39 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
__________________ |
|
08.11.2014, 20:11
| #4 |
| /// the machine /// TB-Ausbilder | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter cmd: type C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.11.2014, 23:35
| #5 |
| | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Hallo Schrauber... hoffe das war richtig so, folgender Text kam dabei raus: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-11-2014 01
Ran by Kristine at 2014-11-08 23:33:49 Run:1
Running from C:\Users\Kristine\Downloads
Loaded Profile: Kristine (Available profiles: AdMinchen & Kristine & Manuel & Administrator & Gast)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
cmd: type C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
*****************
========= type C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat =========
@echo off
regsvr32 /s igfxDH.dll
regsvr32 /s igfxDI.dll
regsvr32 /s igfxLHM.dll
regsvr32 /s igfxCPL.cpl
regsvr32 /s igfxOSP.dll
regsvr32 /s igfxDTCM.dll
regsvr32 /s igfxexps.dll
igfxext.exe /regserver
igfxTray.exe /regserver
igfxHK.exe /regserver
start igfxEM.exe /RegServerPerUser
GfxUIEx.exe /regserver
start igfxEM.exe
start igfxTray.exe
start igfxHK.exe
del /Q {F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
========= End of CMD: =========
==== End of Fixlog ====
__________________ Gruß, Kristine |
|
09.11.2014, 13:13
| #6 |
| /// the machine /// TB-Ausbilder | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Sieht gut aus, Malware ist da keine. Ich würde jetzt mal die Temps leeren, und dann den Rechner neu starten und nochmal testen.
__________________ --> Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering |
|
09.11.2014, 18:02
| #7 |
| | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Hallo schrauber, ähm...Temps leeren? Brauch da ne genauere Anleitung. Und was dann nochmal testen? Den ersten Scan? Danke für die Infos
__________________ Gruß, Kristine |
|
10.11.2014, 15:00
| #8 |
| /// the machine /// TB-Ausbilder | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Löschen von Dateien mithilfe der Datenträgerbereinigung - Windows-Hilfe Das machen, dann den Rechner nochmal testen wie er sich verhält
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.11.2014, 23:46
| #9 |
| | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Hallo Schrauber...so, danke...mach ich und meld mich dann wieder
__________________ Gruß, Kristine |
|
13.11.2014, 17:20
| #10 |
| /// the machine /// TB-Ausbilder | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.11.2014, 09:21
| #11 |
| | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Hallo Schrauber, also ich hab mal alles bereinigt und bis jetzt läufts ganz gut. Mir ist nichts aufgefallen weiter, war aber auch erst gestern abend. Wenn noch was hängt, dann meld ich mich wieder. Vielen Dank
__________________ Gruß, Kristine |
|
15.11.2014, 10:03
| #12 |
| /// the machine /// TB-Ausbilder | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering alles klar
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.11.2014, 23:27
| #13 |
| | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Hallo Schrauber, jetzt hab ich schon wieder die Meldung bekommen dass mein Arbeitsspeicher zu klein sei... *kopfkratz*
__________________ Gruß, Kristine |
|
17.11.2014, 13:59
| #14 |
| /// the machine /// TB-Ausbilder | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering Arbeitsspeicher? ODer virtueller Speicher? Mach bitte mal nen Screenshot von der Meldung.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.11.2014, 14:07
| #15 |
| | Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering ok...sobald sie wiederkommt häng ich sie an...
__________________ Gruß, Kristine |
|
| Themen zu Kurz nach Update auf Windows 8.1 Laptop sehr langsam und scheinbar Arbeitsspeicher zu gering |
| arbeitsspeicher, bootzeit, eingefangen, fehlercode 0xc0000005, fehlercode 28, fehlercode 70, gefangen, guten, inter, internet, internet sehr langsam, langsam, laptop, meldung, schei, surfen, unerwünschtes, weiterhelfen, windows |
Linear-Darstellung
