Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Plötzlich langsames Internet und viel Werbung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.07.2013, 22:25   #1
beccerie
 
Plötzlich langsames Internet und viel Werbung - Unglücklich

Plötzlich langsames Internet und viel Werbung



Hallo Trojaner-Board-Nutzer,
seit gestern ist mir aufgefallen, dass auf meinen regelmäßig besuchten Internetseiten plötzlich mehr und großflächigere Werbeanzeigen aufgetaucht sind. Außerdem ist mein Internet recht langsam. Manchmal dauert es einige Minuten um meine Seite aufzurufen.
Was mir auch aufgefallen ist: Seit gestern öffnet sich auch in regelmäßigen Abständen die Internetseite bizcoaching.info. (Immer wenn ich in die Google-Suchleiste klicke)

Vielen Dank schonmal im Vorraus!

(PS: Das Antvirenprogramm Kaspersky habe ich auf meinem Laptop installiert und auch schon
'durchlaufen' lassen. Kann aber wohl wenig ändern, da sich die Probleme nur im www befinden)

Alt 01.07.2013, 22:31   #2
aharonov
/// TB-Ausbilder
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Hallo,

dann suchen wir doch die Verursacher:


Downloade dir bitte die für dein System passende Version (32-bit/64-bit) von Farbar Recovery Scan Tool (FRST) und speichere es auf den Desktop.
(Wenn du nicht sicher bist, welche du benötigst: Start -> Computer (Rechtsklick) -> Eigenschaften)
  • Starte dann FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.
__________________

__________________

Alt 02.07.2013, 19:13   #3
beccerie
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Vielen Dank für die schnelle Antwort

Installiert. Gescant. Das kam dabei raus...

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2013
Ran by Rebecca at 2013-07-02 20:09:17
Running from C:\Users\Rebecca\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

clear.fi SDK - Video 2 (x32 Version: 2.1.1925)
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008)
Acer Backup Manager (x32 Version: 4.0.0.0059)
Acer Device Fast-lane (Version: 1.00.3008)
Acer Instant Update Service (Version: 1.00.3013)
Acer Power Management (Version: 7.00.3007)
Acer Recovery Management (Version: 6.00.3011)
AcerCloud (x32 Version: 2.01.3115)
AcerCloud Docs (x32 Version: 1.00.3201)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Illustrator CS2 (x32 Version: 12.000.000)
Adobe InDesign CS2 (x32 Version: 004.000.000)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Adobe SVG Viewer 3.0 (x32 Version: 3.0)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Alcor Micro USB Card Reader (x32 Version: 3.5.42.61532)
Aloha TriPeaks (x32 Version: 2.2.0.98)
AMD Accelerated Video Transcoding (Version: 12.5.100.20918)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Quick Stream (Version: 3.3.26.0)
AMD VISION Engine Control Center (x32 Version: 2012.0918.260.3365)
Backup Manager v4 (x32 Version: 4.0.0.0059)
BackupPCFiles 1.0.0.676 (x32 Version: 1.0.0.676)
Bejeweled 3 (x32 Version: 2.2.0.98)
BrowserDefender (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0918.260.3365)
Catalyst Control Center InstallProxy (x32 Version: 2012.0918.260.3365)
Catalyst Control Center Localization All (x32 Version: 2012.0918.260.3365)
CCC Help Chinese Standard (x32 Version: 2012.0918.0259.3365)
CCC Help Chinese Traditional (x32 Version: 2012.0918.0259.3365)
CCC Help Czech (x32 Version: 2012.0918.0259.3365)
CCC Help Danish (x32 Version: 2012.0918.0259.3365)
CCC Help Dutch (x32 Version: 2012.0918.0259.3365)
CCC Help English (x32 Version: 2012.0918.0259.3365)
CCC Help Finnish (x32 Version: 2012.0918.0259.3365)
CCC Help French (x32 Version: 2012.0918.0259.3365)
CCC Help German (x32 Version: 2012.0918.0259.3365)
CCC Help Greek (x32 Version: 2012.0918.0259.3365)
CCC Help Hungarian (x32 Version: 2012.0918.0259.3365)
CCC Help Italian (x32 Version: 2012.0918.0259.3365)
CCC Help Japanese (x32 Version: 2012.0918.0259.3365)
CCC Help Korean (x32 Version: 2012.0918.0259.3365)
CCC Help Norwegian (x32 Version: 2012.0918.0259.3365)
CCC Help Polish (x32 Version: 2012.0918.0259.3365)
CCC Help Portuguese (x32 Version: 2012.0918.0259.3365)
CCC Help Russian (x32 Version: 2012.0918.0259.3365)
CCC Help Spanish (x32 Version: 2012.0918.0259.3365)
CCC Help Swedish (x32 Version: 2012.0918.0259.3365)
CCC Help Thai (x32 Version: 2012.0918.0259.3365)
CCC Help Turkish (x32 Version: 2012.0918.0259.3365)
ccc-utility64 (Version: 2012.0918.260.3365)
clear.fi Media (x32 Version: 2.01.3108)
clear.fi Photo (x32 Version: 2.01.3108)
Conexant HD Audio (Version: 8.54.44.51)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819)
DealPly (HKCU)
DealPly (remove only) (x32 Version: 4.8.6.1)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98)
Delta Chrome Toolbar (x32)
Delta toolbar (x32 Version: 1.8.21.5)
Desk 365 (x32 Version: 1.12.16)
Dropbox (HKCU Version: 2.0.26)
eSafe Security Control 1.0.0.2522 (x32 Version: 1.0.0.2522)
ETDWare PS/2-X64 11.6.9.001_WHQL (Version: 11.6.9.001)
FORTE 4 - Free Edition (x32 Version: 4)
Google Chrome (HKCU Version: 27.0.1453.116)
Identity Card (x32 Version: 2.00.3004)
Island Tribe (x32 Version: 2.2.0.98)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190)
Launch Manager (x32 Version: 7.0.4)
Live Updater (x32 Version: 2.00.3004)
Ludwig 3.0 (x32 Version: 3.0.0.1)
Lyrics Finder (x32)
Magic Academy (x32 Version: 2.2.0.98)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.5614.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
MyWinLocker (Version: 4.0.14.35)
MyWinLocker 4 (x32 Version: 4.0.14.35)
MyWinLocker Suite (x32 Version: 4.0.14.24)
NTI Media Maker 9 (x32 Version: 9.0.2.9008)
Office Addin (x32 Version: 2.01.3200)
Open It! (x32 Version: 1.1.1)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PC Speed Maximizer v3.1 (x32 Version: 3.1)
PDF Creator
PDF Writer Packages (HKCU)
PDF Writer Packages 11 (HKCU)
Penguins! (x32 Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Plus-HD-2.3 (x32 Version: 1.27.153.5)
Polar Bowler (x32 Version: 2.2.0.97)
Qtrax Player (HKCU)
Qtrax Player (x32 Version: 01.001.0001)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.209)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.13)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Spotify (x32 Version: 0.8.4.99.ga249b5f1)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update for Zip Opener (HKCU)
Update Installer for WildTangent Games App (x32)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
Wajam (x32 Version: 1.80)
WebCake 3.00 (Version: 3.00)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.3)
Zip Opener Packages (HKCU)
Zuma's Revenge (x32 Version: 2.2.0.98)

==================== Restore Points =========================

15-06-2013 22:32:54 Geplanter Prüfpunkt
20-06-2013 21:48:08 Installed Ludwig 3.0
24-06-2013 14:54:34 Windows Update
01-07-2013 10:32:01 Entfernt Atheros Communications Inc.(R) AR81Family Gigabit/Fast
R] a

==================== Scheduled Tasks (whitelisted) =============

Task: {01E27AC1-51E7-4717-9625-7C93C11E4ED4} - System32\Tasks\Lyrics Finder Update => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe [2013-02-27] (Nijad Software)
Task: {0DA8A6C4-DBE8-4CD0-9040-E30851CBA3AB} - System32\Tasks\Task BackupPCFiles => C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.TaskScheduler.exe [2013-05-07] ()
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {14B1518E-6B39-43F0-A52F-060AEA10D43B} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {18FB23DC-658C-455C-BF77-BA77D70569DE} - System32\Tasks\Plus-HD-2.3-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe [2013-06-30] (Plus HD)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {1F03B27A-8849-4E0F-83D9-DC9EDE51BA87} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {21ED3BFC-DE3D-41C8-BA2E-F3F2C483CF56} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3EC330FC-D164-4C37-A4BC-3F2E1A68BBEF} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4265992392-2356816179-987210788-1001
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {4325F945-E652-4329-A43F-3650E7C361F8} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {438139D7-1488-45CA-934F-366EB728C091} - System32\Tasks\DSite => C:\Users\Rebecca\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-07-01] ()
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5180FB42-F2E8-46AE-849A-80ECFFE7378C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-28] (Google Inc.)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5FC99E41-E598-4E05-8BD2-B6C406A4B143} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {66B9B946-72B9-44A0-9BC4-01D5D339A575} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4265992392-2356816179-987210788-500
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6EA08B46-1BC2-44E2-8526-3DFAA4F35328} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {738A0A7B-DF1F-4504-A16A-693C0CD28CC8} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {811429EB-54FC-493A-B3A0-9224A2195644} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe [2013-07-01] (337 Technology Limited.)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8EDE8B4F-7A00-4874-8D7D-D4494E095E47} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {97AA14A9-112E-414D-8F8C-6AB25A9304D1} - System32\Tasks\Plus-HD-2.3-codedownloader => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-06-30] (Plus HD)
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {99261903-B0ED-43FF-AB5F-8FF3D1F7B850} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {9F3C740E-EE05-44AF-A176-C59922E0CAD7} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-09-05] (Acer Incorporated)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B47EFA2E-0FE7-4AFF-8E2B-BFA2ADE9EFC8} - System32\Tasks\Plus-HD-2.3-enabler => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-06-30] (Plus HD)
Task: {B531D19A-AEC0-4033-A15D-7B33322EB871} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-01-24] (Microsoft Corporation)
Task: {BA190B70-E058-4BC9-8055-E195A362F3BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-28] (Google Inc.)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C58FC3F8-DAA2-47F0-BB5B-E8D81A0C665D} - System32\Tasks\Plus-HD-2.3-updater => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-06-30] (Plus HD)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {CAB8603B-DCA4-4547-9118-16234BA63063} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DABD0657-CC02-40B6-81E9-DB2C050FB0F5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {E954CD40-1946-41D6-9433-7A645461C41A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {EC770716-0E38-4F87-A0FF-35C505AF56FD} - System32\Tasks\EPUpdater => C:\Users\Rebecca\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {EE620C39-9B11-4442-870C-8BE6759866A5} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {F5A4610D-2FEC-4082-813C-A8AEC624A0CC} - System32\Tasks\DealPly => C:\Users\Rebecca\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE [2013-02-27] ()
Task: C:\Windows\Tasks\DSite.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics Finder Update.job => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/01/2013 00:56:35 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (06/30/2013 02:43:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: EvernoteMetro.exe, Version: 0.0.0.0, Zeitstempel: 0x5138d27c
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 11.0.51106.1, Zeitstempel: 0x5098858e
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000748e8
ID des fehlerhaften Prozesses: 0x1908
Startzeit der fehlerhaften Anwendung: 0xEvernoteMetro.exe0
Pfad der fehlerhaften Anwendung: EvernoteMetro.exe1
Pfad des fehlerhaften Moduls: EvernoteMetro.exe2
Berichtskennung: EvernoteMetro.exe3
Vollständiger Name des fehlerhaften Pakets: EvernoteMetro.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EvernoteMetro.exe5

Error: (06/29/2013 02:51:44 PM) (Source: Perflib) (User: )
Description: rdyboost4

Error: (06/29/2013 02:51:44 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/29/2013 02:22:53 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c4c

Startzeit: 01ce74bde0db2c4e

Endzeit: 4294967295

Anwendungspfad: C:\Windows\system32\wwahost.exe

Berichts-ID: 979a9cb4-e0b6-11e2-be80-089e016dfe9a

Vollständiger Name des fehlerhaften Pakets: Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (06/29/2013 02:22:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ASUSASPIREV5551)
Description: Das Paket „Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (06/29/2013 02:23:32 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (06/28/2013 04:41:58 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (06/26/2013 05:19:34 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (06/25/2013 06:39:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ASUSASPIREV5551)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (06/29/2013 02:51:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/29/2013 02:51:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/29/2013 02:51:10 PM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa8012519880, 0xfffff80071708770, 0xfffffa8003ba2b10)C:\Windows\MEMORY.DMP062913-28470-01

Error: (06/29/2013 02:50:51 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?29.?06.?2013 um 14:08:29 unerwartet heruntergefahren.

Error: (06/24/2013 11:46:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/24/2013 11:46:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/24/2013 11:46:06 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?24.?06.?2013 um 23:36:30 unerwartet heruntergefahren.

Error: (06/24/2013 03:57:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/24/2013 03:57:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/18/2013 02:58:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (07/01/2013 00:56:35 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (06/30/2013 02:43:18 PM) (Source: Application Error)(User: )
Description: EvernoteMetro.exe0.0.0.05138d27cMSVCR110.dll11.0.51106.15098858ec0000409000748e8190801ce758f618dc374C:\Program Files\WindowsApps\Evernote.Evernote_1.1.2.8_x86__q4d96b2w5wcc2\EvernoteMetro.exeC:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.51106.1_x86__8wekyb3d8bbwe\MSVCR110.dlla3057e24-e182-11e2-be81-089e016dfe9aEvernote.Evernote_1.1.2.8_x86__q4d96b2w5wcc2App

Error: (06/29/2013 02:51:44 PM) (Source: Perflib)(User: )
Description: rdyboost4

Error: (06/29/2013 02:51:44 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/29/2013 02:22:53 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.2.9200.164201c4c01ce74bde0db2c4e4294967295C:\Windows\system32\wwahost.exe979a9cb4-e0b6-11e2-be80-089e016dfe9aEvernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2App

Error: (06/29/2013 02:22:40 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ASUSASPIREV5551)
Description: Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2

Error: (06/29/2013 02:23:32 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (06/28/2013 04:41:58 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (06/26/2013 05:19:34 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (06/25/2013 06:39:44 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ASUSASPIREV5551)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147023170


==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 3530.26 MB
Available physical RAM: 1420.64 MB
Total Pagefile: 7114.26 MB
Available Pagefile: 4281.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.45 GB) (Free:391.85 GB) NTFS (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: EE83A1CF)

Partition: GPT Partition Type
==================== End Of Log ============================

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013
Ran by Rebecca (administrator) on 02-07-2013 20:08:07
Running from C:\Users\Rebecca\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.CppProxyServer.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dropbox, Inc.) C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe
(WebCake LLC) C:\Users\Rebecca\AppData\Roaming\WebCake\WebCakeDesktop.exe
(WebCake LLC) C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
(337 Technology Limited.) C:\Program Files (x86)\Desk 365\deskSvc.exe
(337 Technology Limited.) C:\Program Files (x86)\Desk 365\desk365.exe
(eSafe Security Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Plus HD) C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" [64640 2012-09-14] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [BackupPCFiles.Agent] "C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe" [249472 2013-05-07] (Bright Access)
HKLM-x32\...\Runonce: [Del83630185] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\Runonce: [Del83641683] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-12-19] ()
HKCU\...\Run: [Google Update] "C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-05-28] (Google Inc.)
HKCU\...\Run: [WebCake Desktop] "C:\Users\Rebecca\AppData\Roaming\WebCake\WebCakeDesktop.exe" [47896 2013-06-21] (WebCake LLC)
HKCU\...\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [134456 2013-03-09] (Smart PC Solutions)
HKCU\...\Run: [Desk 365] "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun [916048 2013-07-01] (337 Technology Limited.)
HKCU\...\Runonce: [Del83630185] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x]
HKCU\...\Runonce: [Del83641683] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x]
HKCU\...\Runonce: [Qtrax] C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe 2902046931.portal.qtrax.com [x]
MountPoints2: {72078e76-49c9-11e2-be69-806e6f6e6963} - "D:\SETUP.EXE" /AUTORUN
HKLM-x32\...\Run: [LManager]  [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-09-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [24504 2012-10-25] (Kaspersky Lab ZAO)
HKU\Default\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll  [2521040 2013-05-23] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com
HKLM SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
HKLM-x32 SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
HKCU SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKCU - {6F9161DA-7B64-4BA1-9C95-27EBF8F95363} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Plus-HD-2.3 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD)
BHO-x32: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll (WebCake LLC)
BHO-x32: Lyrics Finder - {398C01F1-E584-46AD-A649-4F78B435DCFE} - C:\Program Files (x86)\LyricsFinder\lfind.dll (Nijad Software)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Handler: msdaipp - No CLSID Value - 
Handler-x32: msdaipp - No CLSID Value - 
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File

Chrome: 
=======
CHR HomePage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929"
CHR DefaultSearchURL: (Ecosia) - hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
CHR DefaultSuggestURL: (Ecosia) - hxxp://ecosia.org/ajax/searchsuggestions.php?q={searchTerms}&addon=opensearch
CHR Plugin: (Shockwave Flash) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Users\Rebecca\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (Emma Bridgewater) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennchkafgbngcmjcbbicbobbdomhmklc\2_0
CHR Extension: (Delta Toolbar) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (WebCake) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0
CHR Extension: (DealPly Shopping) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.3.0_0
CHR Extension: (Lyrics Finder) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110_0
CHR Extension: (Safe Money) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: (Content Blocker) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0
CHR Extension: (Virtual Keyboard) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: (Wajam) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24
CHR Extension: (Plus-HD-2.3) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0
CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-05-28] (Adobe Systems)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-28] (Kaspersky Lab ZAO)
R2 BackupPCFilesService; C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe [67712 2013-05-07] (Bright Access)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
R2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [201376 2012-06-08] (Conexant Systems Inc.)
R2 desksvc; C:\Program Files (x86)\Desk 365\deskSvc.exe [424016 2013-07-01] (337 Technology Limited.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-09-21] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated)
R2 eSafeSvc; C:\ProgramData\eSafe\eGdpSvc.exe [361536 2013-07-01] (eSafe Security Co., Ltd.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [85904 2012-09-05] (ELAN Microelectronics Corp.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-19] (Dritek System INC.)
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam)
R2 WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [23552 2013-06-21] (WebCake LLC)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-09-10] (Atheros)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]
S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29016 2013-05-28] (Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-28] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-05-28] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-19] (Dritek System Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST
2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk
2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2013-07-01 22:18 - 2013-07-01 22:18 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PC Speed Maximizer
2013-07-01 20:01 - 2013-07-02 20:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365
2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Desk 365
2013-07-01 20:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-01 20:00 - 2013-07-01 20:00 - 00001121 ____A C:\Users\Rebecca\Desktop\PC Speed Maximizer.lnk
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____A C:\END
2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe
2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller
2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WebCake
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Program Files (x86)\WebCake
2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe
2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-06-30 21:04 - 2013-07-01 13:20 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT
2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe
2013-06-30 14:06 - 2013-07-02 20:06 - 00001230 ____A C:\Windows\Tasks\Plus-HD-2.3-updater.job
2013-06-30 14:06 - 2013-07-01 13:56 - 00000448 ____A C:\Windows\Tasks\Lyrics Finder Update.job
2013-06-30 14:06 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-30 14:05 - 2013-07-02 20:05 - 00001940 ____A C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job
2013-06-30 14:05 - 2013-07-02 20:05 - 00001234 ____A C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2013-06-30 14:05 - 2013-07-02 20:05 - 00001134 ____A C:\Windows\Tasks\Plus-HD-2.3-enabler.job
2013-06-30 14:05 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-30 14:05 - 2011-10-04 22:43 - 00087552 ____A C:\Windows\System32\custmon64i.dll
2013-06-30 14:04 - 2013-07-02 19:44 - 00000326 ____A C:\Windows\Tasks\DSite.job
2013-06-30 14:04 - 2013-07-01 14:04 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-06-30 14:03 - 2013-06-30 14:04 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe
2013-06-29 14:50 - 2013-06-29 14:51 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp
2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP
2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump
2013-06-24 23:45 - 2013-06-24 23:46 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-24 16:14 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-24 16:14 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-22 21:53 - 2013-06-22 21:54 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner
2013-06-22 21:45 - 2013-06-22 22:05 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama
2013-06-21 22:41 - 2013-06-28 19:06 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig
2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase
2013-06-21 22:37 - 2013-06-21 23:16 - 00000538 ____A C:\Windows\DirectX.log
2013-06-21 22:37 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2013-06-21 22:37 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-06-21 22:37 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2013-06-21 22:37 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-06-21 22:07 - 2013-06-21 22:26 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi
2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-21 13:45 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-21 13:45 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-21 13:44 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-21 13:44 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-21 13:44 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-21 13:44 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-21 13:44 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-21 13:44 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-21 13:44 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-21 13:44 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-21 13:44 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-21 13:44 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-21 13:44 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-21 13:44 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-21 13:44 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-21 13:44 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-21 13:44 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-21 13:44 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-21 13:44 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-21 13:44 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-21 13:44 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-21 13:44 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-21 13:44 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-21 13:44 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-21 13:44 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-21 13:44 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-21 13:44 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-21 13:44 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-21 13:44 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-21 13:44 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-21 13:44 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-21 13:44 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-21 13:44 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-21 13:44 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-21 13:43 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-21 13:43 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-21 13:43 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-21 13:43 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-21 13:43 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-21 13:43 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-21 13:43 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-21 13:42 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-21 13:42 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-21 13:42 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-21 13:42 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-21 13:42 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-21 13:42 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-21 13:42 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-21 13:42 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-20 22:52 - 2013-06-20 23:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi
2013-06-13 22:06 - 2013-06-13 22:07 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip
2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe
2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe
2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe
2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink
2013-06-10 11:57 - 2013-06-06 08:31 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk
2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-08 13:43 - 2013-06-08 13:44 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd
2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-06-06 18:32 - 2013-07-01 22:22 - 00000000 ___RD C:\Users\Rebecca\Dropbox
2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk
2013-06-06 18:26 - 2013-07-01 22:28 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox
2013-06-06 18:24 - 2013-06-06 18:25 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe
2013-06-05 19:21 - 2013-06-30 14:43 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps
2013-06-05 19:20 - 2013-06-05 19:21 - 00000000 ____D C:\ProgramData\BackupPCFiles
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles
2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe
2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk
2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip
2013-06-04 22:59 - 2013-06-06 14:22 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt
2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys
2013-06-03 23:06 - 2013-07-01 16:26 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign
2013-06-02 14:08 - 2012-10-12 08:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll
2013-06-02 14:08 - 2012-10-12 07:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-06-02 14:07 - 2012-10-24 06:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2013-06-02 14:07 - 2012-10-17 06:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll
2013-06-02 14:07 - 2012-10-17 06:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2013-06-02 14:07 - 2012-10-17 06:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2013-06-02 14:07 - 2012-10-17 05:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-06-02 14:07 - 2012-10-17 05:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-06-02 14:07 - 2012-10-17 05:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-06-02 14:06 - 2012-10-11 09:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-06-02 14:06 - 2012-10-11 09:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-06-02 14:06 - 2012-10-11 09:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2013-06-02 14:06 - 2012-10-11 09:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-06-02 14:06 - 2012-10-11 09:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-06-02 14:06 - 2012-10-11 09:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2013-06-02 14:06 - 2012-10-11 09:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2013-06-02 14:06 - 2012-10-11 09:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-06-02 14:06 - 2012-10-11 07:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-06-02 14:06 - 2012-10-11 07:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2013-06-02 14:06 - 2012-10-11 07:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2013-06-02 14:06 - 2012-10-11 07:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll
2013-06-02 14:06 - 2012-10-11 07:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe
2013-06-02 14:06 - 2012-10-11 07:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-06-02 14:06 - 2012-10-11 07:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-06-02 14:06 - 2012-10-11 07:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll
2013-06-02 14:06 - 2012-10-11 07:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll
2013-06-02 14:06 - 2012-10-11 07:20 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys
2013-06-02 14:06 - 2012-10-11 07:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-06-02 14:06 - 2012-10-11 07:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-06-02 14:06 - 2012-10-11 07:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-06-02 14:06 - 2012-10-11 07:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2013-06-02 14:06 - 2012-10-11 07:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-06-02 14:06 - 2012-10-11 07:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-06-02 14:06 - 2012-10-11 06:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-06-02 14:06 - 2012-10-11 02:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls
2013-06-02 14:06 - 2012-10-11 02:44 - 00478424 ____A C:\Windows\System32\locale.nls
2013-06-02 14:05 - 2012-12-04 06:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-06-02 14:05 - 2012-11-27 08:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
2013-06-02 14:05 - 2012-11-27 06:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-06-02 14:05 - 2012-11-27 06:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-06-02 14:05 - 2012-11-27 06:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-06-02 14:05 - 2012-11-27 06:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-06-02 14:05 - 2012-11-27 06:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-06-02 14:05 - 2012-11-27 06:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-06-02 14:05 - 2012-11-27 06:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll
2013-06-02 14:05 - 2012-11-27 06:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2013-06-02 14:05 - 2012-11-27 06:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
2013-06-02 14:05 - 2012-11-27 06:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
2013-06-02 14:05 - 2012-11-27 06:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-06-02 14:05 - 2012-11-27 06:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-06-02 14:05 - 2012-10-12 10:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-06-02 14:04 - 2012-11-27 06:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-06-02 14:04 - 2012-11-27 06:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-06-02 14:04 - 2012-11-27 06:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-06-02 14:04 - 2012-11-27 06:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-06-02 14:04 - 2012-11-27 06:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-06-02 14:04 - 2012-11-27 06:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-06-02 14:04 - 2012-11-27 06:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-06-02 14:04 - 2012-11-27 06:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-06-02 14:04 - 2012-10-12 08:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll
2013-06-02 14:04 - 2012-10-12 07:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-06-02 14:04 - 2012-09-11 07:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe
2013-06-02 14:04 - 2012-09-11 07:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-06-02 14:04 - 2012-09-11 07:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll
2013-06-02 14:02 - 2012-11-20 07:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-06-02 14:02 - 2012-11-20 07:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2013-06-02 14:02 - 2012-11-20 07:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-06-02 14:02 - 2012-11-20 06:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL
2013-06-02 14:02 - 2012-11-08 06:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-06-02 14:02 - 2012-11-08 06:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-06-02 14:02 - 2012-11-08 06:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-06-02 14:02 - 2012-11-08 06:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2013-06-02 14:02 - 2012-11-08 06:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2013-06-02 14:02 - 2012-11-08 06:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-06-02 14:01 - 2012-11-06 09:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-06-02 14:01 - 2012-11-06 09:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-06-02 14:01 - 2012-11-06 06:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-06-02 14:01 - 2012-11-06 06:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2013-06-02 14:01 - 2012-11-06 06:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-06-02 14:01 - 2012-11-06 06:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-06-02 14:01 - 2012-11-06 06:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-06-02 14:01 - 2012-11-06 06:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll
2013-06-02 14:01 - 2012-11-06 06:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
2013-06-02 14:01 - 2012-11-06 05:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll
2013-06-02 14:01 - 2012-11-06 05:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-06-02 14:01 - 2012-11-06 05:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-06-02 14:01 - 2012-11-06 05:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-06-02 14:01 - 2012-11-06 05:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-06-02 14:01 - 2012-11-06 05:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2013-06-02 14:01 - 2012-11-06 05:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-06-02 14:01 - 2012-11-06 05:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-06-02 14:01 - 2012-11-06 05:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

==================== One Month Modified Files and Folders =======

2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST
2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk
2013-07-02 20:06 - 2013-06-30 14:06 - 00001230 ____A C:\Windows\Tasks\Plus-HD-2.3-updater.job
2013-07-02 20:05 - 2013-06-30 14:05 - 00001940 ____A C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job
2013-07-02 20:05 - 2013-06-30 14:05 - 00001234 ____A C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2013-07-02 20:05 - 2013-06-30 14:05 - 00001134 ____A C:\Windows\Tasks\Plus-HD-2.3-enabler.job
2013-07-02 20:05 - 2013-05-29 23:12 - 00035840 __ASH C:\Users\Rebecca\Downloads\Thumbs.db
2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2013-07-02 20:04 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365
2013-07-02 20:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-07-02 19:58 - 2013-05-28 17:48 - 00001160 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job
2013-07-02 19:45 - 2013-05-28 17:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-02 19:44 - 2013-06-30 14:04 - 00000326 ____A C:\Windows\Tasks\DSite.job
2013-07-02 19:41 - 2013-05-28 16:12 - 01916200 ____A C:\Windows\WindowsUpdate.log
2013-07-02 19:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-01 22:28 - 2013-06-06 18:26 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox
2013-07-01 22:22 - 2013-06-06 18:32 - 00000000 ___RD C:\Users\Rebecca\Dropbox
2013-07-01 22:18 - 2013-07-01 22:18 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PC Speed Maximizer
2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Desk 365
2013-07-01 20:01 - 2011-06-11 01:58 - 00773712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-07-01 20:01 - 2011-06-11 01:58 - 00420944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-07-01 20:00 - 2013-07-01 20:00 - 00001121 ____A C:\Users\Rebecca\Desktop\PC Speed Maximizer.lnk
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____A C:\END
2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe
2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller
2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WebCake
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Program Files (x86)\WebCake
2013-07-01 19:45 - 2013-05-28 16:12 - 00000000 ____D C:\users\Rebecca
2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe
2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-07-01 16:26 - 2013-06-03 23:06 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign
2013-07-01 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-07-01 13:56 - 2013-06-30 14:06 - 00000448 ____A C:\Windows\Tasks\Lyrics Finder Update.job
2013-07-01 13:20 - 2013-06-30 21:04 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT
2013-07-01 12:32 - 2012-10-30 06:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-30 14:43 - 2013-06-05 19:21 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps
2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe
2013-06-30 14:06 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-30 14:06 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:03 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe
2013-06-29 14:57 - 2012-12-19 21:40 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-06-29 14:57 - 2012-12-19 21:40 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-06-29 14:57 - 2012-07-26 09:28 - 01035242 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-29 14:51 - 2013-06-29 14:50 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp
2013-06-29 14:51 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP
2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump
2013-06-28 19:06 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig
2013-06-28 17:58 - 2013-05-28 17:48 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job
2013-06-26 17:37 - 2013-05-28 18:39 - 00371712 __ASH C:\Users\Rebecca\Desktop\Thumbs.db
2013-06-24 23:46 - 2013-06-24 23:45 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-24 23:21 - 2013-05-30 00:04 - 00000000 ____D C:\Users\Rebecca\Documents\Forte
2013-06-24 17:09 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-24 16:56 - 2013-05-30 10:16 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-24 15:56 - 2012-10-30 05:34 - 00025230 ____A C:\Windows\PFRO.log
2013-06-24 15:55 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-22 22:05 - 2013-06-22 21:45 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama
2013-06-22 21:54 - 2013-06-22 21:53 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner
2013-06-22 21:43 - 2012-07-26 09:21 - 00032675 ____A C:\Windows\setupact.log
2013-06-21 23:16 - 2013-06-21 22:37 - 00000538 ____A C:\Windows\DirectX.log
2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-06-21 22:26 - 2013-06-21 22:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi
2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-20 23:07 - 2013-06-20 22:52 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi
2013-06-13 22:07 - 2013-06-13 22:06 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip
2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe
2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe
2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe
2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink
2013-06-10 12:04 - 2012-12-19 13:32 - 00000000 ____D C:\ProgramData\CyberLink
2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-10 11:51 - 2013-05-28 16:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\VirtualStore
2013-06-08 13:44 - 2013-06-08 13:43 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd
2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk
2013-06-06 18:25 - 2013-06-06 18:24 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe
2013-06-06 14:22 - 2013-06-04 22:59 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt
2013-06-06 13:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-06-06 08:31 - 2013-06-10 11:57 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk
2013-06-05 19:21 - 2013-06-05 19:20 - 00000000 ____D C:\ProgramData\BackupPCFiles
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles
2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe
2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk
2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip
2013-06-05 00:09 - 2013-06-01 15:33 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-05 00:09 - 2013-06-01 15:33 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-01 13:23

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 02.07.2013, 19:16   #4
beccerie
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Vielen Dank für die schnelle Antwort

Installiert. Gescant. Das kam dabei raus...

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2013
Ran by Rebecca at 2013-07-02 20:09:17
Running from C:\Users\Rebecca\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

clear.fi SDK - Video 2 (x32 Version: 2.1.1925)
clear.fi SDK- Movie 2 (x32 Version: 2.1.2008)
Acer Backup Manager (x32 Version: 4.0.0.0059)
Acer Device Fast-lane (Version: 1.00.3008)
Acer Instant Update Service (Version: 1.00.3013)
Acer Power Management (Version: 7.00.3007)
Acer Recovery Management (Version: 6.00.3011)
AcerCloud (x32 Version: 2.01.3115)
AcerCloud Docs (x32 Version: 1.00.3201)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Illustrator CS2 (x32 Version: 12.000.000)
Adobe InDesign CS2 (x32 Version: 004.000.000)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Adobe SVG Viewer 3.0 (x32 Version: 3.0)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Alcor Micro USB Card Reader (x32 Version: 3.5.42.61532)
Aloha TriPeaks (x32 Version: 2.2.0.98)
AMD Accelerated Video Transcoding (Version: 12.5.100.20918)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Quick Stream (Version: 3.3.26.0)
AMD VISION Engine Control Center (x32 Version: 2012.0918.260.3365)
Backup Manager v4 (x32 Version: 4.0.0.0059)
BackupPCFiles 1.0.0.676 (x32 Version: 1.0.0.676)
Bejeweled 3 (x32 Version: 2.2.0.98)
BrowserDefender (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0918.260.3365)
Catalyst Control Center InstallProxy (x32 Version: 2012.0918.260.3365)
Catalyst Control Center Localization All (x32 Version: 2012.0918.260.3365)
CCC Help Chinese Standard (x32 Version: 2012.0918.0259.3365)
CCC Help Chinese Traditional (x32 Version: 2012.0918.0259.3365)
CCC Help Czech (x32 Version: 2012.0918.0259.3365)
CCC Help Danish (x32 Version: 2012.0918.0259.3365)
CCC Help Dutch (x32 Version: 2012.0918.0259.3365)
CCC Help English (x32 Version: 2012.0918.0259.3365)
CCC Help Finnish (x32 Version: 2012.0918.0259.3365)
CCC Help French (x32 Version: 2012.0918.0259.3365)
CCC Help German (x32 Version: 2012.0918.0259.3365)
CCC Help Greek (x32 Version: 2012.0918.0259.3365)
CCC Help Hungarian (x32 Version: 2012.0918.0259.3365)
CCC Help Italian (x32 Version: 2012.0918.0259.3365)
CCC Help Japanese (x32 Version: 2012.0918.0259.3365)
CCC Help Korean (x32 Version: 2012.0918.0259.3365)
CCC Help Norwegian (x32 Version: 2012.0918.0259.3365)
CCC Help Polish (x32 Version: 2012.0918.0259.3365)
CCC Help Portuguese (x32 Version: 2012.0918.0259.3365)
CCC Help Russian (x32 Version: 2012.0918.0259.3365)
CCC Help Spanish (x32 Version: 2012.0918.0259.3365)
CCC Help Swedish (x32 Version: 2012.0918.0259.3365)
CCC Help Thai (x32 Version: 2012.0918.0259.3365)
CCC Help Turkish (x32 Version: 2012.0918.0259.3365)
ccc-utility64 (Version: 2012.0918.260.3365)
clear.fi Media (x32 Version: 2.01.3108)
clear.fi Photo (x32 Version: 2.01.3108)
Conexant HD Audio (Version: 8.54.44.51)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819)
DealPly (HKCU)
DealPly (remove only) (x32 Version: 4.8.6.1)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98)
Delta Chrome Toolbar (x32)
Delta toolbar (x32 Version: 1.8.21.5)
Desk 365 (x32 Version: 1.12.16)
Dropbox (HKCU Version: 2.0.26)
eSafe Security Control 1.0.0.2522 (x32 Version: 1.0.0.2522)
ETDWare PS/2-X64 11.6.9.001_WHQL (Version: 11.6.9.001)
FORTE 4 - Free Edition (x32 Version: 4)
Google Chrome (HKCU Version: 27.0.1453.116)
Identity Card (x32 Version: 2.00.3004)
Island Tribe (x32 Version: 2.2.0.98)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190)
Launch Manager (x32 Version: 7.0.4)
Live Updater (x32 Version: 2.00.3004)
Ludwig 3.0 (x32 Version: 3.0.0.1)
Lyrics Finder (x32)
Magic Academy (x32 Version: 2.2.0.98)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.5614.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
MyWinLocker (Version: 4.0.14.35)
MyWinLocker 4 (x32 Version: 4.0.14.35)
MyWinLocker Suite (x32 Version: 4.0.14.24)
NTI Media Maker 9 (x32 Version: 9.0.2.9008)
Office Addin (x32 Version: 2.01.3200)
Open It! (x32 Version: 1.1.1)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PC Speed Maximizer v3.1 (x32 Version: 3.1)
PDF Creator
PDF Writer Packages (HKCU)
PDF Writer Packages 11 (HKCU)
Penguins! (x32 Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Plus-HD-2.3 (x32 Version: 1.27.153.5)
Polar Bowler (x32 Version: 2.2.0.97)
Qtrax Player (HKCU)
Qtrax Player (x32 Version: 01.001.0001)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.209)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.13)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Spotify (x32 Version: 0.8.4.99.ga249b5f1)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update for Zip Opener (HKCU)
Update Installer for WildTangent Games App (x32)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
Wajam (x32 Version: 1.80)
WebCake 3.00 (Version: 3.00)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.3)
Zip Opener Packages (HKCU)
Zuma's Revenge (x32 Version: 2.2.0.98)

==================== Restore Points =========================

15-06-2013 22:32:54 Geplanter Prüfpunkt
20-06-2013 21:48:08 Installed Ludwig 3.0
24-06-2013 14:54:34 Windows Update
01-07-2013 10:32:01 Entfernt Atheros Communications Inc.(R) AR81Family Gigabit/Fast
R] a

==================== Scheduled Tasks (whitelisted) =============

Task: {01E27AC1-51E7-4717-9625-7C93C11E4ED4} - System32\Tasks\Lyrics Finder Update => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe [2013-02-27] (Nijad Software)
Task: {0DA8A6C4-DBE8-4CD0-9040-E30851CBA3AB} - System32\Tasks\Task BackupPCFiles => C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.TaskScheduler.exe [2013-05-07] ()
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {14B1518E-6B39-43F0-A52F-060AEA10D43B} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {18FB23DC-658C-455C-BF77-BA77D70569DE} - System32\Tasks\Plus-HD-2.3-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe [2013-06-30] (Plus HD)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {1F03B27A-8849-4E0F-83D9-DC9EDE51BA87} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {21ED3BFC-DE3D-41C8-BA2E-F3F2C483CF56} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3EC330FC-D164-4C37-A4BC-3F2E1A68BBEF} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4265992392-2356816179-987210788-1001
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {4325F945-E652-4329-A43F-3650E7C361F8} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {438139D7-1488-45CA-934F-366EB728C091} - System32\Tasks\DSite => C:\Users\Rebecca\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-07-01] ()
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5180FB42-F2E8-46AE-849A-80ECFFE7378C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-28] (Google Inc.)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5FC99E41-E598-4E05-8BD2-B6C406A4B143} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {66B9B946-72B9-44A0-9BC4-01D5D339A575} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4265992392-2356816179-987210788-500
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6EA08B46-1BC2-44E2-8526-3DFAA4F35328} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {738A0A7B-DF1F-4504-A16A-693C0CD28CC8} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {811429EB-54FC-493A-B3A0-9224A2195644} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe [2013-07-01] (337 Technology Limited.)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8EDE8B4F-7A00-4874-8D7D-D4494E095E47} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {97AA14A9-112E-414D-8F8C-6AB25A9304D1} - System32\Tasks\Plus-HD-2.3-codedownloader => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-06-30] (Plus HD)
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {99261903-B0ED-43FF-AB5F-8FF3D1F7B850} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {9F3C740E-EE05-44AF-A176-C59922E0CAD7} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-09-05] (Acer Incorporated)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B47EFA2E-0FE7-4AFF-8E2B-BFA2ADE9EFC8} - System32\Tasks\Plus-HD-2.3-enabler => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-06-30] (Plus HD)
Task: {B531D19A-AEC0-4033-A15D-7B33322EB871} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-01-24] (Microsoft Corporation)
Task: {BA190B70-E058-4BC9-8055-E195A362F3BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-28] (Google Inc.)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C58FC3F8-DAA2-47F0-BB5B-E8D81A0C665D} - System32\Tasks\Plus-HD-2.3-updater => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-06-30] (Plus HD)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {CAB8603B-DCA4-4547-9118-16234BA63063} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DABD0657-CC02-40B6-81E9-DB2C050FB0F5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {E954CD40-1946-41D6-9433-7A645461C41A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {EC770716-0E38-4F87-A0FF-35C505AF56FD} - System32\Tasks\EPUpdater => C:\Users\Rebecca\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {EE620C39-9B11-4442-870C-8BE6759866A5} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {F5A4610D-2FEC-4082-813C-A8AEC624A0CC} - System32\Tasks\DealPly => C:\Users\Rebecca\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE [2013-02-27] ()
Task: C:\Windows\Tasks\DSite.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job => C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics Finder Update.job => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/01/2013 00:56:35 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (06/30/2013 02:43:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: EvernoteMetro.exe, Version: 0.0.0.0, Zeitstempel: 0x5138d27c
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 11.0.51106.1, Zeitstempel: 0x5098858e
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000748e8
ID des fehlerhaften Prozesses: 0x1908
Startzeit der fehlerhaften Anwendung: 0xEvernoteMetro.exe0
Pfad der fehlerhaften Anwendung: EvernoteMetro.exe1
Pfad des fehlerhaften Moduls: EvernoteMetro.exe2
Berichtskennung: EvernoteMetro.exe3
Vollständiger Name des fehlerhaften Pakets: EvernoteMetro.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EvernoteMetro.exe5

Error: (06/29/2013 02:51:44 PM) (Source: Perflib) (User: )
Description: rdyboost4

Error: (06/29/2013 02:51:44 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/29/2013 02:22:53 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c4c

Startzeit: 01ce74bde0db2c4e

Endzeit: 4294967295

Anwendungspfad: C:\Windows\system32\wwahost.exe

Berichts-ID: 979a9cb4-e0b6-11e2-be80-089e016dfe9a

Vollständiger Name des fehlerhaften Pakets: Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (06/29/2013 02:22:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ASUSASPIREV5551)
Description: Das Paket „Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (06/29/2013 02:23:32 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (06/28/2013 04:41:58 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (06/26/2013 05:19:34 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (06/25/2013 06:39:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ASUSASPIREV5551)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (06/29/2013 02:51:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/29/2013 02:51:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/29/2013 02:51:10 PM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa8012519880, 0xfffff80071708770, 0xfffffa8003ba2b10)C:\Windows\MEMORY.DMP062913-28470-01

Error: (06/29/2013 02:50:51 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?29.?06.?2013 um 14:08:29 unerwartet heruntergefahren.

Error: (06/24/2013 11:46:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/24/2013 11:46:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/24/2013 11:46:06 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?24.?06.?2013 um 23:36:30 unerwartet heruntergefahren.

Error: (06/24/2013 03:57:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/24/2013 03:57:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/18/2013 02:58:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (07/01/2013 00:56:35 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (06/30/2013 02:43:18 PM) (Source: Application Error)(User: )
Description: EvernoteMetro.exe0.0.0.05138d27cMSVCR110.dll11.0.51106.15098858ec0000409000748e8190801ce758f618dc374C:\Program Files\WindowsApps\Evernote.Evernote_1.1.2.8_x86__q4d96b2w5wcc2\EvernoteMetro.exeC:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.51106.1_x86__8wekyb3d8bbwe\MSVCR110.dlla3057e24-e182-11e2-be81-089e016dfe9aEvernote.Evernote_1.1.2.8_x86__q4d96b2w5wcc2App

Error: (06/29/2013 02:51:44 PM) (Source: Perflib)(User: )
Description: rdyboost4

Error: (06/29/2013 02:51:44 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/29/2013 02:22:53 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.2.9200.164201c4c01ce74bde0db2c4e4294967295C:\Windows\system32\wwahost.exe979a9cb4-e0b6-11e2-be80-089e016dfe9aEvernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2App

Error: (06/29/2013 02:22:40 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ASUSASPIREV5551)
Description: Evernote.Skitch_2.4.1723.0_neutral__q4d96b2w5wcc2

Error: (06/29/2013 02:23:32 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (06/28/2013 04:41:58 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (06/26/2013 05:19:34 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (06/25/2013 06:39:44 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ASUSASPIREV5551)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2147023170


==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 3530.26 MB
Available physical RAM: 1420.64 MB
Total Pagefile: 7114.26 MB
Available Pagefile: 4281.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.45 GB) (Free:391.85 GB) NTFS (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: EE83A1CF)

Partition: GPT Partition Type
==================== End Of Log ============================





Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013
Ran by Rebecca (administrator) on 02-07-2013 20:08:07
Running from C:\Users\Rebecca\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.CppProxyServer.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dropbox, Inc.) C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe
(WebCake LLC) C:\Users\Rebecca\AppData\Roaming\WebCake\WebCakeDesktop.exe
(WebCake LLC) C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
(337 Technology Limited.) C:\Program Files (x86)\Desk 365\deskSvc.exe
(337 Technology Limited.) C:\Program Files (x86)\Desk 365\desk365.exe
(eSafe Security Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Plus HD) C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" [64640 2012-09-14] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [BackupPCFiles.Agent] "C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe" [249472 2013-05-07] (Bright Access)
HKLM-x32\...\Runonce: [Del83630185] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\Runonce: [Del83641683] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x]
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-12-19] ()
HKCU\...\Run: [Google Update] "C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-05-28] (Google Inc.)
HKCU\...\Run: [WebCake Desktop] "C:\Users\Rebecca\AppData\Roaming\WebCake\WebCakeDesktop.exe" [47896 2013-06-21] (WebCake LLC)
HKCU\...\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [134456 2013-03-09] (Smart PC Solutions)
HKCU\...\Run: [Desk 365] "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun [916048 2013-07-01] (337 Technology Limited.)
HKCU\...\Runonce: [Del83630185] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x]
HKCU\...\Runonce: [Del83641683] cmd.exe /Q /D /c del "C:\Users\Rebecca\AppData\Local\Temp\0.del" [x]
HKCU\...\Runonce: [Qtrax] C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe 2902046931.portal.qtrax.com [x]
MountPoints2: {72078e76-49c9-11e2-be69-806e6f6e6963} - "D:\SETUP.EXE" /AUTORUN
HKLM-x32\...\Run: [LManager] [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-09-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [24504 2012-10-25] (Kaspersky Lab ZAO)
HKU\Default\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll [2521040 2013-05-23] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com
HKLM SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
HKLM-x32 SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
HKCU SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKCU - {6F9161DA-7B64-4BA1-9C95-27EBF8F95363} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Plus-HD-2.3 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD)
BHO-x32: WebCake - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll (WebCake LLC)
BHO-x32: Lyrics Finder - {398C01F1-E584-46AD-A649-4F78B435DCFE} - C:\Program Files (x86)\LyricsFinder\lfind.dll (Nijad Software)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Handler: msdaipp - No CLSID Value -
Handler-x32: msdaipp - No CLSID Value -
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File

Chrome:
=======
CHR HomePage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929"
CHR DefaultSearchURL: (Ecosia) - hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
CHR DefaultSuggestURL: (Ecosia) - hxxp://ecosia.org/ajax/searchsuggestions.php?q={searchTerms}&addon=opensearch
CHR Plugin: (Shockwave Flash) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Users\Rebecca\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (Emma Bridgewater) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennchkafgbngcmjcbbicbobbdomhmklc\2_0
CHR Extension: (Delta Toolbar) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (WebCake) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0
CHR Extension: (DealPly Shopping) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.3.0_0
CHR Extension: (Lyrics Finder) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110_0
CHR Extension: (Safe Money) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: (Content Blocker) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0
CHR Extension: (Virtual Keyboard) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: (Wajam) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24
CHR Extension: (Plus-HD-2.3) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0
CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-05-28] (Adobe Systems)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-28] (Kaspersky Lab ZAO)
R2 BackupPCFilesService; C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe [67712 2013-05-07] (Bright Access)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
R2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [201376 2012-06-08] (Conexant Systems Inc.)
R2 desksvc; C:\Program Files (x86)\Desk 365\deskSvc.exe [424016 2013-07-01] (337 Technology Limited.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-09-21] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated)
R2 eSafeSvc; C:\ProgramData\eSafe\eGdpSvc.exe [361536 2013-07-01] (eSafe Security Co., Ltd.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [85904 2012-09-05] (ELAN Microelectronics Corp.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-19] (Dritek System INC.)
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam)
R2 WebCake Desktop Updater; C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe [23552 2013-06-21] (WebCake LLC)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-09-10] (Atheros)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]
S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29016 2013-05-28] (Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-28] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-05-28] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-19] (Dritek System Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST
2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk
2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2013-07-01 22:18 - 2013-07-01 22:18 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PC Speed Maximizer
2013-07-01 20:01 - 2013-07-02 20:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365
2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Desk 365
2013-07-01 20:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-01 20:00 - 2013-07-01 20:00 - 00001121 ____A C:\Users\Rebecca\Desktop\PC Speed Maximizer.lnk
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____A C:\END
2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe
2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller
2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WebCake
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Program Files (x86)\WebCake
2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe
2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-06-30 21:04 - 2013-07-01 13:20 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT
2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe
2013-06-30 14:06 - 2013-07-02 20:06 - 00001230 ____A C:\Windows\Tasks\Plus-HD-2.3-updater.job
2013-06-30 14:06 - 2013-07-01 13:56 - 00000448 ____A C:\Windows\Tasks\Lyrics Finder Update.job
2013-06-30 14:06 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-30 14:05 - 2013-07-02 20:05 - 00001940 ____A C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job
2013-06-30 14:05 - 2013-07-02 20:05 - 00001234 ____A C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2013-06-30 14:05 - 2013-07-02 20:05 - 00001134 ____A C:\Windows\Tasks\Plus-HD-2.3-enabler.job
2013-06-30 14:05 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-30 14:05 - 2011-10-04 22:43 - 00087552 ____A C:\Windows\System32\custmon64i.dll
2013-06-30 14:04 - 2013-07-02 19:44 - 00000326 ____A C:\Windows\Tasks\DSite.job
2013-06-30 14:04 - 2013-07-01 14:04 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-06-30 14:03 - 2013-06-30 14:04 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe
2013-06-29 14:50 - 2013-06-29 14:51 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp
2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP
2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump
2013-06-24 23:45 - 2013-06-24 23:46 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-24 16:14 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-24 16:14 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-22 21:53 - 2013-06-22 21:54 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner
2013-06-22 21:45 - 2013-06-22 22:05 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama
2013-06-21 22:41 - 2013-06-28 19:06 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig
2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase
2013-06-21 22:37 - 2013-06-21 23:16 - 00000538 ____A C:\Windows\DirectX.log
2013-06-21 22:37 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2013-06-21 22:37 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-06-21 22:37 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2013-06-21 22:37 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-06-21 22:07 - 2013-06-21 22:26 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi
2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-21 13:45 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-21 13:45 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-21 13:44 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-21 13:44 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-21 13:44 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-21 13:44 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-21 13:44 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-21 13:44 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-21 13:44 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-21 13:44 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-21 13:44 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-21 13:44 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-21 13:44 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-21 13:44 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-21 13:44 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-21 13:44 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-21 13:44 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-21 13:44 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-21 13:44 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-21 13:44 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-21 13:44 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-21 13:44 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-21 13:44 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-21 13:44 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-21 13:44 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-21 13:44 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-21 13:44 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-21 13:44 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-21 13:44 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-21 13:44 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-21 13:44 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-21 13:44 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-21 13:44 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-21 13:44 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-21 13:43 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-21 13:43 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-21 13:43 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-21 13:43 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-21 13:43 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-21 13:43 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-21 13:43 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-21 13:42 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-21 13:42 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-21 13:42 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-21 13:42 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-21 13:42 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-21 13:42 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-21 13:42 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-21 13:42 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-20 22:52 - 2013-06-20 23:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi
2013-06-13 22:06 - 2013-06-13 22:07 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip
2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe
2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe
2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe
2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink
2013-06-10 11:57 - 2013-06-06 08:31 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk
2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-08 13:43 - 2013-06-08 13:44 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd
2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-06-06 18:32 - 2013-07-01 22:22 - 00000000 ___RD C:\Users\Rebecca\Dropbox
2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk
2013-06-06 18:26 - 2013-07-01 22:28 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox
2013-06-06 18:24 - 2013-06-06 18:25 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe
2013-06-05 19:21 - 2013-06-30 14:43 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps
2013-06-05 19:20 - 2013-06-05 19:21 - 00000000 ____D C:\ProgramData\BackupPCFiles
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles
2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe
2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk
2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip
2013-06-04 22:59 - 2013-06-06 14:22 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt
2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys
2013-06-03 23:06 - 2013-07-01 16:26 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign
2013-06-02 14:08 - 2012-10-12 08:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll
2013-06-02 14:08 - 2012-10-12 07:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-06-02 14:07 - 2012-10-24 06:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2013-06-02 14:07 - 2012-10-17 06:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll
2013-06-02 14:07 - 2012-10-17 06:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2013-06-02 14:07 - 2012-10-17 06:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2013-06-02 14:07 - 2012-10-17 05:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-06-02 14:07 - 2012-10-17 05:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-06-02 14:07 - 2012-10-17 05:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-06-02 14:06 - 2012-10-11 09:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-06-02 14:06 - 2012-10-11 09:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-06-02 14:06 - 2012-10-11 09:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2013-06-02 14:06 - 2012-10-11 09:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-06-02 14:06 - 2012-10-11 09:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-06-02 14:06 - 2012-10-11 09:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2013-06-02 14:06 - 2012-10-11 09:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2013-06-02 14:06 - 2012-10-11 09:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-06-02 14:06 - 2012-10-11 07:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-06-02 14:06 - 2012-10-11 07:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2013-06-02 14:06 - 2012-10-11 07:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2013-06-02 14:06 - 2012-10-11 07:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll
2013-06-02 14:06 - 2012-10-11 07:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe
2013-06-02 14:06 - 2012-10-11 07:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
2013-06-02 14:06 - 2012-10-11 07:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
2013-06-02 14:06 - 2012-10-11 07:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll
2013-06-02 14:06 - 2012-10-11 07:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-06-02 14:06 - 2012-10-11 07:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-06-02 14:06 - 2012-10-11 07:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll
2013-06-02 14:06 - 2012-10-11 07:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll
2013-06-02 14:06 - 2012-10-11 07:20 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys
2013-06-02 14:06 - 2012-10-11 07:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-06-02 14:06 - 2012-10-11 07:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-06-02 14:06 - 2012-10-11 07:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-06-02 14:06 - 2012-10-11 07:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2013-06-02 14:06 - 2012-10-11 07:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-06-02 14:06 - 2012-10-11 07:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-06-02 14:06 - 2012-10-11 07:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-06-02 14:06 - 2012-10-11 07:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-06-02 14:06 - 2012-10-11 06:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-06-02 14:06 - 2012-10-11 02:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls
2013-06-02 14:06 - 2012-10-11 02:44 - 00478424 ____A C:\Windows\System32\locale.nls
2013-06-02 14:05 - 2012-12-04 06:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-06-02 14:05 - 2012-11-27 08:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
2013-06-02 14:05 - 2012-11-27 06:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-06-02 14:05 - 2012-11-27 06:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-06-02 14:05 - 2012-11-27 06:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-06-02 14:05 - 2012-11-27 06:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-06-02 14:05 - 2012-11-27 06:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-06-02 14:05 - 2012-11-27 06:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-06-02 14:05 - 2012-11-27 06:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll
2013-06-02 14:05 - 2012-11-27 06:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2013-06-02 14:05 - 2012-11-27 06:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
2013-06-02 14:05 - 2012-11-27 06:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
2013-06-02 14:05 - 2012-11-27 06:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-06-02 14:05 - 2012-11-27 06:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-06-02 14:05 - 2012-10-12 10:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-06-02 14:04 - 2012-11-27 06:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-06-02 14:04 - 2012-11-27 06:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-06-02 14:04 - 2012-11-27 06:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-06-02 14:04 - 2012-11-27 06:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-06-02 14:04 - 2012-11-27 06:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-06-02 14:04 - 2012-11-27 06:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-06-02 14:04 - 2012-11-27 06:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-06-02 14:04 - 2012-11-27 06:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-06-02 14:04 - 2012-10-12 08:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll
2013-06-02 14:04 - 2012-10-12 07:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-06-02 14:04 - 2012-09-11 07:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe
2013-06-02 14:04 - 2012-09-11 07:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-06-02 14:04 - 2012-09-11 07:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll
2013-06-02 14:02 - 2012-11-20 07:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-06-02 14:02 - 2012-11-20 07:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2013-06-02 14:02 - 2012-11-20 07:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-06-02 14:02 - 2012-11-20 06:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL
2013-06-02 14:02 - 2012-11-08 06:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-06-02 14:02 - 2012-11-08 06:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-06-02 14:02 - 2012-11-08 06:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-06-02 14:02 - 2012-11-08 06:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2013-06-02 14:02 - 2012-11-08 06:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2013-06-02 14:02 - 2012-11-08 06:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-06-02 14:01 - 2012-11-06 09:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-06-02 14:01 - 2012-11-06 09:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-06-02 14:01 - 2012-11-06 06:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-06-02 14:01 - 2012-11-06 06:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2013-06-02 14:01 - 2012-11-06 06:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-06-02 14:01 - 2012-11-06 06:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll
2013-06-02 14:01 - 2012-11-06 06:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-06-02 14:01 - 2012-11-06 06:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
2013-06-02 14:01 - 2012-11-06 06:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-06-02 14:01 - 2012-11-06 06:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-06-02 14:01 - 2012-11-06 06:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll
2013-06-02 14:01 - 2012-11-06 06:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
2013-06-02 14:01 - 2012-11-06 05:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll
2013-06-02 14:01 - 2012-11-06 05:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-06-02 14:01 - 2012-11-06 05:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-06-02 14:01 - 2012-11-06 05:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-06-02 14:01 - 2012-11-06 05:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-06-02 14:01 - 2012-11-06 05:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2013-06-02 14:01 - 2012-11-06 05:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-06-02 14:01 - 2012-11-06 05:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-06-02 14:01 - 2012-11-06 05:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

==================== One Month Modified Files and Folders =======

2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST
2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk
2013-07-02 20:06 - 2013-06-30 14:06 - 00001230 ____A C:\Windows\Tasks\Plus-HD-2.3-updater.job
2013-07-02 20:05 - 2013-06-30 14:05 - 00001940 ____A C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job
2013-07-02 20:05 - 2013-06-30 14:05 - 00001234 ____A C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2013-07-02 20:05 - 2013-06-30 14:05 - 00001134 ____A C:\Windows\Tasks\Plus-HD-2.3-enabler.job
2013-07-02 20:05 - 2013-05-29 23:12 - 00035840 __ASH C:\Users\Rebecca\Downloads\Thumbs.db
2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2013-07-02 20:04 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365
2013-07-02 20:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-07-02 19:58 - 2013-05-28 17:48 - 00001160 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job
2013-07-02 19:45 - 2013-05-28 17:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-02 19:44 - 2013-06-30 14:04 - 00000326 ____A C:\Windows\Tasks\DSite.job
2013-07-02 19:41 - 2013-05-28 16:12 - 01916200 ____A C:\Windows\WindowsUpdate.log
2013-07-02 19:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-01 22:28 - 2013-06-06 18:26 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox
2013-07-01 22:22 - 2013-06-06 18:32 - 00000000 ___RD C:\Users\Rebecca\Dropbox
2013-07-01 22:18 - 2013-07-01 22:18 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PC Speed Maximizer
2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Desk 365
2013-07-01 20:01 - 2011-06-11 01:58 - 00773712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-07-01 20:01 - 2011-06-11 01:58 - 00420944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-07-01 20:00 - 2013-07-01 20:00 - 00001121 ____A C:\Users\Rebecca\Desktop\PC Speed Maximizer.lnk
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Program Files (x86)\PC Speed Maximizer
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____A C:\END
2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe
2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller
2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WebCake
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Program Files (x86)\WebCake
2013-07-01 19:45 - 2013-05-28 16:12 - 00000000 ____D C:\users\Rebecca
2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe
2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-07-01 16:26 - 2013-06-03 23:06 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign
2013-07-01 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-07-01 13:56 - 2013-06-30 14:06 - 00000448 ____A C:\Windows\Tasks\Lyrics Finder Update.job
2013-07-01 13:20 - 2013-06-30 21:04 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT
2013-07-01 12:32 - 2012-10-30 06:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-30 14:43 - 2013-06-05 19:21 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps
2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe
2013-06-30 14:06 - 2013-06-30 14:06 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-30 14:06 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:03 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe
2013-06-29 14:57 - 2012-12-19 21:40 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-06-29 14:57 - 2012-12-19 21:40 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-06-29 14:57 - 2012-07-26 09:28 - 01035242 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-29 14:51 - 2013-06-29 14:50 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp
2013-06-29 14:51 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP
2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump
2013-06-28 19:06 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig
2013-06-28 17:58 - 2013-05-28 17:48 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job
2013-06-26 17:37 - 2013-05-28 18:39 - 00371712 __ASH C:\Users\Rebecca\Desktop\Thumbs.db
2013-06-24 23:46 - 2013-06-24 23:45 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-24 23:21 - 2013-05-30 00:04 - 00000000 ____D C:\Users\Rebecca\Documents\Forte
2013-06-24 17:09 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-24 16:56 - 2013-05-30 10:16 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-24 15:56 - 2012-10-30 05:34 - 00025230 ____A C:\Windows\PFRO.log
2013-06-24 15:55 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-22 22:05 - 2013-06-22 21:45 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama
2013-06-22 21:54 - 2013-06-22 21:53 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner
2013-06-22 21:43 - 2012-07-26 09:21 - 00032675 ____A C:\Windows\setupact.log
2013-06-21 23:16 - 2013-06-21 22:37 - 00000538 ____A C:\Windows\DirectX.log
2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-06-21 22:26 - 2013-06-21 22:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi
2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-20 23:07 - 2013-06-20 22:52 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi
2013-06-13 22:07 - 2013-06-13 22:06 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip
2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe
2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe
2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe
2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink
2013-06-10 12:04 - 2012-12-19 13:32 - 00000000 ____D C:\ProgramData\CyberLink
2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-10 11:51 - 2013-05-28 16:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\VirtualStore
2013-06-08 13:44 - 2013-06-08 13:43 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd
2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk
2013-06-06 18:25 - 2013-06-06 18:24 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe
2013-06-06 14:22 - 2013-06-04 22:59 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt
2013-06-06 13:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-06-06 08:31 - 2013-06-10 11:57 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk
2013-06-05 19:21 - 2013-06-05 19:20 - 00000000 ____D C:\ProgramData\BackupPCFiles
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles
2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe
2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk
2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip
2013-06-05 00:09 - 2013-06-01 15:33 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-05 00:09 - 2013-06-01 15:33 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-01 13:23

==================== End Of Log ============================

Alt 02.07.2013, 19:25   #5
aharonov
/// TB-Ausbilder
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Hallo,

du hast dir tonnenweise Adware installiert. Du solltest unbedingt besser aufpassen, wo du deine Software herunterlädst und installierst. In erster Priorität immer direkt beim Hersteller und nicht von irgendwelchen Softwareportalen!

Entrümpeln wir ein bisschen:


Schritt 1
  • Gehe in die Systemsteuerung und öffne Programme und Funktionen.
  • Suche und deinstalliere dort der Reihe nach folgende Einträge:
    • BrowserDefender
    • DealPly
    • DealPly (remove only)
    • Delta Chrome Toolbar
    • Delta toolbar
    • Desk 365
    • eSafe Security Control
    • Lyrics Finder
    • PC Speed Maximizer v3.1
    • Plus-HD-2.3
    • Wajam
    • WebCake 3.00
  • Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.



Schritt 2

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 3

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von AdwCleaner
  • Log von FRST

__________________
cheers,
Leo

Alt 04.07.2013, 17:49   #6
beccerie
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Ich bekomme Delta Search und Delta Toolbar nicht deinstalliert. Es erscheint immer eine Meldung, in der steht, dass ich nicht genug Rechte besitze.

AdwCleanerAdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.304 - Datei am 04/07/2013 um 18:32:12 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Rebecca - ASUSASPIREV5551
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Rebecca\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Desinfiziert : C:\Users\Rebecca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Datei Desinfiziert : C:\Users\Rebecca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Datei Desinfiziert : C:\Users\Rebecca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Datei Desinfiziert : C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Datei Desinfiziert : C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Gelöscht mit Neustart : C:\ProgramData\eSafe
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Program Files (x86)\Delta
Ordner Gelöscht : C:\Program Files (x86)\Desk 365
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Ordner Gelöscht : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Ordner Gelöscht : C:\Users\Rebecca\AppData\Local\Temp\Desk365
Ordner Gelöscht : C:\Users\Rebecca\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\337
Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\Delta
Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\Desk 365
Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Rebecca\AppData\Roaming\eIntaller

***** [Registrierungsdatenbank] *****

Daten Gelöscht : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Desksvc
Schlüssel Gelöscht : HKLM\Software\eSafeSecControl
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\Software\qvo6Software
Schlüssel Gelöscht : HKLM\Software\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\953d98cb46deb17
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9500325AS_S2WR1TB4XXXXS2WR1TB4&ts=1372701674 --> hxxp://www.google.com

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.2485] : homepage = "hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=BE7E12689D8647AA&affID=119357&t[...]
Gelöscht [l.2894] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D86[...]

*************************

AdwCleaner[S1].txt - [11921 octets] - [04/07/2013 18:32:12]

########## EOF - C:\AdwCleaner[S1].txt - [11982 octets] ##########
         
--- --- ---




FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013
Ran by Rebecca (administrator) on 04-07-2013 18:25:35
Running from C:\Users\Rebecca\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eSafeSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\Omiga Plus\omigaplus.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dropbox, Inc.) C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe" [64640 2012-09-14] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [BackupPCFiles.Agent] "C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe" [249472 2013-05-07] (Bright Access)
HKCU\...\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-12-19] ()
HKCU\...\Run: [Google Update] "C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-05-28] (Google Inc.)
HKCU\...\Run: [Omiga Plus] "C:\Program Files (x86)\Omiga Plus\omigaplus.exe" /autorun [1361576 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.)
MountPoints2: {72078e76-49c9-11e2-be69-806e6f6e6963} - "D:\SETUP.EXE" /AUTORUN
HKLM-x32\...\Run: [LManager]  [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-09-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [24504 2012-10-25] (Kaspersky Lab ZAO)
HKU\Default\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com
HKLM SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
HKLM-x32 SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
HKCU SearchScopes: DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Qvo6.com
SearchScopes: HKCU - {6F9161DA-7B64-4BA1-9C95-27EBF8F95363} URL = 
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Handler: msdaipp - No CLSID Value - 
Handler-x32: msdaipp - No CLSID Value - 
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR HomePage: hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=BE7E12689D8647AA&affID=119357&tt=250613_gr4&tsp=4929"
CHR DefaultSearchURL: (Ecosia) - hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
CHR DefaultSuggestURL: (Ecosia) - hxxp://ecosia.org/ajax/searchsuggestions.php?q={searchTerms}&addon=opensearch
CHR Plugin: (Shockwave Flash) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Google Update) - C:\Users\Rebecca\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (Emma Bridgewater) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ennchkafgbngcmjcbbicbobbdomhmklc\2_0
CHR Extension: (Delta Toolbar) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (Safe Money) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: (Content Blocker) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0
CHR Extension: (Virtual Keyboard) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: (Wajam) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0
CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Anti-Banner) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-05-28] (Adobe Systems)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-28] (Kaspersky Lab ZAO)
R2 BackupPCFilesService; C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe [67712 2013-05-07] (Bright Access)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
R2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [201376 2012-06-08] (Conexant Systems Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-09-21] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [85904 2012-09-05] (ELAN Microelectronics Corp.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 omigaplussvc; C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe [424104 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-19] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 WsysSvc; C:\ProgramData\eSafe\eSafeSvc.exe [386112 2013-07-04] (Wsys Co., Ltd.)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-09-10] (Atheros)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]
S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29016 2013-05-28] (Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-28] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-05-28] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-19] (Dritek System Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-04 17:59 - 2013-07-04 18:13 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-04 17:59 - 2013-07-04 18:13 - 00000000 ____D C:\Program Files (x86)\Omiga Plus
2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WinZipper
2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Omiga Plus
2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\337
2013-07-02 23:06 - 2013-07-02 23:06 - 00008838 ____A C:\Users\Rebecca\Desktop\songt.odt
2013-07-02 20:09 - 2013-07-02 20:09 - 00026558 ____A C:\Users\Rebecca\Desktop\Addition.txt
2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST
2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk
2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2013-07-01 20:01 - 2013-07-04 18:16 - 00000000 ____D C:\ProgramData\eSafe
2013-07-01 20:01 - 2013-07-04 17:58 - 00000000 ____D C:\Program Files (x86)\Desk 365
2013-07-01 20:01 - 2013-07-02 20:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365
2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-01 20:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-01 20:00 - 2013-07-02 23:10 - 00000000 ____A C:\END
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam
2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe
2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller
2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations
2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe
2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-06-30 21:04 - 2013-07-01 13:20 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT
2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe
2013-06-30 14:05 - 2013-07-04 18:01 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-30 14:05 - 2011-10-04 22:43 - 00087552 ____A C:\Windows\System32\custmon64i.dll
2013-06-30 14:04 - 2013-07-04 18:09 - 00000326 ____A C:\Windows\Tasks\DSite.job
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-06-30 14:03 - 2013-06-30 14:04 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe
2013-06-29 14:50 - 2013-06-29 14:51 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp
2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP
2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump
2013-06-24 23:45 - 2013-06-24 23:46 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-24 16:14 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-24 16:14 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-22 21:53 - 2013-06-22 21:54 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner
2013-06-22 21:45 - 2013-06-22 22:05 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama
2013-06-21 22:41 - 2013-06-28 19:06 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig
2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase
2013-06-21 22:37 - 2013-06-21 23:16 - 00000538 ____A C:\Windows\DirectX.log
2013-06-21 22:37 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2013-06-21 22:37 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-06-21 22:37 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2013-06-21 22:37 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-06-21 22:07 - 2013-06-21 22:26 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi
2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-21 13:45 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-21 13:45 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-21 13:44 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-21 13:44 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-21 13:44 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-21 13:44 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-21 13:44 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-21 13:44 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-21 13:44 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-21 13:44 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-21 13:44 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-21 13:44 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-21 13:44 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-21 13:44 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-21 13:44 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-21 13:44 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-21 13:44 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-21 13:44 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-21 13:44 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-21 13:44 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-21 13:44 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-21 13:44 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-21 13:44 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-21 13:44 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-21 13:44 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-21 13:44 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-21 13:44 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-21 13:44 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-21 13:44 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-21 13:44 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-21 13:44 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-21 13:44 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-21 13:44 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-21 13:44 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-21 13:43 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-21 13:43 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-21 13:43 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-21 13:43 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-21 13:43 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-21 13:43 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-21 13:43 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-21 13:42 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-21 13:42 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-21 13:42 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-21 13:42 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-21 13:42 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-21 13:42 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-21 13:42 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-21 13:42 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-20 22:52 - 2013-06-20 23:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi
2013-06-13 22:06 - 2013-06-13 22:07 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip
2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe
2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe
2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe
2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink
2013-06-10 11:57 - 2013-06-06 08:31 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk
2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-08 13:43 - 2013-06-08 13:44 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd
2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-06-06 18:32 - 2013-07-04 18:14 - 00000000 ___RD C:\Users\Rebecca\Dropbox
2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk
2013-06-06 18:26 - 2013-07-04 18:14 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox
2013-06-06 18:24 - 2013-06-06 18:25 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe
2013-06-05 19:21 - 2013-06-30 14:43 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps
2013-06-05 19:20 - 2013-06-05 19:21 - 00000000 ____D C:\ProgramData\BackupPCFiles
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles
2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe
2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk
2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip
2013-06-04 22:59 - 2013-06-06 14:22 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt
2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys

==================== One Month Modified Files and Folders =======

2013-07-04 18:18 - 2012-12-19 21:40 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-07-04 18:18 - 2012-12-19 21:40 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-07-04 18:18 - 2012-07-26 09:28 - 01035242 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-04 18:16 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe
2013-07-04 18:14 - 2013-06-06 18:32 - 00000000 ___RD C:\Users\Rebecca\Dropbox
2013-07-04 18:14 - 2013-06-06 18:26 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox
2013-07-04 18:14 - 2013-05-28 17:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-04 18:13 - 2013-07-04 17:59 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-04 18:13 - 2013-07-04 17:59 - 00000000 ____D C:\Program Files (x86)\Omiga Plus
2013-07-04 18:10 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-04 18:09 - 2013-06-30 14:04 - 00000326 ____A C:\Windows\Tasks\DSite.job
2013-07-04 18:09 - 2012-10-30 05:34 - 00029072 ____A C:\Windows\PFRO.log
2013-07-04 18:09 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-07-04 18:01 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-07-04 18:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WinZipper
2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Omiga Plus
2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\337
2013-07-04 17:58 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Desk 365
2013-07-04 17:58 - 2013-05-28 17:48 - 00001160 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job
2013-07-04 17:58 - 2013-05-28 17:48 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job
2013-07-04 17:58 - 2011-06-11 01:58 - 00773800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-07-04 17:58 - 2011-06-11 01:58 - 00421032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-07-04 17:50 - 2013-05-28 16:12 - 02027995 ____A C:\Windows\WindowsUpdate.log
2013-07-02 23:10 - 2013-07-01 20:00 - 00000000 ____A C:\END
2013-07-02 23:06 - 2013-07-02 23:06 - 00008838 ____A C:\Users\Rebecca\Desktop\songt.odt
2013-07-02 20:09 - 2013-07-02 20:09 - 00026558 ____A C:\Users\Rebecca\Desktop\Addition.txt
2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST
2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk
2013-07-02 20:05 - 2013-05-29 23:12 - 00035840 __ASH C:\Users\Rebecca\Downloads\Thumbs.db
2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2013-07-02 20:04 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Desk 365
2013-07-02 19:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Wajam
2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe
2013-07-01 19:59 - 2013-07-01 19:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\eIntaller
2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations
2013-07-01 19:45 - 2013-05-28 16:12 - 00000000 ____D C:\users\Rebecca
2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe
2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-07-01 16:26 - 2013-06-03 23:06 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign
2013-07-01 13:20 - 2013-06-30 21:04 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT
2013-07-01 12:32 - 2012-10-30 06:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-30 14:43 - 2013-06-05 19:21 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps
2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Delta
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\BabSolution
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DSite
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\DealPly
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\ProgramData\Babylon
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:03 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe
2013-06-29 14:51 - 2013-06-29 14:50 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp
2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP
2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump
2013-06-28 19:06 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig
2013-06-26 17:37 - 2013-05-28 18:39 - 00371712 __ASH C:\Users\Rebecca\Desktop\Thumbs.db
2013-06-24 23:46 - 2013-06-24 23:45 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-24 23:21 - 2013-05-30 00:04 - 00000000 ____D C:\Users\Rebecca\Documents\Forte
2013-06-24 17:09 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-24 16:56 - 2013-05-30 10:16 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-22 22:05 - 2013-06-22 21:45 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama
2013-06-22 21:54 - 2013-06-22 21:53 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner
2013-06-22 21:43 - 2012-07-26 09:21 - 00032675 ____A C:\Windows\setupact.log
2013-06-21 23:16 - 2013-06-21 22:37 - 00000538 ____A C:\Windows\DirectX.log
2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-06-21 22:26 - 2013-06-21 22:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi
2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-20 23:07 - 2013-06-20 22:52 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi
2013-06-13 22:07 - 2013-06-13 22:06 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip
2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe
2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe
2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe
2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink
2013-06-10 12:04 - 2012-12-19 13:32 - 00000000 ____D C:\ProgramData\CyberLink
2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-10 11:51 - 2013-05-28 16:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\VirtualStore
2013-06-08 13:44 - 2013-06-08 13:43 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd
2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk
2013-06-06 18:25 - 2013-06-06 18:24 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe
2013-06-06 14:22 - 2013-06-04 22:59 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt
2013-06-06 13:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-06-06 08:31 - 2013-06-10 11:57 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk
2013-06-05 19:21 - 2013-06-05 19:20 - 00000000 ____D C:\ProgramData\BackupPCFiles
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles
2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe
2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk
2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip
2013-06-05 00:09 - 2013-06-01 15:33 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-05 00:09 - 2013-06-01 15:33 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(DEVGURU :: DEVGURU? ????? ?????.)) C:\Windows\System32\Drivers\ssudbus.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-01 13:23

==================== End Of Log ============================
         
--- --- ---

Alt 04.07.2013, 17:58   #7
aharonov
/// TB-Ausbilder
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Bitte die Schritte immer in der angegebenen Reihenfolge abarbeiten - sonst macht es keinen Sinn..

Mach nochmals einen neuen FRST-Scan:


Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.
__________________
cheers,
Leo

Alt 04.07.2013, 18:10   #8
beccerie
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Habe ich etwas nicht in der Richtigen Reihenfolge gemacht? UPS...

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013
Ran by Rebecca (administrator) on 04-07-2013 19:04:27
Running from C:\Users\Rebecca\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eSafeSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.CppProxyServer.exe
(Bright Access) C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\Omiga Plus\omigaplus.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dropbox, Inc.) C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rebecca\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
HKLM\...\Run: [BackupPCFiles.Agent] "C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Agent.exe" [249472 2013-05-07] (Bright Access)
HKCU\...\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-12-19] ()
HKCU\...\Run: [Google Update] "C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-05-28] (Google Inc.)
HKCU\...\Run: [Omiga Plus] "C:\Program Files (x86)\Omiga Plus\omigaplus.exe" /autorun [1361576 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.)
MountPoints2: {72078e76-49c9-11e2-be69-806e6f6e6963} - "D:\SETUP.EXE" /AUTORUN
HKLM-x32\...\Run: [LManager] [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-09-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [24504 2012-10-25] (Kaspersky Lab ZAO)
HKU\Default\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-08-21] (Acer Incorporated)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Rebecca\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
SearchScopes: HKCU - {6F9161DA-7B64-4BA1-9C95-27EBF8F95363} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler: msdaipp - No CLSID Value -
Handler-x32: msdaipp - No CLSID Value -
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome:
=======
CHR DefaultSearchURL: (Ecosia) - hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch
CHR DefaultSuggestURL: (Ecosia) - hxxp://ecosia.org/ajax/searchsuggestions.php?q={searchTerms}&addon=opensearch
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (Safe Money) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: (Content Blocker) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0
CHR Extension: (Virtual Keyboard) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: (Anti-Banner) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-05-28] (Adobe Systems)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376 2013-05-28] (Kaspersky Lab ZAO)
R2 BackupPCFilesService; C:\Program Files (x86)\BackupPCFiles\BackupPCFiles.Client.Service.exe [67712 2013-05-07] (Bright Access)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
R2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [201376 2012-06-08] (Conexant Systems Inc.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-09-21] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-09-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [85904 2012-09-05] (ELAN Microelectronics Corp.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 omigaplussvc; C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe [424104 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-12-19] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-07-04] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 WsysSvc; C:\ProgramData\eSafe\eSafeSvc.exe [386112 2013-07-04] (Wsys Co., Ltd.)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-09-10] (Atheros)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]
S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29016 2013-05-28] (Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29528 2012-10-25] (Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-05-28] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-05-28] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-12-19] (Dritek System Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-04 18:32 - 2013-07-04 18:33 - 00012014 ____A C:\AdwCleaner[S1].txt
2013-07-04 18:32 - 2013-07-04 18:33 - 00000088 ____A C:\Windows\DeleteOnReboot.bat
2013-07-04 18:30 - 2013-07-04 18:30 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (2).exe
2013-07-04 18:30 - 2013-07-04 18:30 - 00650027 ____A C:\Users\Rebecca\Downloads\adwcleaner.exe
2013-07-04 17:59 - 2013-07-04 18:37 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-04 17:59 - 2013-07-04 18:37 - 00000000 ____D C:\Program Files (x86)\Omiga Plus
2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WinZipper
2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Omiga Plus
2013-07-02 23:06 - 2013-07-02 23:06 - 00008838 ____A C:\Users\Rebecca\Desktop\songt.odt
2013-07-02 20:09 - 2013-07-02 20:09 - 00026558 ____A C:\Users\Rebecca\Desktop\Addition.txt
2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST
2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk
2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2013-07-01 20:01 - 2013-07-04 18:38 - 00000000 ____D C:\ProgramData\eSafe
2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-01 20:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe
2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations
2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe
2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-06-30 21:04 - 2013-07-01 13:20 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT
2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe
2013-06-30 14:05 - 2013-07-04 18:01 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-06-30 14:05 - 2011-10-04 22:43 - 00087552 ____A C:\Windows\System32\custmon64i.dll
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-06-30 14:03 - 2013-06-30 14:04 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe
2013-06-29 14:50 - 2013-06-29 14:51 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp
2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP
2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump
2013-06-24 23:45 - 2013-06-24 23:46 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-24 16:14 - 2013-04-03 01:37 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-24 16:14 - 2013-04-03 01:12 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-22 21:53 - 2013-06-22 21:54 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner
2013-06-22 21:45 - 2013-06-22 22:05 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama
2013-06-21 22:41 - 2013-06-28 19:06 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig
2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase
2013-06-21 22:37 - 2013-06-21 23:16 - 00000538 ____A C:\Windows\DirectX.log
2013-06-21 22:37 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2013-06-21 22:37 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2013-06-21 22:37 - 2005-07-22 19:59 - 03807440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx9_27.dll
2013-06-21 22:37 - 2005-07-22 19:59 - 02319568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-06-21 22:07 - 2013-06-21 22:26 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi
2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-21 13:45 - 2013-05-04 08:59 - 13644288 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-06-21 13:45 - 2013-05-04 06:57 - 10788864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-06-21 13:44 - 2013-05-31 01:24 - 01257472 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-06-21 13:44 - 2013-05-31 01:08 - 00974848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-06-21 13:44 - 2013-05-24 01:01 - 01300992 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-06-21 13:44 - 2013-05-24 00:27 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-06-21 13:44 - 2013-05-15 04:25 - 00888320 ____A (Microsoft Corporation) C:\Windows\System32\autochk.exe
2013-06-21 13:44 - 2013-05-15 04:25 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll
2013-06-21 13:44 - 2013-05-15 04:24 - 00793088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-06-21 13:44 - 2013-05-15 04:24 - 00482816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-06-21 13:44 - 2013-05-04 09:58 - 00120736 ____A (Microsoft Corporation) C:\Windows\System32\AuthHost.exe
2013-06-21 13:44 - 2013-05-04 09:34 - 00446720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-06-21 13:44 - 2013-05-04 09:34 - 00284416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-06-21 13:44 - 2013-05-04 09:34 - 00213248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-06-21 13:44 - 2013-05-04 09:30 - 00058312 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 03241472 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 01483776 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 00812544 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe
2013-06-21 13:44 - 2013-05-04 08:59 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-06-21 13:44 - 2013-05-04 08:59 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-06-21 13:44 - 2013-05-04 08:58 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 01332736 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00470528 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00330240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\netprofm.dll
2013-06-21 13:44 - 2013-05-04 08:58 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 02305024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00708096 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\biwinrt.dll
2013-06-21 13:44 - 2013-05-04 08:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\muifontsetup.dll
2013-06-21 13:44 - 2013-05-04 08:56 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-06-21 13:44 - 2013-05-04 06:58 - 00758784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-06-21 13:44 - 2013-05-04 06:58 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-06-21 13:44 - 2013-05-04 06:58 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-06-21 13:44 - 2013-05-04 06:57 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00247296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00151040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-06-21 13:44 - 2013-05-04 06:57 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 02035712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-06-21 13:44 - 2013-05-04 06:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-06-21 13:44 - 2013-05-04 06:55 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-06-21 13:44 - 2013-05-04 06:51 - 00014848 ____A (Microsoft) C:\Windows\System32\rars.rs
2013-06-21 13:44 - 2013-05-04 06:48 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-06-21 13:44 - 2013-05-04 06:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-06-21 13:44 - 2013-05-04 06:47 - 00427520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-06-21 13:44 - 2013-05-04 06:10 - 00014848 ____A (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-06-21 13:44 - 2013-05-03 00:04 - 00386646 ____A C:\Windows\System32\ApnDatabase.xml
2013-06-21 13:44 - 2013-04-24 01:13 - 01013248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-21 13:44 - 2013-04-24 01:12 - 01569792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-21 13:44 - 2013-04-24 01:12 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-21 13:44 - 2013-04-24 00:56 - 01255936 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-21 13:44 - 2013-04-24 00:55 - 01889280 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-21 13:44 - 2013-04-24 00:55 - 00141312 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-21 13:44 - 2013-04-24 00:55 - 00068096 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-21 13:43 - 2013-05-16 00:36 - 14320640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-21 13:43 - 2013-05-16 00:35 - 19230720 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-21 13:43 - 2013-05-04 09:45 - 02233600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-21 13:43 - 2013-04-29 00:30 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-21 13:43 - 2013-04-29 00:30 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-21 13:43 - 2013-04-29 00:28 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-21 13:43 - 2013-04-29 00:27 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-21 13:43 - 2013-04-29 00:27 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-21 13:43 - 2013-04-27 07:20 - 00733184 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-21 13:42 - 2013-05-16 00:37 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-06-21 13:42 - 2013-05-16 00:35 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-06-21 13:42 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-21 13:42 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-21 13:42 - 2013-04-29 00:30 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-21 13:42 - 2013-04-29 00:30 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-21 13:42 - 2013-04-29 00:30 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-21 13:42 - 2013-04-29 00:28 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-21 13:42 - 2013-04-29 00:27 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-20 22:52 - 2013-06-20 23:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi
2013-06-13 22:06 - 2013-06-13 22:07 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip
2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe
2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe
2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe
2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink
2013-06-10 11:57 - 2013-06-06 08:31 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk
2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-08 13:43 - 2013-06-08 13:44 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd
2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-06-06 18:32 - 2013-07-04 18:43 - 00000000 ___RD C:\Users\Rebecca\Dropbox
2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk
2013-06-06 18:26 - 2013-07-04 18:43 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox
2013-06-06 18:24 - 2013-06-06 18:25 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe
2013-06-05 19:21 - 2013-06-30 14:43 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps
2013-06-05 19:20 - 2013-06-05 19:21 - 00000000 ____D C:\ProgramData\BackupPCFiles
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles
2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe
2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk
2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip
2013-06-04 22:59 - 2013-06-06 14:22 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt
2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys

==================== One Month Modified Files and Folders =======

2013-07-04 19:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-07-04 18:58 - 2013-05-28 17:48 - 00001160 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001UA.job
2013-07-04 18:55 - 2013-05-28 16:12 - 01052105 ____A C:\Windows\WindowsUpdate.log
2013-07-04 18:55 - 2013-05-28 16:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Packages
2013-07-04 18:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-04 18:44 - 2013-05-28 17:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-04 18:43 - 2013-06-06 18:32 - 00000000 ___RD C:\Users\Rebecca\Dropbox
2013-07-04 18:43 - 2013-06-06 18:26 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Dropbox
2013-07-04 18:40 - 2012-12-19 21:40 - 00753134 ____A C:\Windows\System32\perfh007.dat
2013-07-04 18:40 - 2012-12-19 21:40 - 00155826 ____A C:\Windows\System32\perfc007.dat
2013-07-04 18:40 - 2012-07-26 09:28 - 01035242 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-04 18:38 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\eSafe
2013-07-04 18:37 - 2013-07-04 17:59 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-04 18:37 - 2013-07-04 17:59 - 00000000 ____D C:\Program Files (x86)\Omiga Plus
2013-07-04 18:34 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-04 18:34 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-07-04 18:33 - 2013-07-04 18:32 - 00012014 ____A C:\AdwCleaner[S1].txt
2013-07-04 18:33 - 2013-07-04 18:32 - 00000088 ____A C:\Windows\DeleteOnReboot.bat
2013-07-04 18:30 - 2013-07-04 18:30 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (2).exe
2013-07-04 18:30 - 2013-07-04 18:30 - 00650027 ____A C:\Users\Rebecca\Downloads\adwcleaner.exe
2013-07-04 18:09 - 2012-10-30 05:34 - 00029072 ____A C:\Windows\PFRO.log
2013-07-04 18:01 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\WinZipper
2013-07-04 17:59 - 2013-07-04 17:59 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Omiga Plus
2013-07-04 17:58 - 2013-05-28 17:48 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265992392-2356816179-987210788-1001Core.job
2013-07-04 17:58 - 2011-06-11 01:58 - 00773800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-07-04 17:58 - 2011-06-11 01:58 - 00421032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-07-02 23:06 - 2013-07-02 23:06 - 00008838 ____A C:\Users\Rebecca\Desktop\songt.odt
2013-07-02 20:09 - 2013-07-02 20:09 - 00026558 ____A C:\Users\Rebecca\Desktop\Addition.txt
2013-07-02 20:07 - 2013-07-02 20:07 - 00000000 ____D C:\FRST
2013-07-02 20:06 - 2013-07-02 20:06 - 00003692 ____A C:\Users\Rebecca\Desktop\FRST64 - Verknüpfung.lnk
2013-07-02 20:05 - 2013-05-29 23:12 - 00035840 __ASH C:\Users\Rebecca\Downloads\Thumbs.db
2013-07-02 20:04 - 2013-07-02 20:04 - 01933556 ____A (Farbar) C:\Users\Rebecca\Desktop\FRST64.exe
2013-07-01 20:01 - 2013-07-01 20:01 - 00001113 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-01 20:01 - 2013-07-01 20:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-01 19:59 - 2013-07-01 19:59 - 00654904 ____A C:\Users\Rebecca\Downloads\setup (1).exe
2013-07-01 19:45 - 2013-07-01 19:45 - 00002361 ____A C:\Users\Rebecca\Desktop\Qtrax Player.lnk
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\Qtrax
2013-07-01 19:45 - 2013-07-01 19:45 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Downloaded Installations
2013-07-01 19:45 - 2013-05-28 16:12 - 00000000 ____D C:\users\Rebecca
2013-07-01 19:44 - 2013-07-01 19:44 - 00793536 ____A C:\Users\Rebecca\Downloads\ZipOpenerSetup (1).exe
2013-07-01 19:44 - 2013-07-01 19:44 - 00001114 ____A C:\Users\Public\Desktop\Open It!.lnk
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Zip Opener Packages
2013-07-01 19:44 - 2013-07-01 19:44 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-07-01 16:26 - 2013-06-03 23:06 - 00000000 ____D C:\Users\Rebecca\Documents\InDesign
2013-07-01 13:20 - 2013-06-30 21:04 - 00000005 ____A C:\Users\Rebecca\AppData\Roaming\WBPU-TTL.DAT
2013-07-01 12:32 - 2012-10-30 06:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-30 14:43 - 2013-06-05 19:21 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps
2013-06-30 14:22 - 2013-06-30 14:22 - 00447256 ____A C:\Users\Rebecca\Downloads\Setup.exe
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\PDF Writer Packages
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\GPLGS
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:04 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-06-30 14:04 - 2013-06-30 14:03 - 01278400 ____A C:\Users\Rebecca\Downloads\PDFWriterSetup.exe
2013-06-29 14:51 - 2013-06-29 14:50 - 00429880 ____A C:\Windows\Minidump\062913-28470-01.dmp
2013-06-29 14:50 - 2013-06-29 14:50 - 444712892 ____A C:\Windows\MEMORY.DMP
2013-06-29 14:50 - 2013-06-29 14:50 - 00000000 ____D C:\Windows\Minidump
2013-06-28 19:06 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\Documents\Ludwig
2013-06-26 17:37 - 2013-05-28 18:39 - 00371712 __ASH C:\Users\Rebecca\Desktop\Thumbs.db
2013-06-24 23:46 - 2013-06-24 23:45 - 00402776 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-24 23:21 - 2013-05-30 00:04 - 00000000 ____D C:\Users\Rebecca\Documents\Forte
2013-06-24 17:09 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-06-24 16:56 - 2013-05-30 10:16 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-06-24 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-24 15:51 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-06-22 22:05 - 2013-06-22 21:45 - 00000000 ____D C:\Users\Rebecca\Desktop\camera mama
2013-06-22 21:54 - 2013-06-22 21:53 - 00000000 ____D C:\Users\Rebecca\Desktop\Neuer Ordner
2013-06-22 21:43 - 2012-07-26 09:21 - 00032675 ____A C:\Windows\setupact.log
2013-06-21 23:16 - 2013-06-21 22:37 - 00000538 ____A C:\Windows\DirectX.log
2013-06-21 22:41 - 2013-06-21 22:41 - 00000000 ____D C:\Users\Rebecca\AppData\Local\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\ProgramData\ChessBase
2013-06-21 22:36 - 2013-06-21 22:36 - 00000000 ____D C:\Program Files (x86)\ChessBase
2013-06-21 22:26 - 2013-06-21 22:07 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup (1).msi
2013-06-21 13:45 - 2013-06-21 13:45 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-20 23:07 - 2013-06-20 22:52 - 558755840 ____A C:\Users\Rebecca\Downloads\ludwig3setup.msi
2013-06-13 22:07 - 2013-06-13 22:06 - 00026247 ____A C:\Users\Rebecca\Downloads\leckerli-one.zip
2013-06-10 19:36 - 2013-06-10 19:36 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (4).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (3).exe
2013-06-10 19:31 - 2013-06-10 19:31 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (2).exe
2013-06-10 18:49 - 2013-06-10 18:49 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21 (1).exe
2013-06-10 18:44 - 2013-06-10 18:44 - 00903072 ____A (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u21.exe
2013-06-10 12:04 - 2013-06-10 12:04 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Cyberlink
2013-06-10 12:04 - 2012-12-19 13:32 - 00000000 ____D C:\ProgramData\CyberLink
2013-06-10 11:51 - 2013-06-10 11:51 - 00098368 ____A C:\Users\Rebecca\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-10 11:51 - 2013-05-28 16:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\VirtualStore
2013-06-08 13:44 - 2013-06-08 13:43 - 05685597 ____A C:\Users\Rebecca\Desktop\papier bearb.psd
2013-06-07 18:23 - 2013-06-07 18:23 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-06-06 18:32 - 2013-06-06 18:32 - 00001052 ____A C:\Users\Rebecca\Desktop\Dropbox.lnk
2013-06-06 18:25 - 2013-06-06 18:24 - 32966136 ____A (Dropbox, Inc.) C:\Users\Rebecca\Downloads\Dropbox 2.0.26.exe
2013-06-06 14:22 - 2013-06-04 22:59 - 00623282 ____A C:\Users\Rebecca\Desktop\Unbenannt 1.odt
2013-06-06 13:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-06-06 08:31 - 2013-06-10 11:57 - 00724741 ____N C:\Users\Rebecca\Desktop\AbiPoints.apk
2013-06-05 19:21 - 2013-06-05 19:20 - 00000000 ____D C:\ProgramData\BackupPCFiles
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Users\Rebecca\Documents\BackupPCFiles Folder
2013-06-05 19:20 - 2013-06-05 19:20 - 00000000 ____D C:\Program Files (x86)\BackupPCFiles
2013-06-05 19:18 - 2013-06-05 19:18 - 07507064 ____A C:\Users\Rebecca\Downloads\Backup_Installer.exe
2013-06-05 19:15 - 2013-06-05 19:15 - 00724741 ____A C:\Users\Rebecca\Downloads\AbiPoints.apk
2013-06-05 19:15 - 2013-06-05 19:15 - 00582205 ____A C:\Users\Rebecca\Downloads\screenshots.zip
2013-06-05 00:09 - 2013-06-01 15:33 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-05 00:09 - 2013-06-01 15:33 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-04 22:59 - 2013-06-04 22:59 - 00489035 ____A C:\Users\Rebecca\Desktop\IT's APP2you Projekt.odt
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-01 13:23

==================== End Of Log ============================

Alt 04.07.2013, 18:28   #9
aharonov
/// TB-Ausbilder
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Ja jetzt passt es.
Ist es jetzt besser mit der Werbung beim Surfen?


Schritt 1

Drücke die + R Taste und schreibe "notepad" in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument:
Code:
ATTFilter
2013-07-04 18:01 - 2013-06-30 14:05 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-30 14:05 - 2013-06-30 14:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
Task: C:\Windows\Tasks\Lyrics Finder Update.job => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe
Task: {F5A4610D-2FEC-4082-813C-A8AEC624A0CC} - System32\Tasks\DealPly => C:\Users\Rebecca\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE [2013-02-27] ()
Task: {C58FC3F8-DAA2-47F0-BB5B-E8D81A0C665D} - System32\Tasks\Plus-HD-2.3-updater => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-06-30] (Plus HD)
Task: {B47EFA2E-0FE7-4AFF-8E2B-BFA2ADE9EFC8} - System32\Tasks\Plus-HD-2.3-enabler => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-06-30] (Plus HD)
Task: {97AA14A9-112E-414D-8F8C-6AB25A9304D1} - System32\Tasks\Plus-HD-2.3-codedownloader => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-06-30] (Plus HD)
Task: {811429EB-54FC-493A-B3A0-9224A2195644} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe [2013-07-01] (337 Technology Limited.)
Task: {4325F945-E652-4329-A43F-3650E7C361F8} - System32\Tasks\BrowserDefendert => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {438139D7-1488-45CA-934F-366EB728C091} - System32\Tasks\DSite => C:\Users\Rebecca\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-07-01] ()
Task: {1F03B27A-8849-4E0F-83D9-DC9EDE51BA87} - System32\Tasks\DealPlyUpdate => C:\Program No File
Task: {18FB23DC-658C-455C-BF77-BA77D70569DE} - System32\Tasks\Plus-HD-2.3-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe [2013-06-30] (Plus HD)
Task: {01E27AC1-51E7-4717-9625-7C93C11E4ED4} - System32\Tasks\Lyrics Finder Update => C:\Program Files (x86)\LyricsFinder\LyricsFinderUpdater.exe [2013-02-27] (Nijad Software)
         
Speichere dieses dann bitte unter dem Dateinamen Fixlist.txt ebenfalls auf deinen Desktop neben FRST.
  • Starte nun FRST und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt. Poste mir deren Inhalt.



Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Schritt 3

Starte noch einmal FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Fixlog von FRST
  • Log von JRT
  • Logs von FRST
__________________
cheers,
Leo

Alt 06.07.2013, 19:55   #10
beccerie
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Hier der Schitt 1:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-07-2013
Ran by Rebecca at 2013-07-06 20:38:56 Run:1
Running from C:\Users\Rebecca\Desktop
Boot Mode: Normal
==============================================

C:\Program Files (x86)\Plus-HD-2.3 => Moved successfully.
C:\Windows\SysWOW64\searchplugins => Moved successfully.
C:\Windows\SysWOW64\Extensions => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5A4610D-2FEC-4082-813C-A8AEC624A0CC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5A4610D-2FEC-4082-813C-A8AEC624A0CC} => Key deleted successfully.
C:\Windows\System32\Tasks\DealPly => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPly => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C58FC3F8-DAA2-47F0-BB5B-E8D81A0C665D} => Key not found.
C:\Windows\System32\Tasks\Plus-HD-2.3-updater not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.3-updater => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B47EFA2E-0FE7-4AFF-8E2B-BFA2ADE9EFC8} => Key not found.
C:\Windows\System32\Tasks\Plus-HD-2.3-enabler not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.3-enabler => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97AA14A9-112E-414D-8F8C-6AB25A9304D1} => Key not found.
C:\Windows\System32\Tasks\Plus-HD-2.3-codedownloader not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.3-codedownloader => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{811429EB-54FC-493A-B3A0-9224A2195644} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{811429EB-54FC-493A-B3A0-9224A2195644} => Key deleted successfully.
C:\Windows\System32\Tasks\Desk 365 RunAsStdUser => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4325F945-E652-4329-A43F-3650E7C361F8} => Key not found.
C:\Windows\System32\Tasks\BrowserDefendert not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{438139D7-1488-45CA-934F-366EB728C091} => Key not found.
C:\Windows\System32\Tasks\DSite not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F03B27A-8849-4E0F-83D9-DC9EDE51BA87} => Key not found.
C:\Windows\System32\Tasks\DealPlyUpdate not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18FB23DC-658C-455C-BF77-BA77D70569DE} => Key not found.
C:\Windows\System32\Tasks\Plus-HD-2.3-chromeinstaller not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-2.3-chromeinstaller => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01E27AC1-51E7-4717-9625-7C93C11E4ED4} => Key not found.
C:\Windows\System32\Tasks\Lyrics Finder Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lyrics Finder Update => Key not found.

==== End of Fixlog ====



In Schritt 2 habe ich das Programm installiert und auch über 'Administrator' geöffnet, aber es führt keinerlei Scan durch und es öffnet sich kein Dokument. Es erscheint nur ein Fenster (schwarz mit weißer Schrift):
Ich soll eine beliebige Taste drücken und dann soll irgendwas passieren - passiert aber nichts.

Es steht da nur: Creating a registery backup und checking startup

Alt 06.07.2013, 21:15   #11
aharonov
/// TB-Ausbilder
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Ok, dann mach bitte mit Schritt 3 weiter.
__________________
cheers,
Leo

Alt 15.07.2013, 12:47   #12
aharonov
/// TB-Ausbilder
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Hi,

ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe?

Wenn ich in den nächsten 24 Stunden nichts von dir höre, gehe ich davon aus, dass sich das Thema erledigt hat und lösche es aus meinen Abos.

Hinweis: Wir sind noch nicht fertig! Auch wenn die Symptome verschwunden sein sollten, kann dein System weiterhin infiziert sein und über Sicherheitslücken verfügen, welche eine erneute Infektion möglich machen.
__________________
cheers,
Leo

Alt 17.07.2013, 07:58   #13
aharonov
/// TB-Ausbilder
 
Plötzlich langsames Internet und viel Werbung - Standard

Plötzlich langsames Internet und viel Werbung



Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort

Themen zu Plötzlich langsames Internet und viel Werbung
aufgetaucht, befinden, besuch, bizcoaching, dauert, installiert, interne, internet, internetseite, internetseiten, kaspersky, klicke, langsam, langsames, langsames internet, laptop, minute, minuten, plötzlich, probleme, programm, recht, schonmal, seite, seiten, viel werbung, werbeanzeigen, werbung, ändern, öffnet




Ähnliche Themen: Plötzlich langsames Internet und viel Werbung


  1. plötzlich langsames Internet
    Log-Analyse und Auswertung - 21.04.2015 (3)
  2. Windows 8: sehr langsames Internet und viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 29.12.2014 (15)
  3. Laptop wird immer langsamer und hat plötzlich ganz viel Werbung !
    Log-Analyse und Auswertung - 26.06.2014 (13)
  4. Plötzlich viel Werbung im Browser Bräuchte mal rat Windows 7 64bit
    Plagegeister aller Art und deren Bekämpfung - 20.05.2014 (21)
  5. Viel Werbung bei internet explorer
    Plagegeister aller Art und deren Bekämpfung - 19.04.2014 (4)
  6. Internet langsam, und viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 09.03.2014 (12)
  7. Übermäßig viel Werbung im Internet
    Plagegeister aller Art und deren Bekämpfung - 04.01.2014 (11)
  8. Super viel Werbung und Pop-Ups plötzlich
    Plagegeister aller Art und deren Bekämpfung - 30.12.2013 (7)
  9. Viel zu viel Werbung im Internet
    Plagegeister aller Art und deren Bekämpfung - 06.10.2013 (15)
  10. langsames Internet mit viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (21)
  11. Windows XP: langsames Internet und viel Spam-Werbung
    Plagegeister aller Art und deren Bekämpfung - 03.09.2013 (15)
  12. Sehr viel Werbung und langsames Internet?
    Plagegeister aller Art und deren Bekämpfung - 01.09.2013 (8)
  13. Werbung/Langsames Internet
    Plagegeister aller Art und deren Bekämpfung - 28.08.2013 (5)
  14. Plötzlich extrem langsames Internet
    Log-Analyse und Auswertung - 21.12.2012 (1)
  15. häufige werbung + langsames internet
    Log-Analyse und Auswertung - 19.01.2009 (0)
  16. Plötzlich langsames Internet
    Log-Analyse und Auswertung - 15.09.2007 (19)
  17. Sehr langsames Internet, plötzlich aufgetreten
    Log-Analyse und Auswertung - 28.04.2006 (10)

Zum Thema Plötzlich langsames Internet und viel Werbung - Hallo Trojaner-Board-Nutzer, seit gestern ist mir aufgefallen, dass auf meinen regelmäßig besuchten Internetseiten plötzlich mehr und großflächigere Werbeanzeigen aufgetaucht sind. Außerdem ist mein Internet recht langsam. Manchmal dauert es einige - Plötzlich langsames Internet und viel Werbung...
Archiv
Du betrachtest: Plötzlich langsames Internet und viel Werbung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.