| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internet Arbeit viel zu langsam aber am Anbieter liegt es nichtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.05.2013, 18:49
| #1 |
 |  Internet Arbeit viel zu langsam aber am Anbieter liegt es nicht Hallo liebes Trojaner Board seit wochen merke ich das mein Internet sehr langsam ist und ich habe einiges schon Versucht aber nichts hat geholfen. Wollte ich mal nachfragen ob es sein kann das ich etwas oben habe was das Internet so sehr verlangsamt, Ich gehe über Modem (Kabel) ins Internet und hab eine 32000 Leitung von Tele Columbus. Tests und log Files Rita Genath hatte am 01.05.2013 19:46 beim Speedtest folgende Geschwindigkeiten erreicht: Download-Geschwindigkeit: 5.954 kbit/s (=744 kByte/s) Upload-Geschwindigkeit: 999 kbit/s (=125 kByte/s) Wahrscheinlich hat Rita G. einen DSL 6.000 Anschluss. In der folgenden Tabelle können Sie ablesen, wie lange einzelne Übertragungen mit dieser Verbindung dauern würden. Element Typische Größe (ca.) Dauer des Downloads Dauer des Uploads Kleine Webseite 100 kByte 0,1 s 0,8 s Aufwändige Webseite 250 kByte 0,3 s 2,1 s Bild einer 5 Megapixel-Kamera 1,5 MB = 1.536 kByte 2,1 s 13 s MP3-Datei, gute Qualität 5 MB = 5120 kByte 7,0 s 42 s Eine komplette CD 650 MB = 665.600 kByte 15m 16s 1h 31m Werte gelten für den am 01.05.2013 19:46 gemessenen Wert von 5.954 kbit/s (=744 kBytes/s) Bisher wurde der Speedtest schon von mehreren Tausend Benutzern durchgeführt. In der Grafik sehen Sie, wie häufig die verschiedenen Verbindungsarten in den letzten 30 Tagen vorkamen. Wir unterscheiden dabei: Modem/ISDN, DSL 768, DSL 1000, DSL 1500, DSL 2000, DSL 3000, DSL 6000, DSL 16000 und Breitband. Den bei dieser Verbindung gemessenen Wert haben wir blau dargestellt. OTL logfile created on: 01.05.2013 19:12:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Babyconn\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,97 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 36,01% Memory free 3,93 Gb Paging File | 2,20 Gb Available in Paging File | 55,94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 465,76 Gb Total Space | 350,81 Gb Free Space | 75,32% Space Free | Partition Type: NTFS Computer Name: BABYCONN-CAP | User Name: Babyconn | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.01 19:11:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Babyconn\Downloads\OTL.exe PRC - [2013.04.28 21:35:13 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\Update\realsched.exe PRC - [2013.04.20 16:59:34 | 001,008,816 | ---- | M] (AVG Secure Search) -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe PRC - [2013.04.20 15:12:52 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.135\GoogleCrashHandler.exe PRC - [2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe PRC - [2013.04.01 13:07:24 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Programme\Freemake\CaptureLib\CaptureLibService.exe PRC - [2013.03.13 17:15:00 | 004,394,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgui.exe PRC - [2013.03.06 02:23:50 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\RealNetworks\RealDownloader\recordingmanager.exe PRC - [2013.03.06 02:21:50 | 000,039,056 | ---- | M] () -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2013.02.27 23:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgidsagent.exe PRC - [2013.02.26 23:41:54 | 000,763,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgrsx.exe PRC - [2013.02.19 04:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgwdsvc.exe PRC - [2013.02.19 04:01:34 | 001,116,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgnsx.exe PRC - [2013.02.19 04:01:04 | 000,799,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgemcx.exe PRC - [2013.02.19 04:00:58 | 000,448,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgcsrvx.exe PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 23:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe ========== Modules (No Company Name) ========== MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Programme\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Programme\Google\Chrome\Application\26.0.1410.64\pdf.dll MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Programme\Google\Chrome\Application\26.0.1410.64\libglesv2.dll MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Programme\Google\Chrome\Application\26.0.1410.64\libegl.dll MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Programme\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll MOD - [2013.03.22 16:08:36 | 002,520,016 | ---- | M] () -- c:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll MOD - [2012.11.29 23:59:32 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll ========== Services (SafeList) ========== SRV - [2013.05.01 10:55:46 | 000,296,448 | ---- | M] () [Auto | Stopped] -- C:\Programme\SoftwareUpdater\SystemStore.exe -- (SystemStoreService) SRV - [2013.04.20 22:56:08 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.04.20 16:59:34 | 001,008,816 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe -- (vToolbarUpdater15.1.0) SRV - [2013.04.01 13:07:24 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Programme\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture) SRV - [2013.03.06 02:21:50 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.02.27 23:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2013.02.19 04:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2010.11.20 23:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Disabled | Stop_Pending] -- system32\drivers\npf.sys -- (npf) DRV - [2013.04.20 16:59:34 | 000,034,592 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp) DRV - [2013.03.01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2013.02.26 23:40:46 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2013.02.14 03:52:46 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2013.02.08 04:37:58 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2013.02.08 04:37:56 | 000,245,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx) DRV - [2013.02.08 04:37:52 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2013.02.08 04:37:44 | 000,170,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2013.02.08 04:37:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=TubeBoxYB&dpid=TubeBoxYB&co=DE&userid=c8fd3304-0c35-42b9-a5c3-5755d923162f&searchtype=ds&q={searchTerms}&installDate=20/04/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=TubeBoxYB&dpid=TubeBoxYB&co=DE&userid=c8fd3304-0c35-42b9-a5c3-5755d923162f&searchtype=ds&q={searchTerms}&installDate=20/04/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=TubeBoxYB&dpid=TubeBoxYB&co=DE&userid=c8fd3304-0c35-42b9-a5c3-5755d923162f&searchtype=ds&q={searchTerms}&installDate=20/04/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.babylon.com/?affID=120518&babsrc=HP_ss_bayi&mntrId=D0A20025228D4971 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C4 BF 3F 8E C8 3D CE 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=TubeBoxYB&dpid=TubeBoxYB&co=DE&userid=c8fd3304-0c35-42b9-a5c3-5755d923162f&searchtype=ds&q={searchTerms}&installDate=20/04/2013 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=TubeBoxYB&dpid=TubeBoxYB&co=DE&userid=c8fd3304-0c35-42b9-a5c3-5755d923162f&searchtype=ds&q={searchTerms}&installDate=20/04/2013 IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=TubeBoxYB&dpid=TubeBoxYB&co=DE&userid=c8fd3304-0c35-42b9-a5c3-5755d923162f&searchtype=ds&q={searchTerms}&installDate=20/04/2013 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://isearch.babylon.com/?q={searchTerms}&affID=120518&babsrc=SP_ss_bayi&mntrId=D0A20025228D4971 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.1.0\\npsitesafety.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.04.28 13:59:39 | 000,000,000 | ---D | M] [2013.04.22 00:02:55 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter}, CHR - homepage: hxxp://isearch.babylon.com/?affID=120518&babsrc=HP_ss_bayi&mntrId=D0A20025228D4971 CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - Extension: Google Docs = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: TV = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0\ CHR - Extension: WOT = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.11_0\ CHR - Extension: YouTube = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: AdBlock = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.62_0\ CHR - Extension: Cut the Rope = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\15_0\ CHR - Extension: RealDownloader = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\ CHR - Extension: Download music, video free = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\imeocopjlebbfcoabhcmedeplmekabkb\4_0\ CHR - Extension: Real Player HD Videos = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehinkknjjielmligphcoddblhlnicic\14.0_0\ CHR - Extension: TV Germany - TV Duitsland Fernsehen = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeikdijhnfihaklejncbiaciicpenhak\2.2_0\ CHR - Extension: Google Mail = C:\Users\Babyconn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.117.1.25 89.16.129.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14609324-1FFF-449D-8AE2-911D32364D50}: DhcpNameServer = 62.117.1.25 89.16.129.25 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol - No CLSID value found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.28 21:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2013.04.28 21:35:32 | 000,201,872 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2013.04.28 21:35:17 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2013.04.28 21:35:17 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2013.04.28 21:34:45 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\Desktop\zu Verkaufen [2013.04.28 19:44:23 | 000,000,000 | ---D | C] -- C:\output [2013.04.28 14:00:24 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\RealNetworks [2013.04.28 13:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks [2013.04.28 13:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks [2013.04.28 13:58:51 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2013.04.28 13:58:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2013.04.28 13:58:34 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2013.04.28 13:57:46 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\Real [2013.04.28 13:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2013.04.27 12:45:29 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\Desktop\ftp [2013.04.27 12:40:41 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\FileZilla [2013.04.27 12:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2013.04.27 12:40:33 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client [2013.04.24 12:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard [2013.04.22 08:34:30 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2013.04.22 08:34:29 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2013.04.22 08:34:15 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys [2013.04.22 08:34:15 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe [2013.04.22 07:58:04 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\Documents\Freemake [2013.04.22 07:57:59 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake [2013.04.22 07:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake [2013.04.22 07:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake [2013.04.22 07:57:24 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\OpenCandy [2013.04.22 07:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\Freemake [2013.04.22 00:21:07 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\.thumbnails [2013.04.22 00:16:50 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\fontconfig [2013.04.22 00:16:47 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\gegl-0.2 [2013.04.22 00:16:47 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\.gimp-2.8 [2013.04.22 00:05:34 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\Desktop\Originals [2013.04.22 00:03:45 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\PhotoScape [2013.04.22 00:03:35 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2013.04.22 00:03:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins [2013.04.22 00:03:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions [2013.04.22 00:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape [2013.04.22 00:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect [2013.04.22 00:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.04.22 00:02:34 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoScape [2013.04.22 00:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2013.04.22 00:02:30 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\Babylon [2013.04.21 22:57:47 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\Documents\UseNeXT [2013.04.21 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\UseNeXT [2013.04.21 22:57:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT [2013.04.21 22:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\UseNeXT [2013.04.21 18:05:17 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2013.04.21 18:05:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2013.04.21 18:05:17 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2013.04.21 17:18:25 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys [2013.04.21 17:18:25 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll [2013.04.21 17:17:10 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2013.04.21 17:17:09 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2013.04.21 17:17:09 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2013.04.21 17:12:34 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.04.21 17:12:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2013.04.21 17:12:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.04.21 17:12:32 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2013.04.21 17:12:32 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2013.04.21 17:12:32 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2013.04.21 17:12:32 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.04.21 17:12:32 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2013.04.21 17:12:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2013.04.21 17:12:32 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2013.04.21 17:12:32 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2013.04.21 17:12:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.04.21 17:12:29 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2013.04.21 17:12:29 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013.04.21 17:12:29 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2013.04.21 17:12:29 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2013.04.21 17:12:28 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013.04.21 17:12:25 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.04.21 17:12:25 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.04.21 17:12:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.04.21 17:12:24 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2013.04.21 17:12:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.04.21 17:12:24 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.04.21 17:12:23 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2013.04.21 17:12:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2013.04.21 17:12:22 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2013.04.21 17:12:21 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.04.21 17:12:21 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2013.04.21 17:12:20 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.04.21 17:12:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.04.21 17:12:20 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2013.04.21 17:12:20 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2013.04.21 17:12:19 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.04.21 17:12:19 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2013.04.21 17:12:19 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2013.04.21 17:12:19 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013.04.21 17:12:19 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2013.04.21 17:10:08 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2013.04.21 16:29:55 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\Macromedia [2013.04.21 16:29:55 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\Adobe [2013.04.21 16:10:31 | 000,398,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\TVWizudlg.exe [2013.04.21 16:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2013.04.21 05:54:16 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013.04.21 05:54:15 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2013.04.21 05:54:14 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll [2013.04.21 05:54:13 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll [2013.04.21 05:54:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll [2013.04.21 05:54:13 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2013.04.21 05:54:13 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll [2013.04.21 05:54:13 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll [2013.04.21 05:54:12 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll [2013.04.21 05:54:12 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2013.04.21 05:54:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe [2013.04.21 05:54:08 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll [2013.04.21 05:54:04 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [2013.04.21 05:54:03 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2013.04.21 05:54:02 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2013.04.21 05:54:01 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll [2013.04.21 05:54:01 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2013.04.21 05:53:56 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2013.04.21 05:53:56 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2013.04.21 05:53:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys [2013.04.21 05:53:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys [2013.04.21 05:53:28 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.04.21 05:53:01 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2013.04.21 05:53:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe [2013.04.21 05:52:43 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2013.04.21 05:52:39 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.04.21 05:52:38 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013.04.21 05:52:38 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2013.04.21 05:52:13 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe [2013.04.21 05:52:10 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2013.04.21 05:52:09 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2013.04.21 05:52:08 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2013.04.21 05:52:05 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe [2013.04.21 05:52:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2013.04.21 05:51:50 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll [2013.04.21 05:51:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll [2013.04.21 05:51:41 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2013.04.21 05:51:38 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2013.04.21 05:51:35 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2013.04.21 05:51:35 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll [2013.04.21 05:51:34 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll [2013.04.21 05:51:33 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2013.04.21 05:51:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2013.04.21 05:51:23 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013.04.21 05:51:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2013.04.21 05:51:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2013.04.21 05:51:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013.04.21 05:51:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013.04.21 05:51:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.04.21 05:51:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013.04.21 05:51:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013.04.21 05:51:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013.04.21 05:51:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013.04.21 05:51:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2013.04.21 05:51:13 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2013.04.21 05:51:12 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2013.04.21 05:51:12 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2013.04.21 05:51:12 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2013.04.21 05:51:12 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2013.04.21 05:51:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2013.04.21 05:51:10 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2013.04.21 05:51:05 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe [2013.04.21 05:51:04 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2013.04.21 05:51:04 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll [2013.04.21 05:51:03 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll [2013.04.21 05:50:54 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2013.04.21 05:50:54 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2013.04.21 05:50:54 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2013.04.21 05:50:53 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2013.04.21 05:50:53 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2013.04.21 05:50:44 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2013.04.21 05:50:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2013.04.21 05:50:07 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs [2013.04.21 05:50:07 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs [2013.04.21 05:50:07 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs [2013.04.21 05:50:07 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs [2013.04.21 05:50:07 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs [2013.04.21 05:50:07 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs [2013.04.21 05:50:07 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs [2013.04.21 05:50:07 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs [2013.04.21 05:50:06 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2013.04.21 05:50:06 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll [2013.04.21 05:50:06 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs [2013.04.21 05:50:06 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs [2013.04.21 05:50:05 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs [2013.04.21 05:50:05 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs [2013.04.21 05:50:05 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs [2013.04.21 05:50:05 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs [2013.04.21 05:49:53 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.04.21 00:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013.04.20 23:01:02 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\TubeBox [2013.04.20 22:59:49 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\Documents\TubeBox [2013.04.20 22:59:49 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\Freetec [2013.04.20 22:56:06 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.04.20 22:56:06 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.04.20 22:56:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2013.04.20 22:55:34 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\Programs [2013.04.20 22:53:25 | 000,000,000 | ---D | C] -- C:\Program Files\SoftwareUpdater [2013.04.20 22:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freetec [2013.04.20 22:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Freetec [2013.04.20 22:53:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2013.04.20 22:49:08 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\DownloadGuide [2013.04.20 20:14:18 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\TeamViewer [2013.04.20 19:14:26 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\SpacialAudio [2013.04.20 19:14:26 | 000,000,000 | ---D | C] -- C:\ProgramData\firebird [2013.04.20 19:13:18 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAM Broadcaster [2013.04.20 19:13:05 | 000,000,000 | ---D | C] -- C:\Program Files\SpacialAudio [2013.04.20 17:41:15 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\Skype [2013.04.20 17:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.04.20 17:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013.04.20 17:40:47 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2013.04.20 17:07:47 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\AVG2013 [2013.04.20 17:00:58 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\TS3Client [2013.04.20 17:00:45 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\AVG Secure Search [2013.04.20 17:00:30 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\TuneUp Software [2013.04.20 17:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013.04.20 17:00:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search [2013.04.20 16:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013.04.20 16:59:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013.04.20 16:59:48 | 000,034,592 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys [2013.04.20 16:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search [2013.04.20 16:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search [2013.04.20 16:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013.04.20 16:58:58 | 000,000,000 | -H-D | C] -- C:\$AVG [2013.04.20 16:58:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2013.04.20 16:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2013.04.20 16:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2013.04.20 16:57:31 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2013.04.20 16:56:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.04.20 16:56:54 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\MFAData [2013.04.20 16:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013.04.20 16:56:54 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\Avg2013 [2013.04.20 16:34:47 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2013.04.20 16:33:19 | 008,194,584 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\TVWSetup.exe [2013.04.20 16:33:19 | 006,042,112 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll [2013.04.20 16:33:19 | 005,702,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll [2013.04.20 16:33:19 | 004,234,240 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll [2013.04.20 16:33:19 | 003,839,488 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4dev32.dll [2013.04.20 16:33:19 | 000,672,792 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe [2013.04.20 16:33:19 | 000,549,888 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll [2013.04.20 16:33:19 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2013.04.20 16:33:19 | 000,310,784 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc [2013.04.20 16:33:19 | 000,304,640 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc [2013.04.20 16:33:19 | 000,303,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc [2013.04.20 16:33:19 | 000,303,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc [2013.04.20 16:33:19 | 000,303,104 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc [2013.04.20 16:33:19 | 000,299,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc [2013.04.20 16:33:19 | 000,294,912 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc [2013.04.20 16:33:19 | 000,291,328 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc [2013.04.20 16:33:19 | 000,289,280 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc [2013.04.20 16:33:19 | 000,288,256 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc [2013.04.20 16:33:19 | 000,287,744 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc [2013.04.20 16:33:19 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc [2013.04.20 16:33:19 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc [2013.04.20 16:33:19 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc [2013.04.20 16:33:19 | 000,281,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc [2013.04.20 16:33:19 | 000,280,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc [2013.04.20 16:33:19 | 000,280,064 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc [2013.04.20 16:33:19 | 000,279,040 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc [2013.04.20 16:33:19 | 000,277,504 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc [2013.04.20 16:33:19 | 000,275,968 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc [2013.04.20 16:33:19 | 000,262,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc [2013.04.20 16:33:19 | 000,257,536 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll [2013.04.20 16:33:19 | 000,252,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc [2013.04.20 16:33:19 | 000,249,856 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc [2013.04.20 16:33:19 | 000,206,848 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc [2013.04.20 16:33:19 | 000,205,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc [2013.04.20 16:33:19 | 000,199,680 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll [2013.04.20 16:33:19 | 000,179,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc [2013.04.20 16:33:19 | 000,178,176 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc [2013.04.20 16:33:19 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v1892.dll [2013.04.20 16:33:19 | 000,130,048 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll [2013.04.20 16:33:19 | 000,119,296 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl [2013.04.20 16:33:19 | 000,094,720 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll [2013.04.20 16:33:19 | 000,059,392 | ---- | C] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll [2013.04.20 16:33:19 | 000,051,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll [2013.04.20 16:33:19 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll [2013.04.20 16:33:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang [2013.04.20 16:32:58 | 000,000,000 | ---D | C] -- C:\Intel [2013.04.20 16:19:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2013.04.20 16:19:24 | 001,784,352 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2013.04.20 16:19:24 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2013.04.20 16:19:24 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2013.04.20 16:19:24 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2013.04.20 16:19:24 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2013.04.20 16:19:24 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2013.04.20 16:19:23 | 002,941,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2013.04.20 16:19:23 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2013.04.20 16:19:23 | 001,289,760 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2013.04.20 16:19:23 | 000,511,488 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBAPO32.dll [2013.04.20 16:19:23 | 000,326,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2013.04.20 16:19:23 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2013.04.20 16:19:23 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2013.04.20 16:19:23 | 000,266,240 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2013.04.20 16:19:23 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2013.04.20 16:19:23 | 000,142,848 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2013.04.20 16:19:23 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2013.04.20 16:19:23 | 000,125,952 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2013.04.20 16:19:23 | 000,061,952 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBWrp32.dll [2013.04.20 16:19:23 | 000,053,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2013.04.20 16:19:23 | 000,047,104 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBppld32.dll [2013.04.20 16:19:23 | 000,044,032 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBPPCn32.dll [2013.04.20 16:19:23 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2013.04.20 16:19:23 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2013.04.20 16:18:58 | 000,831,488 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2013.04.20 16:18:58 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2013.04.20 16:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2013.04.20 16:07:52 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.04.20 15:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.04.20 15:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2013.04.20 15:12:48 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\Google [2013.04.20 15:12:39 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\Deployment [2013.04.20 15:12:39 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\Apps [2013.04.20 14:53:15 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll [2013.04.20 14:49:25 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2013.04.20 14:49:25 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2013.04.20 14:49:18 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2013.04.20 14:49:18 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2013.04.20 14:49:18 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2013.04.20 14:49:03 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2013.04.20 14:49:03 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2013.04.20 14:48:54 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.04.20 14:48:54 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Searches [2013.04.20 14:48:54 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.04.20 14:48:46 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\Identities [2013.04.20 14:48:45 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Contacts [2013.04.20 14:48:39 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\VirtualStore [2013.04.20 14:48:38 | 000,000,000 | --SD | C] -- C:\Users\Babyconn\AppData\Roaming\Microsoft [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Videos [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Saved Games [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Pictures [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Music [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Links [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Favorites [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Downloads [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Documents [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\Desktop [2013.04.20 14:48:38 | 000,000,000 | R--D | C] -- C:\Users\Babyconn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Vorlagen [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\AppData\Local\Verlauf [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\AppData\Local\Temporary Internet Files [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Startmenü [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\SendTo [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Recent [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Netzwerkumgebung [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Lokale Einstellungen [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Documents\Eigene Videos [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Documents\Eigene Musik [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Eigene Dateien [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Documents\Eigene Bilder [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Druckumgebung [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Cookies [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\AppData\Local\Anwendungsdaten [2013.04.20 14:48:38 | 000,000,000 | -HSD | C] -- C:\Users\Babyconn\Anwendungsdaten [2013.04.20 14:48:38 | 000,000,000 | -H-D | C] -- C:\Users\Babyconn\AppData [2013.04.20 14:48:38 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\Temp [2013.04.20 14:48:38 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Local\Microsoft [2013.04.20 14:48:38 | 000,000,000 | ---D | C] -- C:\Users\Babyconn\AppData\Roaming\Media Center Programs [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\Recovery [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\Programme [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.04.20 14:48:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.04.20 13:32:08 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2013.04.20 13:31:55 | 000,000,000 | -HSD | C] -- C:\Boot [2013.04.20 12:52:42 | 000,237,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013.04.20 12:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.04.20 12:48:53 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2013.04.20 12:37:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013.04.20 12:33:12 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013.04.20 12:32:56 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2013.05.01 19:14:57 | 000,000,000 | ---- | M] () -- C:\Users\Babyconn\defogger_reenable [2013.05.01 19:10:04 | 000,016,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.01 19:10:04 | 000,016,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.01 18:57:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.01 18:17:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.01 18:07:50 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.01 18:07:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.01 18:07:42 | 1583,153,152 | -HS- | M] () -- C:\hiberfil.sys [2013.04.29 01:52:19 | 053,031,873 | ---- | M] () -- C:\Users\Babyconn\Documents\Unbenannt.wma [2013.04.28 21:35:58 | 000,001,012 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2013.04.28 21:35:33 | 000,201,872 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll [2013.04.28 21:35:17 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll [2013.04.28 21:35:17 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll [2013.04.28 21:35:15 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2013.04.28 20:42:33 | 000,339,315 | ---- | M] () -- C:\Users\Babyconn\Desktop\was-wird-gespielt.png [2013.04.28 20:42:24 | 000,683,698 | ---- | M] () -- C:\Users\Babyconn\Desktop\will.gif [2013.04.28 19:46:30 | 000,385,340 | ---- | M] () -- C:\Users\Babyconn\Desktop\olchis_34144 größer.JPG [2013.04.28 19:45:55 | 000,011,264 | -H-- | M] () -- C:\Users\Babyconn\Desktop\photothumb.db [2013.04.28 19:44:38 | 000,132,597 | ---- | M] () -- C:\Users\Babyconn\Desktop\olchis_34144.JPG [2013.04.28 18:22:44 | 000,078,502 | ---- | M] () -- C:\Users\Babyconn\Desktop\olchis_3.JPG [2013.04.28 00:54:05 | 000,004,035 | ---- | M] () -- C:\Users\Babyconn\AppData\Local\recently-used.xbel [2013.04.24 18:59:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.04.22 08:05:07 | 000,001,278 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk [2013.04.22 07:57:59 | 000,001,345 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Youtube Mp3 Converter.lnk [2013.04.22 00:03:14 | 000,000,989 | ---- | M] () -- C:\Users\Babyconn\Desktop\PhotoScape.lnk [2013.04.21 23:07:51 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.04.21 23:07:51 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.04.21 23:07:51 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.04.21 23:07:51 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.04.21 22:57:43 | 000,001,803 | ---- | M] () -- C:\Users\Babyconn\Desktop\UseNeXT by Tangysoft.lnk [2013.04.21 19:42:48 | 000,000,862 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog [2013.04.21 17:12:34 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2013.04.21 17:12:34 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.04.21 17:12:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.04.21 17:12:32 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2013.04.21 17:12:32 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2013.04.21 17:12:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2013.04.21 17:12:32 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.04.21 17:12:32 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2013.04.21 17:12:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2013.04.21 17:12:32 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2013.04.21 17:12:32 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2013.04.21 17:12:31 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.04.21 17:12:30 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013.04.21 17:12:29 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2013.04.21 17:12:29 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2013.04.21 17:12:29 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2013.04.21 17:12:28 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013.04.21 17:12:25 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.04.21 17:12:25 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2013.04.21 17:12:25 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.04.21 17:12:24 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.04.21 17:12:24 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2013.04.21 17:12:24 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.04.21 17:12:24 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.04.21 17:12:23 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2013.04.21 17:12:22 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2013.04.21 17:12:22 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2013.04.21 17:12:21 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.04.21 17:12:21 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2013.04.21 17:12:20 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.04.21 17:12:20 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.04.21 17:12:20 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2013.04.21 17:12:20 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2013.04.21 17:12:19 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.04.21 17:12:19 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2013.04.21 17:12:19 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2013.04.21 17:12:19 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013.04.21 17:12:19 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2013.04.21 16:10:57 | 000,015,610 | ---- | M] () -- C:\Windows\System32\results.xml [2013.04.20 22:56:06 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.04.20 22:56:06 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.04.20 22:53:25 | 000,002,509 | ---- | M] () -- C:\Users\Public\Desktop\Freetec TubeBox.lnk [2013.04.20 22:51:19 | 000,000,211 | ---- | M] () -- C:\Users\Babyconn\Desktop\Amazon.url [2013.04.20 19:13:20 | 000,001,960 | ---- | M] () -- C:\Users\Babyconn\Desktop\SAM Broadcaster.lnk [2013.04.20 17:40:49 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013.04.20 17:00:30 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2013.04.20 16:59:52 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.04.20 16:59:34 | 000,034,592 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys [2013.04.20 16:57:33 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2013.04.20 16:19:44 | 000,000,087 | RH-- | M] () -- C:\Windows\ctfile.rfc [2013.04.20 15:13:18 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.04.20 14:41:29 | 000,207,887 | ---- | M] () -- C:\Windows\System32\license.rtf [2013.04.20 13:31:56 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2013.04.20 12:37:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf ========== Files Created - No Company Name ========== [2013.05.01 19:14:57 | 000,000,000 | ---- | C] () -- C:\Users\Babyconn\defogger_reenable [2013.04.29 01:52:19 | 053,031,873 | ---- | C] () -- C:\Users\Babyconn\Documents\Unbenannt.wma [2013.04.28 21:35:58 | 000,001,012 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2013.04.28 20:42:31 | 000,339,315 | ---- | C] () -- C:\Users\Babyconn\Desktop\was-wird-gespielt.png [2013.04.28 20:42:22 | 000,683,698 | ---- | C] () -- C:\Users\Babyconn\Desktop\will.gif [2013.04.28 19:46:30 | 000,385,340 | ---- | C] () -- C:\Users\Babyconn\Desktop\olchis_34144 größer.JPG [2013.04.28 19:44:38 | 000,132,597 | ---- | C] () -- C:\Users\Babyconn\Desktop\olchis_34144.JPG [2013.04.28 18:22:43 | 000,078,502 | ---- | C] () -- C:\Users\Babyconn\Desktop\olchis_3.JPG [2013.04.28 00:54:05 | 000,004,035 | ---- | C] () -- C:\Users\Babyconn\AppData\Local\recently-used.xbel [2013.04.28 00:19:28 | 000,011,264 | -H-- | C] () -- C:\Users\Babyconn\Desktop\photothumb.db [2013.04.24 18:59:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.04.22 08:05:07 | 000,001,278 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk [2013.04.22 07:57:58 | 000,001,345 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Youtube Mp3 Converter.lnk [2013.04.22 00:08:16 | 000,001,045 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2013.04.22 00:03:14 | 000,000,989 | ---- | C] () -- C:\Users\Babyconn\Desktop\PhotoScape.lnk [2013.04.21 22:57:43 | 000,001,803 | ---- | C] () -- C:\Users\Babyconn\Desktop\UseNeXT by Tangysoft.lnk [2013.04.21 17:18:28 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.04.21 17:17:09 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013.04.21 17:12:25 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2013.04.21 16:10:57 | 000,015,610 | ---- | C] () -- C:\Windows\System32\results.xml [2013.04.21 16:10:32 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp [2013.04.21 16:10:31 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2013.04.20 23:46:37 | 000,000,862 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog [2013.04.20 22:56:09 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.20 22:53:25 | 000,002,509 | ---- | C] () -- C:\Users\Public\Desktop\Freetec TubeBox.lnk [2013.04.20 22:51:19 | 000,000,211 | ---- | C] () -- C:\Users\Babyconn\Desktop\Amazon.url [2013.04.20 19:13:20 | 000,001,960 | ---- | C] () -- C:\Users\Babyconn\Desktop\SAM Broadcaster.lnk [2013.04.20 17:40:49 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2013.04.20 17:00:30 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2013.04.20 16:59:52 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.04.20 16:57:33 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2013.04.20 16:34:47 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2013.04.20 16:33:19 | 001,921,265 | ---- | C] () -- C:\Windows\System32\iglhxa32.cpa [2013.04.20 16:33:19 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2013.04.20 16:33:19 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2013.04.20 16:33:19 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2013.04.20 16:33:19 | 000,060,254 | ---- | C] () -- C:\Windows\System32\iglhxg32.vp [2013.04.20 16:33:19 | 000,060,226 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp [2013.04.20 16:33:19 | 000,060,015 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp [2013.04.20 16:33:19 | 000,044,892 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp [2013.04.20 16:33:19 | 000,001,090 | ---- | C] () -- C:\Windows\System32\iglhxa32.vp [2013.04.20 16:33:12 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin [2013.04.20 16:19:44 | 000,146,432 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL [2013.04.20 16:19:44 | 000,072,704 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL [2013.04.20 16:19:44 | 000,000,087 | RH-- | C] () -- C:\Windows\ctfile.rfc [2013.04.20 15:13:18 | 000,002,201 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.04.20 15:12:55 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.20 15:12:54 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.20 14:48:55 | 000,001,409 | ---- | C] () -- C:\Users\Babyconn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.04.20 13:31:56 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2013.04.20 13:31:55 | 000,383,786 | RHS- | C] () -- C:\bootmgr [2013.04.20 13:31:41 | 000,000,476 | R--- | C] () -- C:\Windows\System32\office.cmd [2013.04.20 12:48:55 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [2013.04.20 12:39:16 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2013.04.20 12:39:13 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2013.04.20 12:37:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.04.20 12:32:56 | 1583,153,152 | -HS- | C] () -- C:\hiberfil.sys ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > OTL Extras logfile created on: 01.05.2013 19:12:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Babyconn\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,97 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 36,01% Memory free 3,93 Gb Paging File | 2,20 Gb Available in Paging File | 55,94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 465,76 Gb Total Space | 350,81 Gb Free Space | 75,32% Space Free | Partition Type: NTFS Computer Name: BABYCONN-CAP | User Name: Babyconn | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0E7697B6-4F87-4792-97DF-68D13CB0D4F2}" = rport=10243 | protocol=6 | dir=out | app=system | "{30796FB8-674C-4FED-99CA-301316185444}" = rport=138 | protocol=17 | dir=out | app=system | "{5DA36404-39D8-4D3C-BA21-23F36D6929F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{60D37624-8649-44D1-B842-8F693A825B75}" = rport=137 | protocol=17 | dir=out | app=system | "{60FD16FC-73B3-41EF-A7EC-60A461D440DD}" = lport=139 | protocol=6 | dir=in | app=system | "{70BBA8E4-71A6-4511-80E4-F84F11636CC4}" = lport=445 | protocol=6 | dir=in | app=system | "{79AF029C-2D4C-4392-A1A6-DFB727D32138}" = lport=138 | protocol=17 | dir=in | app=system | "{7F9FC93C-AA07-401D-AD1E-6BEC1C9A6500}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8669BF2A-8401-44BD-AF66-DE6E5CEC4227}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9263DD7C-E6BB-41A3-88D4-D9EEC426CFA5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9B033F85-68B0-4951-82BB-6EDCF7922D31}" = rport=139 | protocol=6 | dir=out | app=system | "{9B5E5D36-3EE2-40AB-A289-6CA6BDD9E97F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9CDEF384-0793-46AE-B8FE-D4663D4EA032}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9FB7F6AE-DECE-4FB8-A523-450E933EE391}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A510C7E1-0A9A-40DB-AB83-90B45ED03E4A}" = lport=10243 | protocol=6 | dir=in | app=system | "{AACD7D70-B473-4EA6-A4B4-EB7D8138CCAD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B8F9A419-9F96-46A4-9105-5CBE90BFE613}" = rport=445 | protocol=6 | dir=out | app=system | "{C4E76459-A2F5-4F4E-B9BB-DD4C9D813B1E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C6D8E945-4920-41C4-91E5-80CED7A280E3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CC07060B-A906-4DCB-BE74-20EABBA60597}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D17E29A1-4039-4C20-B96B-128601629405}" = lport=137 | protocol=17 | dir=in | app=system | "{DFF7A720-E30B-4FB3-9D76-992BD854BCD2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{FFAD7A2C-40CE-4FC4-AEAC-68972B4C7706}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1015C559-8807-4705-A0CA-085EEFE0A483}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{180B4A9E-C109-4672-A3CA-F03FD3AA3B68}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{198A49A1-5FB6-46C7-9835-A329044D8AC4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1DFA3F59-9332-40B7-A56C-AC457ECBBDFD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{21F8CD7A-D6D5-49DD-BFA8-C61DC04541BD}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{248FFC86-B8C8-4C12-B113-AFB1CC965D8D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3136A87D-CC6E-497C-B513-4ECAB8B6AA05}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{3231D5D8-221F-4735-A91B-22D3837413B0}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{3494A80C-8EF2-4180-9874-6D059154EAEC}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{414363BF-FE93-4A8B-90ED-741DB289B224}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{515FDCDC-B0A4-4CFD-993A-13855F477FCE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{52CB2600-47F2-4956-92C3-FA5BE796E047}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{63191472-FE00-44F3-8B5D-38F5A8FD57E0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{72B8668C-1AD0-4E34-A6E0-3E3F81038A18}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{76906450-3C02-4139-8335-C30EC4F34F31}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{93387524-6D47-4291-B59D-B7B93A6DC1D0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{96469E9D-08B7-4E9B-A017-D87586EA71B5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{AA29F1D2-F894-4C15-AEE5-2EEC74A08D0A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B7BDDBF9-A819-4A81-9981-652446BF4762}" = protocol=6 | dir=out | app=system | "{BAAE95CD-912A-4BA3-AFE1-1143F1277161}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{C85CA92D-C36E-44BA-B4FD-81566D2DCAA2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{D67DD2A7-29BA-4090-B18A-F70C2BB23634}" = protocol=58 | dir=in | app=system | "{D8584225-FC79-405D-9FD0-179731C54234}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E18726A5-C430-4647-BE49-439B4E16D42A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{EBC0CFF3-F164-4A86-A25B-F6A1E2FE2095}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F60DF07E-A90F-4D12-BB41-79853710F7C3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FF1ECC68-93BB-4884-8DA8-235925AD6466}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "TCP Query User{526AE8BD-0F2B-4784-87FC-062518C40BAF}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=6 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe | "UDP Query User{BFBC1F0F-18E1-407C-B1DA-53B0332BEA73}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=17 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2A8C982B-08B4-488C-A304-02886705F7A6}" = TubeBox "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{48A5AB54-6327-43DC-A376-4AC74C5D40B0}" = AVG 2013 "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{7735BD50-87C5-4838-A276-4A3621BBD306}" = AVG 2013 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{91165f6c-56e4-46bb-9d52-909044358c88}" = TubeBox "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "AVG" = AVG 2013 "CCleaner" = CCleaner "FileZilla Client" = FileZilla Client 3.6.0.2 "Freemake Video Converter_is1" = Freemake Video Converter Version 4.0.0 "Freemake Youtube Mp3 Converter_is1" = Freemake Youtube Mp3 Converter "GIMP-2_is1" = GIMP 2.8.2 "Google Chrome" = Google Chrome "HDMI" = Intel(R) Graphics Media Accelerator Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "PhotoScape" = PhotoScape "SAM3" = SAM Broadcaster v4 "TeamSpeak 3 Client" = TeamSpeak 3 Client "TVWiz" = Intel(R) TV Wizard "UseNeXT by Tangysoft_is1" = UseNeXT by Tangysoft ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 28.04.2013 15:34:58 | Computer Name = Babyconn-CAP | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Real\RealPlayer\realconverter.exe". Die abhängige Assemblierung "CinemasterAudio.4.3,language="*",type="win32",version="4.3.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 28.04.2013 15:34:59 | Computer Name = Babyconn-CAP | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 28.04.2013 15:34:59 | Computer Name = Babyconn-CAP | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 28.04.2013 15:35:16 | Computer Name = Babyconn-CAP | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\program files\real\realplayer\realplay.exe". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 28.04.2013 15:43:09 | Computer Name = Babyconn-CAP | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 29.04.2013 08:15:03 | Computer Name = Babyconn-CAP | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 01.05.2013 05:43:24 | Computer Name = Babyconn-CAP | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}\recordingmanager.exe". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 01.05.2013 08:31:30 | Computer Name = Babyconn-CAP | Source = Application Hang | ID = 1002 Description = Programm TubeBox.exe, Version 4.2.0.26 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 600 Startzeit: 01ce466779600b28 Endzeit: 130 Anwendungspfad: C:\Program Files\Freetec\TubeBox\TubeBox.exe Berichts-ID: 08e1fbc0-b25b-11e2-aeea-0025228d4971 Error - 01.05.2013 08:40:49 | Computer Name = Babyconn-CAP | Source = WinMgmt | ID = 10 Description = Error - 01.05.2013 12:09:20 | Computer Name = Babyconn-CAP | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 27.04.2013 13:47:18 | Computer Name = Babyconn-CAP | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden. Error - 28.04.2013 08:55:06 | Computer Name = Babyconn-CAP | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 28.04.2013 08:55:36 | Computer Name = Babyconn-CAP | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht. Error - 28.04.2013 08:56:10 | Computer Name = Babyconn-CAP | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6 Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten. Error - 01.05.2013 08:37:48 | Computer Name = Babyconn-CAP | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 01.05.2013 08:38:02 | Computer Name = Babyconn-CAP | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WMPNetworkSvc erreicht. Error - 01.05.2013 08:38:18 | Computer Name = Babyconn-CAP | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht. Error - 01.05.2013 08:39:01 | Computer Name = Babyconn-CAP | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6 Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten. Error - 01.05.2013 12:03:47 | Computer Name = Babyconn-CAP | Source = Service Control Manager | ID = 7006 Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: %%5 Error - 01.05.2013 12:07:33 | Computer Name = Babyconn-CAP | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6 Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten. < End of report > |
|
02.05.2013, 18:46
| #2 | |
| /// TB-Ausbilder   | Internet Arbeit viel zu langsam aber am Anbieter liegt es nicht Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Zitat:
Bitte AdwCleaner zweimal ausführen und beide Logdateien davon posten! Danach geht es mit JRT und ComboFix weiter: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Scan mit Combofix
Bitte poste mit deiner nächsten Antwort
|
|
05.05.2013, 19:10
| #3 |
| /// TB-Ausbilder | Internet Arbeit viel zu langsam aber am Anbieter liegt es nicht Fehlende Rückmeldung
__________________Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Internet Arbeit viel zu langsam aber am Anbieter liegt es nicht |
| adblock, autorun, avg secure search, bho, desktop, dsl, fehler, firefox, flash player, format, google, home, homepage, install.exe, installation, internet, langsam, logfile, prozessor, real player, realtek, registry, rundll, scan, secure search, sehr langsam, softwareupdater, speedtest, svchost.exe, teamspeak, trojaner, trojaner board, vtoolbarupdater, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
