|
Plagegeister aller Art und deren Bekämpfung: Plötzlich langsames Internet und viel WerbungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.07.2013, 22:25 | #1 |
| Plötzlich langsames Internet und viel Werbung Hallo Trojaner-Board-Nutzer, seit gestern ist mir aufgefallen, dass auf meinen regelmäßig besuchten Internetseiten plötzlich mehr und großflächigere Werbeanzeigen aufgetaucht sind. Außerdem ist mein Internet recht langsam. Manchmal dauert es einige Minuten um meine Seite aufzurufen. Was mir auch aufgefallen ist: Seit gestern öffnet sich auch in regelmäßigen Abständen die Internetseite bizcoaching.info. (Immer wenn ich in die Google-Suchleiste klicke) Vielen Dank schonmal im Vorraus! (PS: Das Antvirenprogramm Kaspersky habe ich auf meinem Laptop installiert und auch schon 'durchlaufen' lassen. Kann aber wohl wenig ändern, da sich die Probleme nur im www befinden) |
01.07.2013, 22:31 | #2 |
/// TB-Ausbilder | Plötzlich langsames Internet und viel Werbung Hallo,
__________________dann suchen wir doch die Verursacher: Downloade dir bitte die für dein System passende Version (32-bit/64-bit) von Farbar Recovery Scan Tool (FRST) und speichere es auf den Desktop. (Wenn du nicht sicher bist, welche du benötigst: Start -> Computer (Rechtsklick) -> Eigenschaften)
__________________ |
02.07.2013, 19:13 | #3 |
| Plötzlich langsames Internet und viel Werbung Vielen Dank für die schnelle Antwort
__________________Installiert. Gescant. Das kam dabei raus... Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2013 Ran by Rebecca at 2013-07-02 20:09:17 Running from C:\Users\Rebecca\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= clear.fi SDK - Video 2 (x32 Version: 2.1.1925) clear.fi SDK- Movie 2 (x32 Version: 2.1.2008) Acer Backup Manager (x32 Version: 4.0.0.0059) Acer Device Fast-lane (Version: 1.00.3008) Acer Instant Update Service (Version: 1.00.3013) Acer Power Management (Version: 7.00.3007) Acer Recovery Management (Version: 6.00.3011) AcerCloud (x32 Version: 2.01.3115) AcerCloud Docs (x32 Version: 1.00.3201) Adobe Bridge 1.0 (x32 Version: 001.000.001) Adobe Common File Installer (x32 Version: 1.00.001) Adobe Help Center 1.0 (x32 Version: 1.0.1) Adobe Illustrator CS2 (x32 Version: 12.000.000) Adobe InDesign CS2 (x32 Version: 004.000.000) Adobe Photoshop CS2 (x32 Version: 9.0) Adobe Stock Photos 1.0 (x32 Version: 1.0.1) Adobe SVG Viewer 3.0 (x32 Version: 3.0) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98) Alcor Micro USB Card Reader (x32 Version: 3.5.42.61532) Aloha TriPeaks (x32 Version: 2.2.0.98) AMD Accelerated Video Transcoding (Version: 12.5.100.20918) AMD APP SDK Runtime (Version: 10.0.938.2) AMD Catalyst Install Manager (Version: 8.0.881.0) AMD Quick Stream (Version: 3.3.26.0) AMD VISION Engine Control Center (x32 Version: 2012.0918.260.3365) Backup Manager v4 (x32 Version: 4.0.0.0059) BackupPCFiles 1.0.0.676 (x32 Version: 1.0.0.676) Bejeweled 3 (x32 Version: 2.2.0.98) BrowserDefender (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0918.260.3365) Catalyst Control Center InstallProxy (x32 Version: 2012.0918.260.3365) Catalyst Control Center Localization All (x32 Version: 2012.0918.260.3365) CCC Help Chinese Standard (x32 Version: 2012.0918.0259.3365) CCC Help Chinese Traditional (x32 Version: 2012.0918.0259.3365) CCC Help Czech (x32 Version: 2012.0918.0259.3365) CCC Help Danish (x32 Version: 2012.0918.0259.3365) CCC Help Dutch (x32 Version: 2012.0918.0259.3365) CCC Help English (x32 Version: 2012.0918.0259.3365) CCC Help Finnish (x32 Version: 2012.0918.0259.3365) CCC Help French (x32 Version: 2012.0918.0259.3365) CCC Help German (x32 Version: 2012.0918.0259.3365) CCC Help Greek (x32 Version: 2012.0918.0259.3365) CCC Help Hungarian (x32 Version: 2012.0918.0259.3365) CCC Help Italian (x32 Version: 2012.0918.0259.3365) CCC Help Japanese (x32 Version: 2012.0918.0259.3365) CCC Help Korean (x32 Version: 2012.0918.0259.3365) CCC Help Norwegian (x32 Version: 2012.0918.0259.3365) CCC Help Polish (x32 Version: 2012.0918.0259.3365) CCC Help Portuguese (x32 Version: 2012.0918.0259.3365) CCC Help Russian (x32 Version: 2012.0918.0259.3365) CCC Help Spanish (x32 Version: 2012.0918.0259.3365) CCC Help Swedish (x32 Version: 2012.0918.0259.3365) CCC Help Thai (x32 Version: 2012.0918.0259.3365) CCC Help Turkish (x32 Version: 2012.0918.0259.3365) ccc-utility64 (Version: 2012.0918.260.3365) clear.fi Media (x32 Version: 2.01.3108) clear.fi Photo (x32 Version: 2.01.3108) Conexant HD Audio (Version: 8.54.44.51) CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819) DealPly (HKCU) DealPly (remove only) (x32 Version: 4.8.6.1) Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98) Delta Chrome Toolbar (x32) Delta toolbar (x32 Version: 1.8.21.5) Desk 365 (x32 Version: 1.12.16) Dropbox (HKCU Version: 2.0.26) eSafe Security Control 1.0.0.2522 (x32 Version: 1.0.0.2522) ETDWare PS/2-X64 11.6.9.001_WHQL (Version: 11.6.9.001) FORTE 4 - Free Edition (x32 Version: 4) Google Chrome (HKCU Version: 27.0.1453.116) Identity Card (x32 Version: 2.00.3004) Island Tribe (x32 Version: 2.2.0.98) Jewel Match 3 (x32 Version: 2.2.0.98) John Deere Drive Green (x32 Version: 2.2.0.95) Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190) Launch Manager (x32 Version: 7.0.4) Live Updater (x32 Version: 2.00.3004) Ludwig 3.0 (x32 Version: 3.0.0.1) Lyrics Finder (x32) Magic Academy (x32 Version: 2.2.0.98) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft Office Professional Edition 2003 (x32 Version: 11.0.5614.0) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0) MyWinLocker (Version: 4.0.14.35) MyWinLocker 4 (x32 Version: 4.0.14.35) MyWinLocker Suite (x32 Version: 4.0.14.24) NTI Media Maker 9 (x32 Version: 9.0.2.9008) Office Addin (x32 Version: 2.01.3200) Open It! (x32 Version: 1.1.1) OpenOffice.org 3.4.1 (x32 Version: 3.41.9593) PC Speed Maximizer v3.1 (x32 Version: 3.1) PDF Creator PDF Writer Packages (HKCU) PDF Writer Packages 11 (HKCU) Penguins! (x32 Version: 2.2.0.98) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98) Plus-HD-2.3 (x32 Version: 1.27.153.5) Polar Bowler (x32 Version: 2.2.0.97) Qtrax Player (HKCU) Qtrax Player (x32 Version: 01.001.0001) Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.209) Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.13) Shared C Run-time for x64 (Version: 10.0.0) Shredder (Version: 2.0.8.9) Shredder (x32 Version: 2.0.8.9) Spotify (x32 Version: 0.8.4.99.ga249b5f1) Tales of Lagoona (x32 Version: 2.2.0.110) Update for Zip Opener (HKCU) Update Installer for WildTangent Games App (x32) Visual Studio 2005 Tools for Office Second Edition Runtime (x32) Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729) Visual Studio Tools for the Office system 3.0 Runtime (x32) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1) Wajam (x32 Version: 1.80) WebCake 3.00 (Version: 3.00) WildTangent Games (x32 Version: 1.0.3.0) WildTangent Games App (x32 Version: 4.0.9.3) Zip Opener Packages (HKCU) Zuma's Revenge (x32 Version: 2.2.0.98) ==================== Restore Points ========================= 15-06-2013 22:32:54 Geplanter Prüfpunkt 20-06-2013 21:48:08 Installed Ludwig 3.0 24-06-2013 14:54:34 Windows Update 01-07-2013 10:32:01 Entfernt Atheros Communications Inc.(R) AR81Family Gigabit/Fast R] a ==================== Scheduled Tasks (whitelisted) ============= Task: {01E27AC1-51E7-4717-9625-7C93C11E4ED4} - System32\Tasks\Lyrics Finder Update => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe [2013-02-27] (Nijad Software) Task: {0DA8A6C4-DBE8-4CD0-9040-E30851CBA3AB} - System32\Tasks\Task BackupPCFiles => C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.TaskScheduler.exe [2013-05-07] () Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {14B1518E-6B39-43F0-A52F-060AEA10D43B} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] () Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {18FB23DC-658C-455C-BF77-BA77D70569DE} - System32\Tasks\Plus-HD-2.3-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe [2013-06-30] (Plus HD) Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {1F03B27A-8849-4E0F-83D9-DC9EDE51BA87} - System32\Tasks\DealPlyUpdate => C:\Program No File Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {21ED3BFC-DE3D-41C8-BA2E-F3F2C483CF56} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {3EC330FC-D164-4C37-A4BC-3F2E1A68BBEF} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4265992392-2356816179-987210788-1001 Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {4325F945-E652-4329-A43F-3650E7C361F8} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation) Task: {438139D7-1488-45CA-934F-366EB728C091} - System32\Tasks\DSite => C:\Users\Rebecca\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-07-01] () Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {5180FB42-F2E8-46AE-849A-80ECFFE7378C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-28] (Google Inc.) Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {5FC99E41-E598-4E05-8BD2-B6C406A4B143} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] () Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation) Task: {66B9B946-72B9-44A0-9BC4-01D5D339A575} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4265992392-2356816179-987210788-500 Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation) Task: {6EA08B46-1BC2-44E2-8526-3DFAA4F35328} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {738A0A7B-DF1F-4504-A16A-693C0CD28CC8} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] () Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {811429EB-54FC-493A-B3A0-9224A2195644} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe [2013-07-01] (337 Technology Limited.) Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {8EDE8B4F-7A00-4874-8D7D-D4494E095E47} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {97AA14A9-112E-414D-8F8C-6AB25A9304D1} - System32\Tasks\Plus-HD-2.3-codedownloader => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-06-30] (Plus HD) Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {99261903-B0ED-43FF-AB5F-8FF3D1F7B850} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {9F3C740E-EE05-44AF-A176-C59922E0CAD7} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-09-05] (Acer Incorporated) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation) Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {B47EFA2E-0FE7-4AFF-8E2B-BFA2ADE9EFC8} - System32\Tasks\Plus-HD-2.3-enabler => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-06-30] (Plus HD) Task: {B531D19A-AEC0-4033-A15D-7B33322EB871} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-01-24] (Microsoft Corporation) Task: {BA190B70-E058-4BC9-8055-E195A362F3BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-28] (Google Inc.) Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C58FC3F8-DAA2-47F0-BB5B-E8D81A0C665D} - System32\Tasks\Plus-HD-2.3-updater => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-06-30] (Plus HD) Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {CAB8603B-DCA4-4547-9118-16234BA63063} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation) Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {DABD0657-CC02-40B6-81E9-DB2C050FB0F5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation) Task: {E954CD40-1946-41D6-9433-7A645461C41A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {EC770716-0E38-4F87-A0FF-35C505AF56FD} - System32\Tasks\EPUpdater => C:\Users\Rebecca\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] () Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {EE620C39-9B11-4442-870C-8BE6759866A5} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] () Task: {F5A4610D-2FEC-4082-813C-A8AEC624A0CC} - System32\Tasks\DealPly => C:\Users\Rebecca\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE [2013-02-27] () Task: C:\Windows\Tasks\DSite.job => ? Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Lyrics Finder Update.job => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe Task: C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe ==================== Faulty Device Manager Devices ============= Name: Bluetooth USB Module Description: Bluetooth USB Module Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Qualcomm Atheros Communications Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/01/2013 00:56:35 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (06/30/2013 02:43:18 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: EvernoteMetro.exe, Version: 0.0.0.0, Zeitstempel: 0x5138d27c Name des fehlerhaften Moduls: MSVCR110.dll, Version: 11.0.51106.1, Zeitstempel: 0x5098858e Ausnahmecode: 0xc0000409 Fehleroffset: 0x000748e8 ID des fehlerhaften Prozesses: 0x1908 Startzeit der fehlerhaften Anwendung: 0xEvernoteMetro.exe0 Pfad der fehlerhaften Anwendung: EvernoteMetro.exe1 Pfad des fehlerhaften Moduls: EvernoteMetro.exe2 Berichtskennung: EvernoteMetro.exe3 Vollständiger Name des fehlerhaften Pakets: EvernoteMetro.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EvernoteMetro.exe5 Error: (06/29/2013 02:51:44 PM) (Source: Perflib) (User: ) Description: rdyboost4 Error: (06/29/2013 02:51:44 PM) (Source: Perflib) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (06/29/2013 02:22:53 PM) (Source: Application Hang) (User: ) Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1c4c Startzeit: 01ce74bde0db2c4e Endzeit: 4294967295 Anwendungspfad: C:\Windows\system32\wwahost.exe Berichts-ID: 979a9cb4-e0b6-11e2-be80-089e016dfe9a Vollständiger Name des fehlerhaften Pakets: Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (06/29/2013 02:22:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ASUSASPIREV5551) Description: Das Paket „Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2“ wurde beendet, da das Anhalten zu lange dauerte. Error: (06/29/2013 02:23:32 AM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (06/28/2013 04:41:58 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (06/26/2013 05:19:34 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (06/25/2013 06:39:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ASUSASPIREV5551) Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. System errors: ============= Error: (06/29/2013 02:51:23 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/29/2013 02:51:23 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/29/2013 02:51:10 PM) (Source: BugCheck) (User: ) Description: 0x0000009f (0x0000000000000003, 0xfffffa8012519880, 0xfffff80071708770, 0xfffffa8003ba2b10)C:\Windows\MEMORY.DMP062913-28470-01 Error: (06/29/2013 02:50:51 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am ?29.?06.?2013 um 14:08:29 unerwartet heruntergefahren. Error: (06/24/2013 11:46:15 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/24/2013 11:46:15 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/24/2013 11:46:06 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am ?24.?06.?2013 um 23:36:30 unerwartet heruntergefahren. Error: (06/24/2013 03:57:22 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/24/2013 03:57:22 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/18/2013 02:58:29 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Microsoft Office Sessions: ========================= Error: (07/01/2013 00:56:35 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (06/30/2013 02:43:18 PM) (Source: Application Error)(User: ) Description: EvernoteMetro.exe0.0.0.05138d27cMSVCR110.dll11.0.51106.15098858ec0000409000748e8190801ce758f618dc374C:\Program Files\WindowsApps\Evernote.Evernote_1.1.2.8_x86__q4d96b2w5wcc2\EvernoteMetro.exeC:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.51106.1_x86__8wekyb3d8bbwe\MSVCR110.dlla3057e24-e182-11e2-be81-089e016dfe9aEvernote.Evernote_1.1.2.8_x86__q4d96b2w5wcc2App Error: (06/29/2013 02:51:44 PM) (Source: Perflib)(User: ) Description: rdyboost4 Error: (06/29/2013 02:51:44 PM) (Source: Perflib)(User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (06/29/2013 02:22:53 PM) (Source: Application Hang)(User: ) Description: wwahost.exe6.2.9200.164201c4c01ce74bde0db2c4e4294967295C:\Windows\system32\wwahost.exe979a9cb4-e0b6-11e2-be80-089e016dfe9aEvernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2App Error: (06/29/2013 02:22:40 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ASUSASPIREV5551) Description: Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2 Error: (06/29/2013 02:23:32 AM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (06/28/2013 04:41:58 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (06/26/2013 05:19:34 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (06/25/2013 06:39:44 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ASUSASPIREV5551) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147023170 ==================== Memory info =========================== Percentage of memory in use: 59% Total physical RAM: 3530.26 MB Available physical RAM: 1420.64 MB Total Pagefile: 7114.26 MB Available Pagefile: 4281.94 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:449.45 GB) (Free:391.85 GB) NTFS (Disk=0 Partition=4) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: EE83A1CF) Partition: GPT Partition Type ==================== End Of Log ============================ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013 Ran by Rebecca (administrator) on 02-07-2013 20:08:07 Running from C:\Users\Rebecca\Desktop Windows 8 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.CppProxyServer.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Dropbox, Inc.) C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe () C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe () C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (Microsoft Corporation) C:\Windows\system32\wwahost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe (WebCake LLC) C:\Users\Rebecca\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC) C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe (Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (337 Technology Limited.) C:\Program Files (x86)\Desk 365\deskSvc.exe (337 Technology Limited.) C:\Program Files (x86)\Desk 365\desk365.exe (eSafe Security Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Plus HD) C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" [64640 2012-09-14] () HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [BackupPCFiles.Agent] "C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe" [249472 2013-05-07] (Bright Access) HKLM-x32\...\Runonce: [Del83630185] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x] HKLM-x32\...\Runonce: [Del83641683] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x] HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKCU\...\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-12-19] () HKCU\...\Run: [Google Update] "C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-05-28] (Google Inc.) HKCU\...\Run: [WebCake Desktop] "C:\Users\Rebecca\AppData\Roaming\WebCake\WebCakeDesktop.exe" [47896 2013-06-21] (WebCake LLC) HKCU\...\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [134456 2013-03-09] (Smart PC Solutions) HKCU\...\Run: [Desk 365] "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun [916048 2013-07-01] (337 Technology Limited.) HKCU\...\Runonce: [Del83630185] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x] HKCU\...\Runonce: [Del83641683] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x] HKCU\...\Runonce: [Qtrax] C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe 2902046931.portal.qtrax.com [x] MountPoints2: {72078e76-49c9-11e2-be69-806e6f6e6963} - "D:\SETUP.EXE" /AUTORUN HKLM-x32\...\Run: [LManager] [x] HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart [508656 2012-07-25] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-09-12] (Alcor Micro Corp.) HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [24504 2012-10-25] (Kaspersky Lab ZAO) HKU\Default\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated) HKU\Default User\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated) AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll [2521040 2013-05-23] () Startup: C:\ProgramData\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com HKLM SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com HKLM-x32 SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com HKCU SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKCU - {6F9161DA-7B64-4BA1-9C95-27EBF8F95363} URL = BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Plus-HD-2.3 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD) BHO-x32: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll (WebCake LLC) BHO-x32: Lyrics Finder - {398C01F1-E584-46AD-A649-4F78B435DCFE} - C:\Program Files (x86)\LyricsFinder\lfind.dll (Nijad Software) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly) Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com) Handler: msdaipp - No CLSID Value - Handler-x32: msdaipp - No CLSID Value - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Chrome: ======= CHR HomePage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929 CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929" CHR DefaultSearchURL: (Ecosia) - hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch CHR DefaultSuggestURL: (Ecosia) - hxxp://ecosia.org/ajax/searchsuggestions.php?q={searchTerms}&addon=opensearch CHR Plugin: (Shockwave Flash) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll () CHR Plugin: (Google Update) - C:\Users\Rebecca\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Kaspersky URL Advisor) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0 CHR Extension: (Emma Bridgewater) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennchkafgbngcmjcbbicbobbdomhmklc\2_0 CHR Extension: (Delta Toolbar) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0 CHR Extension: (WebCake) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0 CHR Extension: (DealPly Shopping) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.3.0_0 CHR Extension: (Lyrics Finder) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110_0 CHR Extension: (Safe Money) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0 CHR Extension: (Content Blocker) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0 CHR Extension: (Virtual Keyboard) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0 CHR Extension: (Wajam) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24 CHR Extension: (Plus-HD-2.3) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0 CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR Extension: (Anti-Banner) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0 ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-05-28] (Adobe Systems) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-28] (Kaspersky Lab ZAO) R2 BackupPCFilesService; C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe [67712 2013-05-07] (Bright Access) R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] () R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated) R2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [201376 2012-06-08] (Conexant Systems Inc.) R2 desksvc; C:\Program Files (x86)\Desk 365\deskSvc.exe [424016 2013-07-01] (337 Technology Limited.) S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-09-21] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated) R2 eSafeSvc; C:\ProgramData\eSafe\eGdpSvc.exe [361536 2013-07-01] (eSafe Security Co., Ltd.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [85904 2012-09-05] (ELAN Microelectronics Corp.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-19] (Dritek System INC.) R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam) R2 WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [23552 2013-06-21] (WebCake LLC) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-09-10] (Atheros) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [x] ==================== Drivers (Whitelisted) ==================== R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-05-28] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29016 2013-05-28] (Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-28] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-05-28] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-19] (Dritek System Inc.) S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST 2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk 2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe 2013-07-01 22:18 - 2013-07-01 22:18 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PC Speed Maximizer 2013-07-01 20:01 - 2013-07-02 20:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365 2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Desk 365 2013-07-01 20:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-07-01 20:00 - 2013-07-01 20:00 - 00001121 ____A C:\Users\Rebecca\Desktop\PC Speed Maximizer.lnk 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\Wajam 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____A C:\END 2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe 2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller 2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WebCake 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Program Files (x86)\WebCake 2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe 2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt 2013-06-30 21:04 - 2013-07-01 13:20 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT 2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe 2013-06-30 14:06 - 2013-07-02 20:06 - 00001230 ____A C:\Windows\Tasks\Plus-HD-2.3-updater.job 2013-06-30 14:06 - 2013-07-01 13:56 - 00000448 ____A C:\Windows\Tasks\Lyrics Finder Update.job 2013-06-30 14:06 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\LyricsFinder 2013-06-30 14:05 - 2013-07-02 20:05 - 00001940 ____A C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job 2013-06-30 14:05 - 2013-07-02 20:05 - 00001234 ____A C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job 2013-06-30 14:05 - 2013-07-02 20:05 - 00001134 ____A C:\Windows\Tasks\Plus-HD-2.3-enabler.job 2013-06-30 14:05 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\ProgramData\BrowserDefender 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta 2013-06-30 14:05 - 2011-10-04 22:43 - 00087552 ____A C:\Windows\System32\custmon64i.dll 2013-06-30 14:04 - 2013-07-02 19:44 - 00000326 ____A C:\Windows\Tasks\DSite.job 2013-06-30 14:04 - 2013-07-01 14:04 - 00000000 ____D C:\Program Files (x86)\DealPly 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-06-30 14:03 - 2013-06-30 14:04 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe 2013-06-29 14:50 - 2013-06-29 14:51 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp 2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP 2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump 2013-06-24 23:45 - 2013-06-24 23:46 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-24 16:14 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2013-06-24 16:14 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll 2013-06-22 21:53 - 2013-06-22 21:54 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner 2013-06-22 21:45 - 2013-06-22 22:05 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama 2013-06-21 22:41 - 2013-06-28 19:06 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig 2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase 2013-06-21 22:37 - 2013-06-21 23:16 - 00000538 ____A C:\Windows\DirectX.log 2013-06-21 22:37 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll 2013-06-21 22:37 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2013-06-21 22:37 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll 2013-06-21 22:37 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase 2013-06-21 22:07 - 2013-06-21 22:26 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi 2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2013-06-21 13:45 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll 2013-06-21 13:45 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2013-06-21 13:44 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2013-06-21 13:44 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-06-21 13:44 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll 2013-06-21 13:44 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-06-21 13:44 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe 2013-06-21 13:44 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll 2013-06-21 13:44 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe 2013-06-21 13:44 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2013-06-21 13:44 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe 2013-06-21 13:44 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS 2013-06-21 13:44 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys 2013-06-21 13:44 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS 2013-06-21 13:44 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2013-06-21 13:44 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll 2013-06-21 13:44 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl 2013-06-21 13:44 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe 2013-06-21 13:44 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2013-06-21 13:44 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll 2013-06-21 13:44 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl 2013-06-21 13:44 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs 2013-06-21 13:44 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys 2013-06-21 13:44 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys 2013-06-21 13:44 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys 2013-06-21 13:44 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs 2013-06-21 13:44 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml 2013-06-21 13:44 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-06-21 13:44 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-06-21 13:44 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-06-21 13:44 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe 2013-06-21 13:44 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-06-21 13:44 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2013-06-21 13:44 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2013-06-21 13:43 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-21 13:43 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-21 13:43 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-06-21 13:43 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-21 13:43 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-21 13:43 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-21 13:43 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2013-06-21 13:42 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-06-21 13:42 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll 2013-06-21 13:42 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-21 13:42 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-21 13:42 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-21 13:42 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-21 13:42 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-06-21 13:42 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-20 22:52 - 2013-06-20 23:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi 2013-06-13 22:06 - 2013-06-13 22:07 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip 2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe 2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe 2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe 2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink 2013-06-10 11:57 - 2013-06-06 08:31 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk 2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT 2013-06-08 13:43 - 2013-06-08 13:44 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd 2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-06-06 18:32 - 2013-07-01 22:22 - 00000000 ___RD C:\Users\Rebecca\Dropbox 2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk 2013-06-06 18:26 - 2013-07-01 22:28 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox 2013-06-06 18:24 - 2013-06-06 18:25 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe 2013-06-05 19:21 - 2013-06-30 14:43 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps 2013-06-05 19:20 - 2013-06-05 19:21 - 00000000 ____D C:\ProgramData\BackupPCFiles 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles 2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe 2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk 2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip 2013-06-04 22:59 - 2013-06-06 14:22 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt 2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt 2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys 2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys 2013-06-03 23:06 - 2013-07-01 16:26 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign 2013-06-02 14:08 - 2012-10-12 08:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll 2013-06-02 14:08 - 2012-10-12 07:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll 2013-06-02 14:07 - 2012-10-24 06:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll 2013-06-02 14:07 - 2012-10-17 06:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll 2013-06-02 14:07 - 2012-10-17 06:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll 2013-06-02 14:07 - 2012-10-17 06:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll 2013-06-02 14:07 - 2012-10-17 05:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2013-06-02 14:07 - 2012-10-17 05:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2013-06-02 14:07 - 2012-10-17 05:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2013-06-02 14:06 - 2012-10-11 09:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll 2013-06-02 14:06 - 2012-10-11 09:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe 2013-06-02 14:06 - 2012-10-11 09:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys 2013-06-02 14:06 - 2012-10-11 09:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys 2013-06-02 14:06 - 2012-10-11 09:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2013-06-02 14:06 - 2012-10-11 09:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys 2013-06-02 14:06 - 2012-10-11 09:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys 2013-06-02 14:06 - 2012-10-11 09:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2013-06-02 14:06 - 2012-10-11 07:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2013-06-02 14:06 - 2012-10-11 07:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll 2013-06-02 14:06 - 2012-10-11 07:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe 2013-06-02 14:06 - 2012-10-11 07:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll 2013-06-02 14:06 - 2012-10-11 07:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe 2013-06-02 14:06 - 2012-10-11 07:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll 2013-06-02 14:06 - 2012-10-11 07:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2013-06-02 14:06 - 2012-10-11 07:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll 2013-06-02 14:06 - 2012-10-11 07:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll 2013-06-02 14:06 - 2012-10-11 07:20 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys 2013-06-02 14:06 - 2012-10-11 07:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys 2013-06-02 14:06 - 2012-10-11 07:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys 2013-06-02 14:06 - 2012-10-11 07:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys 2013-06-02 14:06 - 2012-10-11 07:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys 2013-06-02 14:06 - 2012-10-11 07:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll 2013-06-02 14:06 - 2012-10-11 07:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll 2013-06-02 14:06 - 2012-10-11 06:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll 2013-06-02 14:06 - 2012-10-11 02:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls 2013-06-02 14:06 - 2012-10-11 02:44 - 00478424 ____A C:\Windows\System32\locale.nls 2013-06-02 14:05 - 2012-12-04 06:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll 2013-06-02 14:05 - 2012-11-27 08:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe 2013-06-02 14:05 - 2012-11-27 06:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe 2013-06-02 14:05 - 2012-11-27 06:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2013-06-02 14:05 - 2012-11-27 06:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe 2013-06-02 14:05 - 2012-11-27 06:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll 2013-06-02 14:05 - 2012-11-27 06:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2013-06-02 14:05 - 2012-11-27 06:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll 2013-06-02 14:05 - 2012-11-27 06:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll 2013-06-02 14:05 - 2012-11-27 06:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll 2013-06-02 14:05 - 2012-11-27 06:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll 2013-06-02 14:05 - 2012-11-27 06:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll 2013-06-02 14:05 - 2012-11-27 06:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL 2013-06-02 14:05 - 2012-11-27 06:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL 2013-06-02 14:05 - 2012-10-12 10:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys 2013-06-02 14:04 - 2012-11-27 06:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2013-06-02 14:04 - 2012-11-27 06:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe 2013-06-02 14:04 - 2012-11-27 06:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2013-06-02 14:04 - 2012-11-27 06:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-06-02 14:04 - 2012-11-27 06:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll 2013-06-02 14:04 - 2012-11-27 06:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-06-02 14:04 - 2012-11-27 06:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll 2013-06-02 14:04 - 2012-11-27 06:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL 2013-06-02 14:04 - 2012-10-12 08:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll 2013-06-02 14:04 - 2012-10-12 07:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll 2013-06-02 14:04 - 2012-09-11 07:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe 2013-06-02 14:04 - 2012-09-11 07:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll 2013-06-02 14:04 - 2012-09-11 07:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll 2013-06-02 14:02 - 2012-11-20 07:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll 2013-06-02 14:02 - 2012-11-20 07:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll 2013-06-02 14:02 - 2012-11-20 07:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL 2013-06-02 14:02 - 2012-11-20 06:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL 2013-06-02 14:02 - 2012-11-08 06:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2013-06-02 14:02 - 2012-11-08 06:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2013-06-02 14:02 - 2012-11-08 06:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-06-02 14:02 - 2012-11-08 06:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll 2013-06-02 14:02 - 2012-11-08 06:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll 2013-06-02 14:02 - 2012-11-08 06:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-06-02 14:01 - 2012-11-06 09:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys 2013-06-02 14:01 - 2012-11-06 09:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll 2013-06-02 14:01 - 2012-11-06 06:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe 2013-06-02 14:01 - 2012-11-06 06:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe 2013-06-02 14:01 - 2012-11-06 06:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl 2013-06-02 14:01 - 2012-11-06 06:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll 2013-06-02 14:01 - 2012-11-06 06:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl 2013-06-02 14:01 - 2012-11-06 06:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll 2013-06-02 14:01 - 2012-11-06 06:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll 2013-06-02 14:01 - 2012-11-06 05:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll 2013-06-02 14:01 - 2012-11-06 05:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll 2013-06-02 14:01 - 2012-11-06 05:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys 2013-06-02 14:01 - 2012-11-06 05:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys 2013-06-02 14:01 - 2012-11-06 05:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys 2013-06-02 14:01 - 2012-11-06 05:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys 2013-06-02 14:01 - 2012-11-06 05:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys 2013-06-02 14:01 - 2012-11-06 05:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys 2013-06-02 14:01 - 2012-11-06 05:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll ==================== One Month Modified Files and Folders ======= 2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST 2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk 2013-07-02 20:06 - 2013-06-30 14:06 - 00001230 ____A C:\Windows\Tasks\Plus-HD-2.3-updater.job 2013-07-02 20:05 - 2013-06-30 14:05 - 00001940 ____A C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job 2013-07-02 20:05 - 2013-06-30 14:05 - 00001234 ____A C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job 2013-07-02 20:05 - 2013-06-30 14:05 - 00001134 ____A C:\Windows\Tasks\Plus-HD-2.3-enabler.job 2013-07-02 20:05 - 2013-05-29 23:12 - 00035840 __ASH C:\Users\Rebecca\Downloads\Thumbs.db 2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe 2013-07-02 20:04 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365 2013-07-02 20:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru 2013-07-02 19:58 - 2013-05-28 17:48 - 00001160 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job 2013-07-02 19:45 - 2013-05-28 17:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-07-02 19:44 - 2013-06-30 14:04 - 00000326 ____A C:\Windows\Tasks\DSite.job 2013-07-02 19:41 - 2013-05-28 16:12 - 01916200 ____A C:\Windows\WindowsUpdate.log 2013-07-02 19:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-07-01 22:28 - 2013-06-06 18:26 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox 2013-07-01 22:22 - 2013-06-06 18:32 - 00000000 ___RD C:\Users\Rebecca\Dropbox 2013-07-01 22:18 - 2013-07-01 22:18 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PC Speed Maximizer 2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Desk 365 2013-07-01 20:01 - 2011-06-11 01:58 - 00773712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll 2013-07-01 20:01 - 2011-06-11 01:58 - 00420944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll 2013-07-01 20:00 - 2013-07-01 20:00 - 00001121 ____A C:\Users\Rebecca\Desktop\PC Speed Maximizer.lnk 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\Wajam 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____A C:\END 2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe 2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller 2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WebCake 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Program Files (x86)\WebCake 2013-07-01 19:45 - 2013-05-28 16:12 - 00000000 ____D C:\users\Rebecca 2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe 2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt 2013-07-01 16:26 - 2013-06-03 23:06 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign 2013-07-01 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\DealPly 2013-07-01 13:56 - 2013-06-30 14:06 - 00000448 ____A C:\Windows\Tasks\Lyrics Finder Update.job 2013-07-01 13:20 - 2013-06-30 21:04 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT 2013-07-01 12:32 - 2012-10-30 06:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-06-30 14:43 - 2013-06-05 19:21 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps 2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe 2013-06-30 14:06 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\LyricsFinder 2013-06-30 14:06 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\ProgramData\BrowserDefender 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:03 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe 2013-06-29 14:57 - 2012-12-19 21:40 - 00753134 ____A C:\Windows\System32\perfh007.dat 2013-06-29 14:57 - 2012-12-19 21:40 - 00155826 ____A C:\Windows\System32\perfc007.dat 2013-06-29 14:57 - 2012-07-26 09:28 - 01035242 ____A C:\Windows\System32\PerfStringBackup.INI 2013-06-29 14:51 - 2013-06-29 14:50 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp 2013-06-29 14:51 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP 2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump 2013-06-28 19:06 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig 2013-06-28 17:58 - 2013-05-28 17:48 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job 2013-06-26 17:37 - 2013-05-28 18:39 - 00371712 __ASH C:\Users\Rebecca\Desktop\Thumbs.db 2013-06-24 23:46 - 2013-06-24 23:45 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-24 23:21 - 2013-05-30 00:04 - 00000000 ____D C:\Users\Rebecca\Documents\Forte 2013-06-24 17:09 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache 2013-06-24 16:56 - 2013-05-30 10:16 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-06-24 15:56 - 2012-10-30 05:34 - 00025230 ____A C:\Windows\PFRO.log 2013-06-24 15:55 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism 2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism 2013-06-22 22:05 - 2013-06-22 21:45 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama 2013-06-22 21:54 - 2013-06-22 21:53 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner 2013-06-22 21:43 - 2012-07-26 09:21 - 00032675 ____A C:\Windows\setupact.log 2013-06-21 23:16 - 2013-06-21 22:37 - 00000538 ____A C:\Windows\DirectX.log 2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase 2013-06-21 22:26 - 2013-06-21 22:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi 2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2013-06-20 23:07 - 2013-06-20 22:52 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi 2013-06-13 22:07 - 2013-06-13 22:06 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip 2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe 2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe 2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe 2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink 2013-06-10 12:04 - 2012-12-19 13:32 - 00000000 ____D C:\ProgramData\CyberLink 2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT 2013-06-10 11:51 - 2013-05-28 16:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\VirtualStore 2013-06-08 13:44 - 2013-06-08 13:43 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd 2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk 2013-06-06 18:25 - 2013-06-06 18:24 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe 2013-06-06 14:22 - 2013-06-04 22:59 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt 2013-06-06 13:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF 2013-06-06 08:31 - 2013-06-10 11:57 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk 2013-06-05 19:21 - 2013-06-05 19:20 - 00000000 ____D C:\ProgramData\BackupPCFiles 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles 2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe 2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk 2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip 2013-06-05 00:09 - 2013-06-01 15:33 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-06-05 00:09 - 2013-06-01 15:33 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt 2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys 2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-07-01 13:23 ==================== End Of Log ============================ |
02.07.2013, 19:16 | #4 |
| Plötzlich langsames Internet und viel Werbung Vielen Dank für die schnelle Antwort Installiert. Gescant. Das kam dabei raus... Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2013 Ran by Rebecca at 2013-07-02 20:09:17 Running from C:\Users\Rebecca\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= clear.fi SDK - Video 2 (x32 Version: 2.1.1925) clear.fi SDK- Movie 2 (x32 Version: 2.1.2008) Acer Backup Manager (x32 Version: 4.0.0.0059) Acer Device Fast-lane (Version: 1.00.3008) Acer Instant Update Service (Version: 1.00.3013) Acer Power Management (Version: 7.00.3007) Acer Recovery Management (Version: 6.00.3011) AcerCloud (x32 Version: 2.01.3115) AcerCloud Docs (x32 Version: 1.00.3201) Adobe Bridge 1.0 (x32 Version: 001.000.001) Adobe Common File Installer (x32 Version: 1.00.001) Adobe Help Center 1.0 (x32 Version: 1.0.1) Adobe Illustrator CS2 (x32 Version: 12.000.000) Adobe InDesign CS2 (x32 Version: 004.000.000) Adobe Photoshop CS2 (x32 Version: 9.0) Adobe Stock Photos 1.0 (x32 Version: 1.0.1) Adobe SVG Viewer 3.0 (x32 Version: 3.0) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98) Alcor Micro USB Card Reader (x32 Version: 3.5.42.61532) Aloha TriPeaks (x32 Version: 2.2.0.98) AMD Accelerated Video Transcoding (Version: 12.5.100.20918) AMD APP SDK Runtime (Version: 10.0.938.2) AMD Catalyst Install Manager (Version: 8.0.881.0) AMD Quick Stream (Version: 3.3.26.0) AMD VISION Engine Control Center (x32 Version: 2012.0918.260.3365) Backup Manager v4 (x32 Version: 4.0.0.0059) BackupPCFiles 1.0.0.676 (x32 Version: 1.0.0.676) Bejeweled 3 (x32 Version: 2.2.0.98) BrowserDefender (x32) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0918.260.3365) Catalyst Control Center InstallProxy (x32 Version: 2012.0918.260.3365) Catalyst Control Center Localization All (x32 Version: 2012.0918.260.3365) CCC Help Chinese Standard (x32 Version: 2012.0918.0259.3365) CCC Help Chinese Traditional (x32 Version: 2012.0918.0259.3365) CCC Help Czech (x32 Version: 2012.0918.0259.3365) CCC Help Danish (x32 Version: 2012.0918.0259.3365) CCC Help Dutch (x32 Version: 2012.0918.0259.3365) CCC Help English (x32 Version: 2012.0918.0259.3365) CCC Help Finnish (x32 Version: 2012.0918.0259.3365) CCC Help French (x32 Version: 2012.0918.0259.3365) CCC Help German (x32 Version: 2012.0918.0259.3365) CCC Help Greek (x32 Version: 2012.0918.0259.3365) CCC Help Hungarian (x32 Version: 2012.0918.0259.3365) CCC Help Italian (x32 Version: 2012.0918.0259.3365) CCC Help Japanese (x32 Version: 2012.0918.0259.3365) CCC Help Korean (x32 Version: 2012.0918.0259.3365) CCC Help Norwegian (x32 Version: 2012.0918.0259.3365) CCC Help Polish (x32 Version: 2012.0918.0259.3365) CCC Help Portuguese (x32 Version: 2012.0918.0259.3365) CCC Help Russian (x32 Version: 2012.0918.0259.3365) CCC Help Spanish (x32 Version: 2012.0918.0259.3365) CCC Help Swedish (x32 Version: 2012.0918.0259.3365) CCC Help Thai (x32 Version: 2012.0918.0259.3365) CCC Help Turkish (x32 Version: 2012.0918.0259.3365) ccc-utility64 (Version: 2012.0918.260.3365) clear.fi Media (x32 Version: 2.01.3108) clear.fi Photo (x32 Version: 2.01.3108) Conexant HD Audio (Version: 8.54.44.51) CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819) DealPly (HKCU) DealPly (remove only) (x32 Version: 4.8.6.1) Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98) Delta Chrome Toolbar (x32) Delta toolbar (x32 Version: 1.8.21.5) Desk 365 (x32 Version: 1.12.16) Dropbox (HKCU Version: 2.0.26) eSafe Security Control 1.0.0.2522 (x32 Version: 1.0.0.2522) ETDWare PS/2-X64 11.6.9.001_WHQL (Version: 11.6.9.001) FORTE 4 - Free Edition (x32 Version: 4) Google Chrome (HKCU Version: 27.0.1453.116) Identity Card (x32 Version: 2.00.3004) Island Tribe (x32 Version: 2.2.0.98) Jewel Match 3 (x32 Version: 2.2.0.98) John Deere Drive Green (x32 Version: 2.2.0.95) Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190) Launch Manager (x32 Version: 7.0.4) Live Updater (x32 Version: 2.00.3004) Ludwig 3.0 (x32 Version: 3.0.0.1) Lyrics Finder (x32) Magic Academy (x32 Version: 2.2.0.98) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft Office Professional Edition 2003 (x32 Version: 11.0.5614.0) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0) MyWinLocker (Version: 4.0.14.35) MyWinLocker 4 (x32 Version: 4.0.14.35) MyWinLocker Suite (x32 Version: 4.0.14.24) NTI Media Maker 9 (x32 Version: 9.0.2.9008) Office Addin (x32 Version: 2.01.3200) Open It! (x32 Version: 1.1.1) OpenOffice.org 3.4.1 (x32 Version: 3.41.9593) PC Speed Maximizer v3.1 (x32 Version: 3.1) PDF Creator PDF Writer Packages (HKCU) PDF Writer Packages 11 (HKCU) Penguins! (x32 Version: 2.2.0.98) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98) Plus-HD-2.3 (x32 Version: 1.27.153.5) Polar Bowler (x32 Version: 2.2.0.97) Qtrax Player (HKCU) Qtrax Player (x32 Version: 01.001.0001) Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.209) Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.13) Shared C Run-time for x64 (Version: 10.0.0) Shredder (Version: 2.0.8.9) Shredder (x32 Version: 2.0.8.9) Spotify (x32 Version: 0.8.4.99.ga249b5f1) Tales of Lagoona (x32 Version: 2.2.0.110) Update for Zip Opener (HKCU) Update Installer for WildTangent Games App (x32) Visual Studio 2005 Tools for Office Second Edition Runtime (x32) Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729) Visual Studio Tools for the Office system 3.0 Runtime (x32) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1) Wajam (x32 Version: 1.80) WebCake 3.00 (Version: 3.00) WildTangent Games (x32 Version: 1.0.3.0) WildTangent Games App (x32 Version: 4.0.9.3) Zip Opener Packages (HKCU) Zuma's Revenge (x32 Version: 2.2.0.98) ==================== Restore Points ========================= 15-06-2013 22:32:54 Geplanter Prüfpunkt 20-06-2013 21:48:08 Installed Ludwig 3.0 24-06-2013 14:54:34 Windows Update 01-07-2013 10:32:01 Entfernt Atheros Communications Inc.(R) AR81Family Gigabit/Fast R] a ==================== Scheduled Tasks (whitelisted) ============= Task: {01E27AC1-51E7-4717-9625-7C93C11E4ED4} - System32\Tasks\Lyrics Finder Update => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe [2013-02-27] (Nijad Software) Task: {0DA8A6C4-DBE8-4CD0-9040-E30851CBA3AB} - System32\Tasks\Task BackupPCFiles => C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.TaskScheduler.exe [2013-05-07] () Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation) Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical Task: {14B1518E-6B39-43F0-A52F-060AEA10D43B} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] () Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler Task: {18FB23DC-658C-455C-BF77-BA77D70569DE} - System32\Tasks\Plus-HD-2.3-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe [2013-06-30] (Plus HD) Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents Task: {1F03B27A-8849-4E0F-83D9-DC9EDE51BA87} - System32\Tasks\DealPlyUpdate => C:\Program No File Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance Task: {21ED3BFC-DE3D-41C8-BA2E-F3F2C483CF56} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem Task: {3EC330FC-D164-4C37-A4BC-3F2E1A68BBEF} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4265992392-2356816179-987210788-1001 Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance Task: {4325F945-E652-4329-A43F-3650E7C361F8} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation) Task: {438139D7-1488-45CA-934F-366EB728C091} - System32\Tasks\DSite => C:\Users\Rebecca\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-07-01] () Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation) Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon Task: {5180FB42-F2E8-46AE-849A-80ECFFE7378C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-28] (Google Inc.) Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required Task: {5FC99E41-E598-4E05-8BD2-B6C406A4B143} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] () Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation) Task: {66B9B946-72B9-44A0-9BC4-01D5D339A575} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4265992392-2356816179-987210788-500 Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation) Task: {6EA08B46-1BC2-44E2-8526-3DFAA4F35328} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Task: {738A0A7B-DF1F-4504-A16A-693C0CD28CC8} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] () Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance Task: {811429EB-54FC-493A-B3A0-9224A2195644} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe [2013-07-01] (337 Technology Limited.) Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode) Task: {8EDE8B4F-7A00-4874-8D7D-D4494E095E47} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Task: {97AA14A9-112E-414D-8F8C-6AB25A9304D1} - System32\Tasks\Plus-HD-2.3-codedownloader => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-06-30] (Plus HD) Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic Task: {99261903-B0ED-43FF-AB5F-8FF3D1F7B850} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {9F3C740E-EE05-44AF-A176-C59922E0CAD7} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-09-05] (Acer Incorporated) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation) Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan Task: {B47EFA2E-0FE7-4AFF-8E2B-BFA2ADE9EFC8} - System32\Tasks\Plus-HD-2.3-enabler => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-06-30] (Plus HD) Task: {B531D19A-AEC0-4033-A15D-7B33322EB871} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-01-24] (Microsoft Corporation) Task: {BA190B70-E058-4BC9-8055-E195A362F3BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-28] (Google Inc.) Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender Task: {C58FC3F8-DAA2-47F0-BB5B-E8D81A0C665D} - System32\Tasks\Plus-HD-2.3-updater => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-06-30] (Plus HD) Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {CAB8603B-DCA4-4547-9118-16234BA63063} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation) Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork Task: {DABD0657-CC02-40B6-81E9-DB2C050FB0F5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation) Task: {E954CD40-1946-41D6-9433-7A645461C41A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation) Task: {EC770716-0E38-4F87-A0FF-35C505AF56FD} - System32\Tasks\EPUpdater => C:\Users\Rebecca\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] () Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM Task: {EE620C39-9B11-4442-870C-8BE6759866A5} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] () Task: {F5A4610D-2FEC-4082-813C-A8AEC624A0CC} - System32\Tasks\DealPly => C:\Users\Rebecca\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE [2013-02-27] () Task: C:\Windows\Tasks\DSite.job => ? Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Lyrics Finder Update.job => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe Task: C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe ==================== Faulty Device Manager Devices ============= Name: Bluetooth USB Module Description: Bluetooth USB Module Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Qualcomm Atheros Communications Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/01/2013 00:56:35 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (06/30/2013 02:43:18 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: EvernoteMetro.exe, Version: 0.0.0.0, Zeitstempel: 0x5138d27c Name des fehlerhaften Moduls: MSVCR110.dll, Version: 11.0.51106.1, Zeitstempel: 0x5098858e Ausnahmecode: 0xc0000409 Fehleroffset: 0x000748e8 ID des fehlerhaften Prozesses: 0x1908 Startzeit der fehlerhaften Anwendung: 0xEvernoteMetro.exe0 Pfad der fehlerhaften Anwendung: EvernoteMetro.exe1 Pfad des fehlerhaften Moduls: EvernoteMetro.exe2 Berichtskennung: EvernoteMetro.exe3 Vollständiger Name des fehlerhaften Pakets: EvernoteMetro.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EvernoteMetro.exe5 Error: (06/29/2013 02:51:44 PM) (Source: Perflib) (User: ) Description: rdyboost4 Error: (06/29/2013 02:51:44 PM) (Source: Perflib) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (06/29/2013 02:22:53 PM) (Source: Application Hang) (User: ) Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1c4c Startzeit: 01ce74bde0db2c4e Endzeit: 4294967295 Anwendungspfad: C:\Windows\system32\wwahost.exe Berichts-ID: 979a9cb4-e0b6-11e2-be80-089e016dfe9a Vollständiger Name des fehlerhaften Pakets: Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (06/29/2013 02:22:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ASUSASPIREV5551) Description: Das Paket „Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2“ wurde beendet, da das Anhalten zu lange dauerte. Error: (06/29/2013 02:23:32 AM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (06/28/2013 04:41:58 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (06/26/2013 05:19:34 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (06/25/2013 06:39:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ASUSASPIREV5551) Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. System errors: ============= Error: (06/29/2013 02:51:23 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/29/2013 02:51:23 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/29/2013 02:51:10 PM) (Source: BugCheck) (User: ) Description: 0x0000009f (0x0000000000000003, 0xfffffa8012519880, 0xfffff80071708770, 0xfffffa8003ba2b10)C:\Windows\MEMORY.DMP062913-28470-01 Error: (06/29/2013 02:50:51 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am ?29.?06.?2013 um 14:08:29 unerwartet heruntergefahren. Error: (06/24/2013 11:46:15 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/24/2013 11:46:15 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/24/2013 11:46:06 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am ?24.?06.?2013 um 23:36:30 unerwartet heruntergefahren. Error: (06/24/2013 03:57:22 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/24/2013 03:57:22 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (06/18/2013 02:58:29 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Microsoft Office Sessions: ========================= Error: (07/01/2013 00:56:35 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (06/30/2013 02:43:18 PM) (Source: Application Error)(User: ) Description: EvernoteMetro.exe0.0.0.05138d27cMSVCR110.dll11.0.51106.15098858ec0000409000748e8190801ce758f618dc374C:\Program Files\WindowsApps\Evernote.Evernote_1.1.2.8_x86__q4d96b2w5wcc2\EvernoteMetro.exeC:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.51106.1_x86__8wekyb3d8bbwe\MSVCR110.dlla3057e24-e182-11e2-be81-089e016dfe9aEvernote.Evernote_1.1.2.8_x86__q4d96b2w5wcc2App Error: (06/29/2013 02:51:44 PM) (Source: Perflib)(User: ) Description: rdyboost4 Error: (06/29/2013 02:51:44 PM) (Source: Perflib)(User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (06/29/2013 02:22:53 PM) (Source: Application Hang)(User: ) Description: wwahost.exe6.2.9200.164201c4c01ce74bde0db2c4e4294967295C:\Windows\system32\wwahost.exe979a9cb4-e0b6-11e2-be80-089e016dfe9aEvernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2App Error: (06/29/2013 02:22:40 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ASUSASPIREV5551) Description: Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2 Error: (06/29/2013 02:23:32 AM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (06/28/2013 04:41:58 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (06/26/2013 05:19:34 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (06/25/2013 06:39:44 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ASUSASPIREV5551) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147023170 ==================== Memory info =========================== Percentage of memory in use: 59% Total physical RAM: 3530.26 MB Available physical RAM: 1420.64 MB Total Pagefile: 7114.26 MB Available Pagefile: 4281.94 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:449.45 GB) (Free:391.85 GB) NTFS (Disk=0 Partition=4) ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: EE83A1CF) Partition: GPT Partition Type ==================== End Of Log ============================ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013 Ran by Rebecca (administrator) on 02-07-2013 20:08:07 Running from C:\Users\Rebecca\Desktop Windows 8 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.CppProxyServer.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Dropbox, Inc.) C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe () C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe () C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (Microsoft Corporation) C:\Windows\system32\wwahost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe (WebCake LLC) C:\Users\Rebecca\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC) C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe (Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (337 Technology Limited.) C:\Program Files (x86)\Desk 365\deskSvc.exe (337 Technology Limited.) C:\Program Files (x86)\Desk 365\desk365.exe (eSafe Security Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Plus HD) C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" [64640 2012-09-14] () HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [BackupPCFiles.Agent] "C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe" [249472 2013-05-07] (Bright Access) HKLM-x32\...\Runonce: [Del83630185] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x] HKLM-x32\...\Runonce: [Del83641683] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x] HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKCU\...\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-12-19] () HKCU\...\Run: [Google Update] "C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-05-28] (Google Inc.) HKCU\...\Run: [WebCake Desktop] "C:\Users\Rebecca\AppData\Roaming\WebCake\WebCakeDesktop.exe" [47896 2013-06-21] (WebCake LLC) HKCU\...\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [134456 2013-03-09] (Smart PC Solutions) HKCU\...\Run: [Desk 365] "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun [916048 2013-07-01] (337 Technology Limited.) HKCU\...\Runonce: [Del83630185] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x] HKCU\...\Runonce: [Del83641683] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x] HKCU\...\Runonce: [Qtrax] C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe 2902046931.portal.qtrax.com [x] MountPoints2: {72078e76-49c9-11e2-be69-806e6f6e6963} - "D:\SETUP.EXE" /AUTORUN HKLM-x32\...\Run: [LManager] [x] HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart [508656 2012-07-25] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-09-12] (Alcor Micro Corp.) HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [24504 2012-10-25] (Kaspersky Lab ZAO) HKU\Default\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated) HKU\Default User\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated) AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll [2521040 2013-05-23] () Startup: C:\ProgramData\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com HKLM SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com HKLM-x32 SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com HKCU SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKCU - {6F9161DA-7B64-4BA1-9C95-27EBF8F95363} URL = BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Plus-HD-2.3 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD) BHO-x32: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll (WebCake LLC) BHO-x32: Lyrics Finder - {398C01F1-E584-46AD-A649-4F78B435DCFE} - C:\Program Files (x86)\LyricsFinder\lfind.dll (Nijad Software) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly) Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com) Handler: msdaipp - No CLSID Value - Handler-x32: msdaipp - No CLSID Value - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Chrome: ======= CHR HomePage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929 CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929" CHR DefaultSearchURL: (Ecosia) - hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch CHR DefaultSuggestURL: (Ecosia) - hxxp://ecosia.org/ajax/searchsuggestions.php?q={searchTerms}&addon=opensearch CHR Plugin: (Shockwave Flash) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll () CHR Plugin: (Google Update) - C:\Users\Rebecca\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Kaspersky URL Advisor) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0 CHR Extension: (Emma Bridgewater) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennchkafgbngcmjcbbicbobbdomhmklc\2_0 CHR Extension: (Delta Toolbar) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0 CHR Extension: (WebCake) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0 CHR Extension: (DealPly Shopping) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.3.0_0 CHR Extension: (Lyrics Finder) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110_0 CHR Extension: (Safe Money) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0 CHR Extension: (Content Blocker) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0 CHR Extension: (Virtual Keyboard) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0 CHR Extension: (Wajam) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24 CHR Extension: (Plus-HD-2.3) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0 CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR Extension: (Anti-Banner) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0 ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-05-28] (Adobe Systems) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-28] (Kaspersky Lab ZAO) R2 BackupPCFilesService; C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe [67712 2013-05-07] (Bright Access) R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] () R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated) R2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [201376 2012-06-08] (Conexant Systems Inc.) R2 desksvc; C:\Program Files (x86)\Desk 365\deskSvc.exe [424016 2013-07-01] (337 Technology Limited.) S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-09-21] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated) R2 eSafeSvc; C:\ProgramData\eSafe\eGdpSvc.exe [361536 2013-07-01] (eSafe Security Co., Ltd.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [85904 2012-09-05] (ELAN Microelectronics Corp.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-19] (Dritek System INC.) R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam) R2 WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [23552 2013-06-21] (WebCake LLC) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-09-10] (Atheros) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [x] ==================== Drivers (Whitelisted) ==================== R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-05-28] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29016 2013-05-28] (Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-28] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-05-28] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-19] (Dritek System Inc.) S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST 2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk 2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe 2013-07-01 22:18 - 2013-07-01 22:18 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PC Speed Maximizer 2013-07-01 20:01 - 2013-07-02 20:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365 2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Desk 365 2013-07-01 20:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-07-01 20:00 - 2013-07-01 20:00 - 00001121 ____A C:\Users\Rebecca\Desktop\PC Speed Maximizer.lnk 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\Wajam 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____A C:\END 2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe 2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller 2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WebCake 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Program Files (x86)\WebCake 2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe 2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt 2013-06-30 21:04 - 2013-07-01 13:20 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT 2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe 2013-06-30 14:06 - 2013-07-02 20:06 - 00001230 ____A C:\Windows\Tasks\Plus-HD-2.3-updater.job 2013-06-30 14:06 - 2013-07-01 13:56 - 00000448 ____A C:\Windows\Tasks\Lyrics Finder Update.job 2013-06-30 14:06 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\LyricsFinder 2013-06-30 14:05 - 2013-07-02 20:05 - 00001940 ____A C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job 2013-06-30 14:05 - 2013-07-02 20:05 - 00001234 ____A C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job 2013-06-30 14:05 - 2013-07-02 20:05 - 00001134 ____A C:\Windows\Tasks\Plus-HD-2.3-enabler.job 2013-06-30 14:05 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\ProgramData\BrowserDefender 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta 2013-06-30 14:05 - 2011-10-04 22:43 - 00087552 ____A C:\Windows\System32\custmon64i.dll 2013-06-30 14:04 - 2013-07-02 19:44 - 00000326 ____A C:\Windows\Tasks\DSite.job 2013-06-30 14:04 - 2013-07-01 14:04 - 00000000 ____D C:\Program Files (x86)\DealPly 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-06-30 14:03 - 2013-06-30 14:04 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe 2013-06-29 14:50 - 2013-06-29 14:51 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp 2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP 2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump 2013-06-24 23:45 - 2013-06-24 23:46 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-24 16:14 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2013-06-24 16:14 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll 2013-06-22 21:53 - 2013-06-22 21:54 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner 2013-06-22 21:45 - 2013-06-22 22:05 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama 2013-06-21 22:41 - 2013-06-28 19:06 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig 2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase 2013-06-21 22:37 - 2013-06-21 23:16 - 00000538 ____A C:\Windows\DirectX.log 2013-06-21 22:37 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll 2013-06-21 22:37 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2013-06-21 22:37 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll 2013-06-21 22:37 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase 2013-06-21 22:07 - 2013-06-21 22:26 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi 2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2013-06-21 13:45 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll 2013-06-21 13:45 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2013-06-21 13:44 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2013-06-21 13:44 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-06-21 13:44 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll 2013-06-21 13:44 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-06-21 13:44 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe 2013-06-21 13:44 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll 2013-06-21 13:44 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe 2013-06-21 13:44 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2013-06-21 13:44 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe 2013-06-21 13:44 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS 2013-06-21 13:44 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys 2013-06-21 13:44 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS 2013-06-21 13:44 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2013-06-21 13:44 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll 2013-06-21 13:44 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl 2013-06-21 13:44 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe 2013-06-21 13:44 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2013-06-21 13:44 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll 2013-06-21 13:44 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl 2013-06-21 13:44 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs 2013-06-21 13:44 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys 2013-06-21 13:44 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys 2013-06-21 13:44 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys 2013-06-21 13:44 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs 2013-06-21 13:44 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml 2013-06-21 13:44 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-06-21 13:44 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-06-21 13:44 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-06-21 13:44 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe 2013-06-21 13:44 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-06-21 13:44 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2013-06-21 13:44 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2013-06-21 13:43 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-21 13:43 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-21 13:43 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-06-21 13:43 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-21 13:43 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-21 13:43 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-21 13:43 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2013-06-21 13:42 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-06-21 13:42 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll 2013-06-21 13:42 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-21 13:42 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-21 13:42 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-21 13:42 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-21 13:42 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-06-21 13:42 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-20 22:52 - 2013-06-20 23:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi 2013-06-13 22:06 - 2013-06-13 22:07 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip 2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe 2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe 2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe 2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink 2013-06-10 11:57 - 2013-06-06 08:31 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk 2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT 2013-06-08 13:43 - 2013-06-08 13:44 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd 2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-06-06 18:32 - 2013-07-01 22:22 - 00000000 ___RD C:\Users\Rebecca\Dropbox 2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk 2013-06-06 18:26 - 2013-07-01 22:28 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox 2013-06-06 18:24 - 2013-06-06 18:25 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe 2013-06-05 19:21 - 2013-06-30 14:43 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps 2013-06-05 19:20 - 2013-06-05 19:21 - 00000000 ____D C:\ProgramData\BackupPCFiles 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles 2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe 2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk 2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip 2013-06-04 22:59 - 2013-06-06 14:22 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt 2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt 2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys 2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys 2013-06-03 23:06 - 2013-07-01 16:26 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign 2013-06-02 14:08 - 2012-10-12 08:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll 2013-06-02 14:08 - 2012-10-12 07:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll 2013-06-02 14:07 - 2012-10-24 06:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll 2013-06-02 14:07 - 2012-10-17 06:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll 2013-06-02 14:07 - 2012-10-17 06:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll 2013-06-02 14:07 - 2012-10-17 06:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll 2013-06-02 14:07 - 2012-10-17 05:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2013-06-02 14:07 - 2012-10-17 05:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2013-06-02 14:07 - 2012-10-17 05:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2013-06-02 14:06 - 2012-10-11 09:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll 2013-06-02 14:06 - 2012-10-11 09:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe 2013-06-02 14:06 - 2012-10-11 09:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys 2013-06-02 14:06 - 2012-10-11 09:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys 2013-06-02 14:06 - 2012-10-11 09:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2013-06-02 14:06 - 2012-10-11 09:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys 2013-06-02 14:06 - 2012-10-11 09:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys 2013-06-02 14:06 - 2012-10-11 09:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2013-06-02 14:06 - 2012-10-11 07:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2013-06-02 14:06 - 2012-10-11 07:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll 2013-06-02 14:06 - 2012-10-11 07:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe 2013-06-02 14:06 - 2012-10-11 07:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll 2013-06-02 14:06 - 2012-10-11 07:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe 2013-06-02 14:06 - 2012-10-11 07:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll 2013-06-02 14:06 - 2012-10-11 07:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll 2013-06-02 14:06 - 2012-10-11 07:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll 2013-06-02 14:06 - 2012-10-11 07:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll 2013-06-02 14:06 - 2012-10-11 07:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2013-06-02 14:06 - 2012-10-11 07:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll 2013-06-02 14:06 - 2012-10-11 07:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll 2013-06-02 14:06 - 2012-10-11 07:20 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys 2013-06-02 14:06 - 2012-10-11 07:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys 2013-06-02 14:06 - 2012-10-11 07:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys 2013-06-02 14:06 - 2012-10-11 07:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys 2013-06-02 14:06 - 2012-10-11 07:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys 2013-06-02 14:06 - 2012-10-11 07:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll 2013-06-02 14:06 - 2012-10-11 07:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll 2013-06-02 14:06 - 2012-10-11 07:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll 2013-06-02 14:06 - 2012-10-11 07:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll 2013-06-02 14:06 - 2012-10-11 06:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll 2013-06-02 14:06 - 2012-10-11 02:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls 2013-06-02 14:06 - 2012-10-11 02:44 - 00478424 ____A C:\Windows\System32\locale.nls 2013-06-02 14:05 - 2012-12-04 06:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll 2013-06-02 14:05 - 2012-11-27 08:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe 2013-06-02 14:05 - 2012-11-27 06:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe 2013-06-02 14:05 - 2012-11-27 06:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll 2013-06-02 14:05 - 2012-11-27 06:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe 2013-06-02 14:05 - 2012-11-27 06:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll 2013-06-02 14:05 - 2012-11-27 06:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2013-06-02 14:05 - 2012-11-27 06:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll 2013-06-02 14:05 - 2012-11-27 06:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll 2013-06-02 14:05 - 2012-11-27 06:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll 2013-06-02 14:05 - 2012-11-27 06:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll 2013-06-02 14:05 - 2012-11-27 06:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll 2013-06-02 14:05 - 2012-11-27 06:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL 2013-06-02 14:05 - 2012-11-27 06:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL 2013-06-02 14:05 - 2012-10-12 10:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys 2013-06-02 14:04 - 2012-11-27 06:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2013-06-02 14:04 - 2012-11-27 06:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe 2013-06-02 14:04 - 2012-11-27 06:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2013-06-02 14:04 - 2012-11-27 06:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-06-02 14:04 - 2012-11-27 06:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll 2013-06-02 14:04 - 2012-11-27 06:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-06-02 14:04 - 2012-11-27 06:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll 2013-06-02 14:04 - 2012-11-27 06:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL 2013-06-02 14:04 - 2012-10-12 08:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll 2013-06-02 14:04 - 2012-10-12 07:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll 2013-06-02 14:04 - 2012-09-11 07:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe 2013-06-02 14:04 - 2012-09-11 07:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll 2013-06-02 14:04 - 2012-09-11 07:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll 2013-06-02 14:02 - 2012-11-20 07:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll 2013-06-02 14:02 - 2012-11-20 07:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll 2013-06-02 14:02 - 2012-11-20 07:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL 2013-06-02 14:02 - 2012-11-20 06:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL 2013-06-02 14:02 - 2012-11-08 06:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2013-06-02 14:02 - 2012-11-08 06:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2013-06-02 14:02 - 2012-11-08 06:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-06-02 14:02 - 2012-11-08 06:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll 2013-06-02 14:02 - 2012-11-08 06:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll 2013-06-02 14:02 - 2012-11-08 06:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-06-02 14:01 - 2012-11-06 09:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys 2013-06-02 14:01 - 2012-11-06 09:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll 2013-06-02 14:01 - 2012-11-06 06:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe 2013-06-02 14:01 - 2012-11-06 06:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe 2013-06-02 14:01 - 2012-11-06 06:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll 2013-06-02 14:01 - 2012-11-06 06:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll 2013-06-02 14:01 - 2012-11-06 06:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl 2013-06-02 14:01 - 2012-11-06 06:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll 2013-06-02 14:01 - 2012-11-06 06:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll 2013-06-02 14:01 - 2012-11-06 06:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl 2013-06-02 14:01 - 2012-11-06 06:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll 2013-06-02 14:01 - 2012-11-06 06:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll 2013-06-02 14:01 - 2012-11-06 05:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll 2013-06-02 14:01 - 2012-11-06 05:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll 2013-06-02 14:01 - 2012-11-06 05:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys 2013-06-02 14:01 - 2012-11-06 05:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys 2013-06-02 14:01 - 2012-11-06 05:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys 2013-06-02 14:01 - 2012-11-06 05:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys 2013-06-02 14:01 - 2012-11-06 05:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys 2013-06-02 14:01 - 2012-11-06 05:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys 2013-06-02 14:01 - 2012-11-06 05:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll ==================== One Month Modified Files and Folders ======= 2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST 2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk 2013-07-02 20:06 - 2013-06-30 14:06 - 00001230 ____A C:\Windows\Tasks\Plus-HD-2.3-updater.job 2013-07-02 20:05 - 2013-06-30 14:05 - 00001940 ____A C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job 2013-07-02 20:05 - 2013-06-30 14:05 - 00001234 ____A C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job 2013-07-02 20:05 - 2013-06-30 14:05 - 00001134 ____A C:\Windows\Tasks\Plus-HD-2.3-enabler.job 2013-07-02 20:05 - 2013-05-29 23:12 - 00035840 __ASH C:\Users\Rebecca\Downloads\Thumbs.db 2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe 2013-07-02 20:04 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365 2013-07-02 20:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru 2013-07-02 19:58 - 2013-05-28 17:48 - 00001160 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job 2013-07-02 19:45 - 2013-05-28 17:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-07-02 19:44 - 2013-06-30 14:04 - 00000326 ____A C:\Windows\Tasks\DSite.job 2013-07-02 19:41 - 2013-05-28 16:12 - 01916200 ____A C:\Windows\WindowsUpdate.log 2013-07-02 19:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-07-01 22:28 - 2013-06-06 18:26 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox 2013-07-01 22:22 - 2013-06-06 18:32 - 00000000 ___RD C:\Users\Rebecca\Dropbox 2013-07-01 22:18 - 2013-07-01 22:18 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PC Speed Maximizer 2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Desk 365 2013-07-01 20:01 - 2011-06-11 01:58 - 00773712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll 2013-07-01 20:01 - 2011-06-11 01:58 - 00420944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll 2013-07-01 20:00 - 2013-07-01 20:00 - 00001121 ____A C:\Users\Rebecca\Desktop\PC Speed Maximizer.lnk 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\Wajam 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____A C:\END 2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe 2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller 2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WebCake 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Program Files (x86)\WebCake 2013-07-01 19:45 - 2013-05-28 16:12 - 00000000 ____D C:\users\Rebecca 2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe 2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt 2013-07-01 16:26 - 2013-06-03 23:06 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign 2013-07-01 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\DealPly 2013-07-01 13:56 - 2013-06-30 14:06 - 00000448 ____A C:\Windows\Tasks\Lyrics Finder Update.job 2013-07-01 13:20 - 2013-06-30 21:04 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT 2013-07-01 12:32 - 2012-10-30 06:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-06-30 14:43 - 2013-06-05 19:21 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps 2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe 2013-06-30 14:06 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\LyricsFinder 2013-06-30 14:06 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\ProgramData\BrowserDefender 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:03 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe 2013-06-29 14:57 - 2012-12-19 21:40 - 00753134 ____A C:\Windows\System32\perfh007.dat 2013-06-29 14:57 - 2012-12-19 21:40 - 00155826 ____A C:\Windows\System32\perfc007.dat 2013-06-29 14:57 - 2012-07-26 09:28 - 01035242 ____A C:\Windows\System32\PerfStringBackup.INI 2013-06-29 14:51 - 2013-06-29 14:50 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp 2013-06-29 14:51 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP 2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump 2013-06-28 19:06 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig 2013-06-28 17:58 - 2013-05-28 17:48 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job 2013-06-26 17:37 - 2013-05-28 18:39 - 00371712 __ASH C:\Users\Rebecca\Desktop\Thumbs.db 2013-06-24 23:46 - 2013-06-24 23:45 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-24 23:21 - 2013-05-30 00:04 - 00000000 ____D C:\Users\Rebecca\Documents\Forte 2013-06-24 17:09 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache 2013-06-24 16:56 - 2013-05-30 10:16 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-06-24 15:56 - 2012-10-30 05:34 - 00025230 ____A C:\Windows\PFRO.log 2013-06-24 15:55 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism 2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism 2013-06-22 22:05 - 2013-06-22 21:45 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama 2013-06-22 21:54 - 2013-06-22 21:53 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner 2013-06-22 21:43 - 2012-07-26 09:21 - 00032675 ____A C:\Windows\setupact.log 2013-06-21 23:16 - 2013-06-21 22:37 - 00000538 ____A C:\Windows\DirectX.log 2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase 2013-06-21 22:26 - 2013-06-21 22:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi 2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2013-06-20 23:07 - 2013-06-20 22:52 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi 2013-06-13 22:07 - 2013-06-13 22:06 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip 2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe 2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe 2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe 2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink 2013-06-10 12:04 - 2012-12-19 13:32 - 00000000 ____D C:\ProgramData\CyberLink 2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT 2013-06-10 11:51 - 2013-05-28 16:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\VirtualStore 2013-06-08 13:44 - 2013-06-08 13:43 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd 2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk 2013-06-06 18:25 - 2013-06-06 18:24 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe 2013-06-06 14:22 - 2013-06-04 22:59 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt 2013-06-06 13:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF 2013-06-06 08:31 - 2013-06-10 11:57 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk 2013-06-05 19:21 - 2013-06-05 19:20 - 00000000 ____D C:\ProgramData\BackupPCFiles 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles 2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe 2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk 2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip 2013-06-05 00:09 - 2013-06-01 15:33 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-06-05 00:09 - 2013-06-01 15:33 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt 2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys 2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-07-01 13:23 ==================== End Of Log ============================ |
02.07.2013, 19:25 | #5 |
/// TB-Ausbilder | Plötzlich langsames Internet und viel Werbung Hallo, du hast dir tonnenweise Adware installiert. Du solltest unbedingt besser aufpassen, wo du deine Software herunterlädst und installierst. In erster Priorität immer direkt beim Hersteller und nicht von irgendwelchen Softwareportalen! Entrümpeln wir ein bisschen: Schritt 1
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Starte noch einmal FRST.
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
04.07.2013, 17:49 | #6 |
| Plötzlich langsames Internet und viel Werbung Ich bekomme Delta Search und Delta Toolbar nicht deinstalliert. Es erscheint immer eine Meldung, in der steht, dass ich nicht genug Rechte besitze. AdwCleanerAdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.304 - Datei am 04/07/2013 um 18:32:12 erstellt # Aktualisiert am 03/07/2013 von Xplode # Betriebssystem : Windows 8 (64 bits) # Benutzer : Rebecca - ASUSASPIREV5551 # Bootmodus : Normal # Ausgeführt unter : C:\Users\Rebecca\Downloads\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Desinfiziert : C:\Users\Rebecca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Datei Desinfiziert : C:\Users\Rebecca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Datei Desinfiziert : C:\Users\Rebecca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk Datei Desinfiziert : C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk Datei Desinfiziert : C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Datei Gelöscht : C:\END Datei Gelöscht : C:\Windows\Tasks\DSite.job Gelöscht mit Neustart : C:\ProgramData\eSafe Ordner Gelöscht : C:\Program Files (x86)\Common Files\337 Ordner Gelöscht : C:\Program Files (x86)\Delta Ordner Gelöscht : C:\Program Files (x86)\Desk 365 Ordner Gelöscht : C:\ProgramData\Babylon Ordner Gelöscht : C:\ProgramData\Tarma Installer Ordner Gelöscht : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Ordner Gelöscht : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Ordner Gelöscht : C:\Users\Rebecca\AppData\Local\Temp\Desk365 Ordner Gelöscht : C:\Users\Rebecca\AppData\Local\Wajam Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\337 Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\BabSolution Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\Babylon Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\DealPly Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\Delta Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\Desk 365 Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\DSite Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\eIntaller ***** [Registrierungsdatenbank] ***** Daten Gelöscht : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider Schlüssel Gelöscht : HKCU\Software\BabSolution Schlüssel Gelöscht : HKCU\Software\DataMngr Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar Schlüssel Gelöscht : HKCU\Software\Delta Schlüssel Gelöscht : HKCU\Software\InstallCore Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Schlüssel Gelöscht : HKLM\Software\DataMngr Schlüssel Gelöscht : HKLM\Software\Delta Schlüssel Gelöscht : HKLM\Software\Desksvc Schlüssel Gelöscht : HKLM\Software\eSafeSecControl Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Schlüssel Gelöscht : HKLM\Software\qvo6Software Schlüssel Gelöscht : HKLM\Software\V9 Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\953d98cb46deb17 Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}] ***** [Internet Browser] ***** -\\ Internet Explorer v10.0.9200.16537 Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929 --> hxxp://www.google.com Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 --> hxxp://www.google.com Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 --> hxxp://www.google.com Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 --> hxxp://www.google.com Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 --> hxxp://www.google.com Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 --> hxxp://www.google.com -\\ Google Chrome v27.0.1453.116 Datei : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Preferences Gelöscht [l.2485] : homepage = "hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=BE7E12689D8647AA&affID=119357&t[...] Gelöscht [l.2894] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D86[...] ************************* AdwCleaner[S1].txt - [11921 octets] - [04/07/2013 18:32:12] ########## EOF - C:\AdwCleaner[S1].txt - [11982 octets] ########## FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013 Ran by Rebecca (administrator) on 04-07-2013 18:25:35 Running from C:\Users\Rebecca\Desktop Windows 8 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe (Wsys Co., Ltd.) C:\ProgramData\eSafe\eSafeSvc.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\Omiga Plus\omigaplus.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Dropbox, Inc.) C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" [64640 2012-09-14] () HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [BackupPCFiles.Agent] "C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe" [249472 2013-05-07] (Bright Access) HKCU\...\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-12-19] () HKCU\...\Run: [Google Update] "C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-05-28] (Google Inc.) HKCU\...\Run: [Omiga Plus] "C:\Program Files (x86)\Omiga Plus\omigaplus.exe" /autorun [1361576 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.) MountPoints2: {72078e76-49c9-11e2-be69-806e6f6e6963} - "D:\SETUP.EXE" /AUTORUN HKLM-x32\...\Run: [LManager] [x] HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart [508656 2012-07-25] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-09-12] (Alcor Micro Corp.) HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [24504 2012-10-25] (Kaspersky Lab ZAO) HKU\Default\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated) HKU\Default User\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated) Startup: C:\ProgramData\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com HKLM SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com HKLM-x32 SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com HKCU SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com SearchScopes: HKCU - {6F9161DA-7B64-4BA1-9C95-27EBF8F95363} URL = BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com) Handler: msdaipp - No CLSID Value - Handler-x32: msdaipp - No CLSID Value - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Chrome: ======= CHR HomePage: hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929 CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929" CHR DefaultSearchURL: (Ecosia) - hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch CHR DefaultSuggestURL: (Ecosia) - hxxp://ecosia.org/ajax/searchsuggestions.php?q={searchTerms}&addon=opensearch CHR Plugin: (Shockwave Flash) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll () CHR Plugin: (Google Update) - C:\Users\Rebecca\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Kaspersky URL Advisor) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0 CHR Extension: (Emma Bridgewater) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennchkafgbngcmjcbbicbobbdomhmklc\2_0 CHR Extension: (Delta Toolbar) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0 CHR Extension: (Safe Money) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0 CHR Extension: (Content Blocker) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0 CHR Extension: (Virtual Keyboard) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0 CHR Extension: (Wajam) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0 CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR Extension: (Anti-Banner) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0 ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-05-28] (Adobe Systems) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-28] (Kaspersky Lab ZAO) R2 BackupPCFilesService; C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe [67712 2013-05-07] (Bright Access) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated) R2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [201376 2012-06-08] (Conexant Systems Inc.) S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-09-21] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [85904 2012-09-05] (ELAN Microelectronics Corp.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation) R2 omigaplussvc; C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe [424104 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-19] (Dritek System INC.) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation) R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.) R2 WsysSvc; C:\ProgramData\eSafe\eSafeSvc.exe [386112 2013-07-04] (Wsys Co., Ltd.) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-09-10] (Atheros) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [x] ==================== Drivers (Whitelisted) ==================== R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-05-28] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29016 2013-05-28] (Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-28] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-05-28] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-19] (Dritek System Inc.) S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-04 17:59 - 2013-07-04 18:13 - 00000000 ____D C:\Program Files (x86)\WinZipper 2013-07-04 17:59 - 2013-07-04 18:13 - 00000000 ____D C:\Program Files (x86)\Omiga Plus 2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WinZipper 2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Omiga Plus 2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\337 2013-07-02 23:06 - 2013-07-02 23:06 - 00008838 ____A C:\Users\Rebecca\Desktop\songt.odt 2013-07-02 20:09 - 2013-07-02 20:09 - 00026558 ____A C:\Users\Rebecca\Desktop\Addition.txt 2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST 2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk 2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe 2013-07-01 20:01 - 2013-07-04 18:16 - 00000000 ____D C:\ProgramData\eSafe 2013-07-01 20:01 - 2013-07-04 17:58 - 00000000 ____D C:\Program Files (x86)\Desk 365 2013-07-01 20:01 - 2013-07-02 20:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365 2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-01 20:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-07-01 20:00 - 2013-07-02 23:10 - 00000000 ____A C:\END 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam 2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe 2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller 2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations 2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe 2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt 2013-06-30 21:04 - 2013-07-01 13:20 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT 2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe 2013-06-30 14:05 - 2013-07-04 18:01 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta 2013-06-30 14:05 - 2011-10-04 22:43 - 00087552 ____A C:\Windows\System32\custmon64i.dll 2013-06-30 14:04 - 2013-07-04 18:09 - 00000326 ____A C:\Windows\Tasks\DSite.job 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-06-30 14:03 - 2013-06-30 14:04 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe 2013-06-29 14:50 - 2013-06-29 14:51 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp 2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP 2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump 2013-06-24 23:45 - 2013-06-24 23:46 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-24 16:14 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2013-06-24 16:14 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll 2013-06-22 21:53 - 2013-06-22 21:54 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner 2013-06-22 21:45 - 2013-06-22 22:05 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama 2013-06-21 22:41 - 2013-06-28 19:06 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig 2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase 2013-06-21 22:37 - 2013-06-21 23:16 - 00000538 ____A C:\Windows\DirectX.log 2013-06-21 22:37 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll 2013-06-21 22:37 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2013-06-21 22:37 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll 2013-06-21 22:37 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase 2013-06-21 22:07 - 2013-06-21 22:26 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi 2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2013-06-21 13:45 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll 2013-06-21 13:45 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2013-06-21 13:44 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2013-06-21 13:44 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-06-21 13:44 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll 2013-06-21 13:44 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-06-21 13:44 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe 2013-06-21 13:44 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll 2013-06-21 13:44 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe 2013-06-21 13:44 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2013-06-21 13:44 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe 2013-06-21 13:44 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS 2013-06-21 13:44 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys 2013-06-21 13:44 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS 2013-06-21 13:44 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2013-06-21 13:44 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll 2013-06-21 13:44 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl 2013-06-21 13:44 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe 2013-06-21 13:44 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2013-06-21 13:44 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll 2013-06-21 13:44 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl 2013-06-21 13:44 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs 2013-06-21 13:44 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys 2013-06-21 13:44 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys 2013-06-21 13:44 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys 2013-06-21 13:44 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs 2013-06-21 13:44 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml 2013-06-21 13:44 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-06-21 13:44 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-06-21 13:44 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-06-21 13:44 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe 2013-06-21 13:44 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-06-21 13:44 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2013-06-21 13:44 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2013-06-21 13:43 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-21 13:43 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-21 13:43 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-06-21 13:43 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-21 13:43 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-21 13:43 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-21 13:43 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2013-06-21 13:42 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-06-21 13:42 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll 2013-06-21 13:42 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-21 13:42 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-21 13:42 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-21 13:42 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-21 13:42 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-06-21 13:42 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-20 22:52 - 2013-06-20 23:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi 2013-06-13 22:06 - 2013-06-13 22:07 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip 2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe 2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe 2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe 2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink 2013-06-10 11:57 - 2013-06-06 08:31 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk 2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT 2013-06-08 13:43 - 2013-06-08 13:44 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd 2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-06-06 18:32 - 2013-07-04 18:14 - 00000000 ___RD C:\Users\Rebecca\Dropbox 2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk 2013-06-06 18:26 - 2013-07-04 18:14 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox 2013-06-06 18:24 - 2013-06-06 18:25 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe 2013-06-05 19:21 - 2013-06-30 14:43 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps 2013-06-05 19:20 - 2013-06-05 19:21 - 00000000 ____D C:\ProgramData\BackupPCFiles 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles 2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe 2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk 2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip 2013-06-04 22:59 - 2013-06-06 14:22 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt 2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt 2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys 2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys ==================== One Month Modified Files and Folders ======= 2013-07-04 18:18 - 2012-12-19 21:40 - 00753134 ____A C:\Windows\System32\perfh007.dat 2013-07-04 18:18 - 2012-12-19 21:40 - 00155826 ____A C:\Windows\System32\perfc007.dat 2013-07-04 18:18 - 2012-07-26 09:28 - 01035242 ____A C:\Windows\System32\PerfStringBackup.INI 2013-07-04 18:16 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe 2013-07-04 18:14 - 2013-06-06 18:32 - 00000000 ___RD C:\Users\Rebecca\Dropbox 2013-07-04 18:14 - 2013-06-06 18:26 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox 2013-07-04 18:14 - 2013-05-28 17:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-07-04 18:13 - 2013-07-04 17:59 - 00000000 ____D C:\Program Files (x86)\WinZipper 2013-07-04 18:13 - 2013-07-04 17:59 - 00000000 ____D C:\Program Files (x86)\Omiga Plus 2013-07-04 18:10 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-07-04 18:09 - 2013-06-30 14:04 - 00000326 ____A C:\Windows\Tasks\DSite.job 2013-07-04 18:09 - 2012-10-30 05:34 - 00029072 ____A C:\Windows\PFRO.log 2013-07-04 18:09 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI 2013-07-04 18:01 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-07-04 18:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru 2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WinZipper 2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Omiga Plus 2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\337 2013-07-04 17:58 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Desk 365 2013-07-04 17:58 - 2013-05-28 17:48 - 00001160 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job 2013-07-04 17:58 - 2013-05-28 17:48 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job 2013-07-04 17:58 - 2011-06-11 01:58 - 00773800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll 2013-07-04 17:58 - 2011-06-11 01:58 - 00421032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll 2013-07-04 17:50 - 2013-05-28 16:12 - 02027995 ____A C:\Windows\WindowsUpdate.log 2013-07-02 23:10 - 2013-07-01 20:00 - 00000000 ____A C:\END 2013-07-02 23:06 - 2013-07-02 23:06 - 00008838 ____A C:\Users\Rebecca\Desktop\songt.odt 2013-07-02 20:09 - 2013-07-02 20:09 - 00026558 ____A C:\Users\Rebecca\Desktop\Addition.txt 2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST 2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk 2013-07-02 20:05 - 2013-05-29 23:12 - 00035840 __ASH C:\Users\Rebecca\Downloads\Thumbs.db 2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe 2013-07-02 20:04 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365 2013-07-02 19:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam 2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe 2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller 2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations 2013-07-01 19:45 - 2013-05-28 16:12 - 00000000 ____D C:\users\Rebecca 2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe 2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt 2013-07-01 16:26 - 2013-06-03 23:06 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign 2013-07-01 13:20 - 2013-06-30 21:04 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT 2013-07-01 12:32 - 2012-10-30 06:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-06-30 14:43 - 2013-06-05 19:21 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps 2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:03 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe 2013-06-29 14:51 - 2013-06-29 14:50 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp 2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP 2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump 2013-06-28 19:06 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig 2013-06-26 17:37 - 2013-05-28 18:39 - 00371712 __ASH C:\Users\Rebecca\Desktop\Thumbs.db 2013-06-24 23:46 - 2013-06-24 23:45 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-24 23:21 - 2013-05-30 00:04 - 00000000 ____D C:\Users\Rebecca\Documents\Forte 2013-06-24 17:09 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache 2013-06-24 16:56 - 2013-05-30 10:16 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism 2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism 2013-06-22 22:05 - 2013-06-22 21:45 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama 2013-06-22 21:54 - 2013-06-22 21:53 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner 2013-06-22 21:43 - 2012-07-26 09:21 - 00032675 ____A C:\Windows\setupact.log 2013-06-21 23:16 - 2013-06-21 22:37 - 00000538 ____A C:\Windows\DirectX.log 2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase 2013-06-21 22:26 - 2013-06-21 22:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi 2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2013-06-20 23:07 - 2013-06-20 22:52 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi 2013-06-13 22:07 - 2013-06-13 22:06 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip 2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe 2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe 2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe 2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink 2013-06-10 12:04 - 2012-12-19 13:32 - 00000000 ____D C:\ProgramData\CyberLink 2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT 2013-06-10 11:51 - 2013-05-28 16:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\VirtualStore 2013-06-08 13:44 - 2013-06-08 13:43 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd 2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk 2013-06-06 18:25 - 2013-06-06 18:24 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe 2013-06-06 14:22 - 2013-06-04 22:59 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt 2013-06-06 13:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF 2013-06-06 08:31 - 2013-06-10 11:57 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk 2013-06-05 19:21 - 2013-06-05 19:20 - 00000000 ____D C:\ProgramData\BackupPCFiles 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles 2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe 2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk 2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip 2013-06-05 00:09 - 2013-06-01 15:33 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-06-05 00:09 - 2013-06-01 15:33 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt 2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys 2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-07-01 13:23 ==================== End Of Log ============================ |
04.07.2013, 17:58 | #7 |
/// TB-Ausbilder | Plötzlich langsames Internet und viel Werbung Bitte die Schritte immer in der angegebenen Reihenfolge abarbeiten - sonst macht es keinen Sinn.. Mach nochmals einen neuen FRST-Scan: Starte noch einmal FRST.
__________________ cheers, Leo |
04.07.2013, 18:10 | #8 |
| Plötzlich langsames Internet und viel Werbung Habe ich etwas nicht in der Richtigen Reihenfolge gemacht? UPS... Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013 Ran by Rebecca (administrator) on 04-07-2013 19:04:27 Running from C:\Users\Rebecca\Desktop Windows 8 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe (Wsys Co., Ltd.) C:\ProgramData\eSafe\eSafeSvc.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Microsoft Corporation) C:\Windows\system32\dashost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.CppProxyServer.exe (Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\Omiga Plus\omigaplus.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dropbox, Inc.) C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe HKLM\...\Run: [BackupPCFiles.Agent] "C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe" [249472 2013-05-07] (Bright Access) HKCU\...\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-12-19] () HKCU\...\Run: [Google Update] "C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-05-28] (Google Inc.) HKCU\...\Run: [Omiga Plus] "C:\Program Files (x86)\Omiga Plus\omigaplus.exe" /autorun [1361576 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.) MountPoints2: {72078e76-49c9-11e2-be69-806e6f6e6963} - "D:\SETUP.EXE" /AUTORUN HKLM-x32\...\Run: [LManager] [x] HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart [508656 2012-07-25] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-09-12] (Alcor Micro Corp.) HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [24504 2012-10-25] (Kaspersky Lab ZAO) HKU\Default\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated) HKU\Default User\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated) Startup: C:\ProgramData\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com SearchScopes: HKCU - {6F9161DA-7B64-4BA1-9C95-27EBF8F95363} URL = BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Handler: msdaipp - No CLSID Value - Handler-x32: msdaipp - No CLSID Value - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Chrome: ======= CHR DefaultSearchURL: (Ecosia) - hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch CHR DefaultSuggestURL: (Ecosia) - hxxp://ecosia.org/ajax/searchsuggestions.php?q={searchTerms}&addon=opensearch CHR Extension: (Kaspersky URL Advisor) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0 CHR Extension: (Safe Money) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0 CHR Extension: (Content Blocker) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0 CHR Extension: (Virtual Keyboard) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0 CHR Extension: (Anti-Banner) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0 ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-05-28] (Adobe Systems) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-28] (Kaspersky Lab ZAO) R2 BackupPCFilesService; C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe [67712 2013-05-07] (Bright Access) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated) R2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [201376 2012-06-08] (Conexant Systems Inc.) S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-09-21] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [85904 2012-09-05] (ELAN Microelectronics Corp.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation) R2 omigaplussvc; C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe [424104 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-19] (Dritek System INC.) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation) R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.) R2 WsysSvc; C:\ProgramData\eSafe\eSafeSvc.exe [386112 2013-07-04] (Wsys Co., Ltd.) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-09-10] (Atheros) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [x] ==================== Drivers (Whitelisted) ==================== R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-05-28] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29016 2013-05-28] (Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-28] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-05-28] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-19] (Dritek System Inc.) S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-04 18:32 - 2013-07-04 18:33 - 00012014 ____A C:\AdwCleaner[S1].txt 2013-07-04 18:32 - 2013-07-04 18:33 - 00000088 ____A C:\Windows\DeleteOnReboot.bat 2013-07-04 18:30 - 2013-07-04 18:30 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (2).exe 2013-07-04 18:30 - 2013-07-04 18:30 - 00650027 ____A C:\Users\Rebecca\Downloads\adwcleaner.exe 2013-07-04 17:59 - 2013-07-04 18:37 - 00000000 ____D C:\Program Files (x86)\WinZipper 2013-07-04 17:59 - 2013-07-04 18:37 - 00000000 ____D C:\Program Files (x86)\Omiga Plus 2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WinZipper 2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Omiga Plus 2013-07-02 23:06 - 2013-07-02 23:06 - 00008838 ____A C:\Users\Rebecca\Desktop\songt.odt 2013-07-02 20:09 - 2013-07-02 20:09 - 00026558 ____A C:\Users\Rebecca\Desktop\Addition.txt 2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST 2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk 2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe 2013-07-01 20:01 - 2013-07-04 18:38 - 00000000 ____D C:\ProgramData\eSafe 2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-01 20:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe 2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations 2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe 2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt 2013-06-30 21:04 - 2013-07-01 13:20 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT 2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe 2013-06-30 14:05 - 2013-07-04 18:01 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS 2013-06-30 14:05 - 2011-10-04 22:43 - 00087552 ____A C:\Windows\System32\custmon64i.dll 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-06-30 14:03 - 2013-06-30 14:04 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe 2013-06-29 14:50 - 2013-06-29 14:51 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp 2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP 2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump 2013-06-24 23:45 - 2013-06-24 23:46 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-24 16:14 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2013-06-24 16:14 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll 2013-06-22 21:53 - 2013-06-22 21:54 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner 2013-06-22 21:45 - 2013-06-22 22:05 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama 2013-06-21 22:41 - 2013-06-28 19:06 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig 2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase 2013-06-21 22:37 - 2013-06-21 23:16 - 00000538 ____A C:\Windows\DirectX.log 2013-06-21 22:37 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll 2013-06-21 22:37 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll 2013-06-21 22:37 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll 2013-06-21 22:37 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase 2013-06-21 22:07 - 2013-06-21 22:26 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi 2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2013-06-21 13:45 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll 2013-06-21 13:45 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2013-06-21 13:44 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2013-06-21 13:44 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-06-21 13:44 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll 2013-06-21 13:44 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-06-21 13:44 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe 2013-06-21 13:44 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll 2013-06-21 13:44 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe 2013-06-21 13:44 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2013-06-21 13:44 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe 2013-06-21 13:44 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS 2013-06-21 13:44 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys 2013-06-21 13:44 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS 2013-06-21 13:44 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe 2013-06-21 13:44 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2013-06-21 13:44 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2013-06-21 13:44 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll 2013-06-21 13:44 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll 2013-06-21 13:44 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll 2013-06-21 13:44 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl 2013-06-21 13:44 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe 2013-06-21 13:44 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2013-06-21 13:44 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2013-06-21 13:44 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll 2013-06-21 13:44 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll 2013-06-21 13:44 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll 2013-06-21 13:44 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl 2013-06-21 13:44 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs 2013-06-21 13:44 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys 2013-06-21 13:44 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys 2013-06-21 13:44 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys 2013-06-21 13:44 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs 2013-06-21 13:44 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml 2013-06-21 13:44 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-06-21 13:44 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-06-21 13:44 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-06-21 13:44 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe 2013-06-21 13:44 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-06-21 13:44 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2013-06-21 13:44 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2013-06-21 13:43 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-21 13:43 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-21 13:43 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-06-21 13:43 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-21 13:43 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-21 13:43 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-21 13:43 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-21 13:43 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-21 13:43 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2013-06-21 13:42 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2013-06-21 13:42 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll 2013-06-21 13:42 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-21 13:42 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-21 13:42 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-21 13:42 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-21 13:42 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-21 13:42 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-06-21 13:42 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-20 22:52 - 2013-06-20 23:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi 2013-06-13 22:06 - 2013-06-13 22:07 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip 2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe 2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe 2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe 2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink 2013-06-10 11:57 - 2013-06-06 08:31 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk 2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT 2013-06-08 13:43 - 2013-06-08 13:44 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd 2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-06-06 18:32 - 2013-07-04 18:43 - 00000000 ___RD C:\Users\Rebecca\Dropbox 2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk 2013-06-06 18:26 - 2013-07-04 18:43 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox 2013-06-06 18:24 - 2013-06-06 18:25 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe 2013-06-05 19:21 - 2013-06-30 14:43 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps 2013-06-05 19:20 - 2013-06-05 19:21 - 00000000 ____D C:\ProgramData\BackupPCFiles 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles 2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe 2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk 2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip 2013-06-04 22:59 - 2013-06-06 14:22 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt 2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt 2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys 2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys ==================== One Month Modified Files and Folders ======= 2013-07-04 19:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru 2013-07-04 18:58 - 2013-05-28 17:48 - 00001160 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job 2013-07-04 18:55 - 2013-05-28 16:12 - 01052105 ____A C:\Windows\WindowsUpdate.log 2013-07-04 18:55 - 2013-05-28 16:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Packages 2013-07-04 18:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-07-04 18:44 - 2013-05-28 17:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-07-04 18:43 - 2013-06-06 18:32 - 00000000 ___RD C:\Users\Rebecca\Dropbox 2013-07-04 18:43 - 2013-06-06 18:26 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox 2013-07-04 18:40 - 2012-12-19 21:40 - 00753134 ____A C:\Windows\System32\perfh007.dat 2013-07-04 18:40 - 2012-12-19 21:40 - 00155826 ____A C:\Windows\System32\perfc007.dat 2013-07-04 18:40 - 2012-07-26 09:28 - 01035242 ____A C:\Windows\System32\PerfStringBackup.INI 2013-07-04 18:38 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe 2013-07-04 18:37 - 2013-07-04 17:59 - 00000000 ____D C:\Program Files (x86)\WinZipper 2013-07-04 18:37 - 2013-07-04 17:59 - 00000000 ____D C:\Program Files (x86)\Omiga Plus 2013-07-04 18:34 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-07-04 18:34 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI 2013-07-04 18:33 - 2013-07-04 18:32 - 00012014 ____A C:\AdwCleaner[S1].txt 2013-07-04 18:33 - 2013-07-04 18:32 - 00000088 ____A C:\Windows\DeleteOnReboot.bat 2013-07-04 18:30 - 2013-07-04 18:30 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (2).exe 2013-07-04 18:30 - 2013-07-04 18:30 - 00650027 ____A C:\Users\Rebecca\Downloads\adwcleaner.exe 2013-07-04 18:09 - 2012-10-30 05:34 - 00029072 ____A C:\Windows\PFRO.log 2013-07-04 18:01 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WinZipper 2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Omiga Plus 2013-07-04 17:58 - 2013-05-28 17:48 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job 2013-07-04 17:58 - 2011-06-11 01:58 - 00773800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll 2013-07-04 17:58 - 2011-06-11 01:58 - 00421032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll 2013-07-02 23:06 - 2013-07-02 23:06 - 00008838 ____A C:\Users\Rebecca\Desktop\songt.odt 2013-07-02 20:09 - 2013-07-02 20:09 - 00026558 ____A C:\Users\Rebecca\Desktop\Addition.txt 2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST 2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk 2013-07-02 20:05 - 2013-05-29 23:12 - 00035840 __ASH C:\Users\Rebecca\Downloads\Thumbs.db 2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe 2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe 2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax 2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations 2013-07-01 19:45 - 2013-05-28 16:12 - 00000000 ____D C:\users\Rebecca 2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe 2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages 2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt 2013-07-01 16:26 - 2013-06-03 23:06 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign 2013-07-01 13:20 - 2013-06-30 21:04 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT 2013-07-01 12:32 - 2012-10-30 06:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-06-30 14:43 - 2013-06-05 19:21 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps 2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-06-30 14:04 - 2013-06-30 14:03 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe 2013-06-29 14:51 - 2013-06-29 14:50 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp 2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP 2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump 2013-06-28 19:06 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig 2013-06-26 17:37 - 2013-05-28 18:39 - 00371712 __ASH C:\Users\Rebecca\Desktop\Thumbs.db 2013-06-24 23:46 - 2013-06-24 23:45 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-24 23:21 - 2013-05-30 00:04 - 00000000 ____D C:\Users\Rebecca\Documents\Forte 2013-06-24 17:09 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache 2013-06-24 16:56 - 2013-05-30 10:16 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism 2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism 2013-06-22 22:05 - 2013-06-22 21:45 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama 2013-06-22 21:54 - 2013-06-22 21:53 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner 2013-06-22 21:43 - 2012-07-26 09:21 - 00032675 ____A C:\Windows\setupact.log 2013-06-21 23:16 - 2013-06-21 22:37 - 00000538 ____A C:\Windows\DirectX.log 2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase 2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase 2013-06-21 22:26 - 2013-06-21 22:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi 2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2013-06-20 23:07 - 2013-06-20 22:52 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi 2013-06-13 22:07 - 2013-06-13 22:06 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip 2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe 2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe 2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe 2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe 2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink 2013-06-10 12:04 - 2012-12-19 13:32 - 00000000 ____D C:\ProgramData\CyberLink 2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT 2013-06-10 11:51 - 2013-05-28 16:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\VirtualStore 2013-06-08 13:44 - 2013-06-08 13:43 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd 2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk 2013-06-06 18:25 - 2013-06-06 18:24 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe 2013-06-06 14:22 - 2013-06-04 22:59 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt 2013-06-06 13:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF 2013-06-06 08:31 - 2013-06-10 11:57 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk 2013-06-05 19:21 - 2013-06-05 19:20 - 00000000 ____D C:\ProgramData\BackupPCFiles 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder 2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles 2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe 2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk 2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip 2013-06-05 00:09 - 2013-06-01 15:33 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-06-05 00:09 - 2013-06-01 15:33 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt 2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys 2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-07-01 13:23 ==================== End Of Log ============================ |
04.07.2013, 18:28 | #9 |
/// TB-Ausbilder | Plötzlich langsames Internet und viel Werbung Ja jetzt passt es. Ist es jetzt besser mit der Werbung beim Surfen? Schritt 1 Drücke die + R Taste und schreibe "notepad" in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument: Code:
ATTFilter 2013-07-04 18:01 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions Task: C:\Windows\Tasks\Lyrics Finder Update.job => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe Task: C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe Task: {F5A4610D-2FEC-4082-813C-A8AEC624A0CC} - System32\Tasks\DealPly => C:\Users\Rebecca\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE [2013-02-27] () Task: {C58FC3F8-DAA2-47F0-BB5B-E8D81A0C665D} - System32\Tasks\Plus-HD-2.3-updater => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-06-30] (Plus HD) Task: {B47EFA2E-0FE7-4AFF-8E2B-BFA2ADE9EFC8} - System32\Tasks\Plus-HD-2.3-enabler => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-06-30] (Plus HD) Task: {97AA14A9-112E-414D-8F8C-6AB25A9304D1} - System32\Tasks\Plus-HD-2.3-codedownloader => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-06-30] (Plus HD) Task: {811429EB-54FC-493A-B3A0-9224A2195644} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe [2013-07-01] (337 Technology Limited.) Task: {4325F945-E652-4329-A43F-3650E7C361F8} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation) Task: {438139D7-1488-45CA-934F-366EB728C091} - System32\Tasks\DSite => C:\Users\Rebecca\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-07-01] () Task: {1F03B27A-8849-4E0F-83D9-DC9EDE51BA87} - System32\Tasks\DealPlyUpdate => C:\Program No File Task: {18FB23DC-658C-455C-BF77-BA77D70569DE} - System32\Tasks\Plus-HD-2.3-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe [2013-06-30] (Plus HD) Task: {01E27AC1-51E7-4717-9625-7C93C11E4ED4} - System32\Tasks\Lyrics Finder Update => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe [2013-02-27] (Nijad Software)
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Starte noch einmal FRST.
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
06.07.2013, 19:55 | #10 |
| Plötzlich langsames Internet und viel Werbung Hier der Schitt 1: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-07-2013 Ran by Rebecca at 2013-07-06 20:38:56 Run:1 Running from C:\Users\Rebecca\Desktop Boot Mode: Normal ============================================== C:\Program Files (x86)\Plus-HD-2.3 => Moved successfully. C:\Windows\SysWOW64\searchplugins => Moved successfully. C:\Windows\SysWOW64\Extensions => Moved successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5A4610D-2FEC-4082-813C-A8AEC624A0CC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5A4610D-2FEC-4082-813C-A8AEC624A0CC} => Key deleted successfully. C:\Windows\System32\Tasks\DealPly => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C58FC3F8-DAA2-47F0-BB5B-E8D81A0C665D} => Key not found. C:\Windows\System32\Tasks\Plus-HD-2.3-updater not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.3-updater => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B47EFA2E-0FE7-4AFF-8E2B-BFA2ADE9EFC8} => Key not found. C:\Windows\System32\Tasks\Plus-HD-2.3-enabler not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.3-enabler => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97AA14A9-112E-414D-8F8C-6AB25A9304D1} => Key not found. C:\Windows\System32\Tasks\Plus-HD-2.3-codedownloader not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.3-codedownloader => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{811429EB-54FC-493A-B3A0-9224A2195644} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{811429EB-54FC-493A-B3A0-9224A2195644} => Key deleted successfully. C:\Windows\System32\Tasks\Desk 365 RunAsStdUser => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4325F945-E652-4329-A43F-3650E7C361F8} => Key not found. C:\Windows\System32\Tasks\BrowserDefendert not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{438139D7-1488-45CA-934F-366EB728C091} => Key not found. C:\Windows\System32\Tasks\DSite not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F03B27A-8849-4E0F-83D9-DC9EDE51BA87} => Key not found. C:\Windows\System32\Tasks\DealPlyUpdate not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18FB23DC-658C-455C-BF77-BA77D70569DE} => Key not found. C:\Windows\System32\Tasks\Plus-HD-2.3-chromeinstaller not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.3-chromeinstaller => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01E27AC1-51E7-4717-9625-7C93C11E4ED4} => Key not found. C:\Windows\System32\Tasks\Lyrics Finder Update not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lyrics Finder Update => Key not found. ==== End of Fixlog ==== In Schritt 2 habe ich das Programm installiert und auch über 'Administrator' geöffnet, aber es führt keinerlei Scan durch und es öffnet sich kein Dokument. Es erscheint nur ein Fenster (schwarz mit weißer Schrift): Ich soll eine beliebige Taste drücken und dann soll irgendwas passieren - passiert aber nichts. Es steht da nur: Creating a registery backup und checking startup |
06.07.2013, 21:15 | #11 |
/// TB-Ausbilder | Plötzlich langsames Internet und viel Werbung Ok, dann mach bitte mit Schritt 3 weiter.
__________________ cheers, Leo |
15.07.2013, 12:47 | #12 |
/// TB-Ausbilder | Plötzlich langsames Internet und viel Werbung Hi, ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe? Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos. Hinweis: Wir sind noch nicht fertig! Auch wenn die Symptome verschwunden sein sollten, kann dein System weiterhin infiziert sein und über Sicherheitslücken verfügen, welche eine erneute Infektion möglich machen.
__________________ cheers, Leo |
17.07.2013, 07:58 | #13 |
/// TB-Ausbilder | Plötzlich langsames Internet und viel Werbung Fehlende Rückmeldung Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten. Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
Themen zu Plötzlich langsames Internet und viel Werbung |
aufgetaucht, befinden, besuch, bizcoaching, dauert, installiert, interne, internet, internetseite, internetseiten, kaspersky, klicke, langsam, langsames, langsames internet, laptop, minute, minuten, plötzlich, probleme, programm, recht, schonmal, seite, seiten, viel werbung, werbeanzeigen, werbung, ändern, öffnet |