| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mein 64 BIT System macht was es will!!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.09.2013, 23:21
| #1 |
| |  Mein 64 BIT System macht was es will!! Guten Abend Leute, ich glaube ich habe einen Trojaner. Mein System: Windows 8 64 Bit Meine Symptome: Tastatur reagiert nicht mehr ( zeitweise) Bildschirmtastatur reagiert nicht mehr ( zeitweise) Rechner fährt runter und startet nicht neu Symbole aus der Windowsleiste verschwinden Tabs werden geöffnet Ich schreibe zeitweise in merkwürdigen Symbolen Virencheck mit mcafee und avira ergab aber nichts Grüße Fleky06 Was kann ich machen?! |
|
29.09.2013, 05:34
| #2 |
| /// the machine /// TB-Ausbilder    | Mein 64 BIT System macht was es will!! hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
29.09.2013, 11:12
| #3 |
| | Mein 64 BIT System macht was es will!! Addition :
__________________==================== Security Center ======================== AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avira Desktop (Enabled - Out of date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Enabled - Out of date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== clear.fi SDK - Video 2 (x32 Version: 2.1.2606) clear.fi SDK- Movie 2 (x32 Version: 2.1.2606) Acer Launch Manager (Version: 8.00.3004) Acer Power Management (Version: 7.00.3012) Acer Recovery Management (Version: 6.00.3016) Acer Theft Shield (Version: 1.01.3006) Acer USB Charge Manager (Version: 2.00.3004) AcerCloud Docs (x32 Version: 1.01.2008) AcerCloud Portal (x32 Version: 2.02.2021) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Aptana Studio 3 (x32 Version: 3.4.2) Avira Free Antivirus (x32 Version: 13.0.0.4052) Bejeweled 3 (x32 Version: 2.2.0.98) clear.fi Media (x32 Version: 2.02.2012) clear.fi Photo (x32 Version: 2.02.2016) Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32) Dolby Home Theater v4 (x32 Version: 7.2.8000.17) ExpressCache (Version: 1.0.100.0) Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287) Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110) HID Monitor (x32 Version: 1.1.5) Identity Card (x32 Version: 2.00.3006) Intel Experience Center - Configuration (x32 Version: 1.5.0.0) Intel(R) Experience Center Desktop Software (x32 Version: 1.5.0.0) Intel(R) Experience Center Driver (Version: 1.0.90.0) Intel(R) Experience Center Driver (x32 Version: 1.0.90.0) Intel(R) Management Engine Components (x32 Version: 9.5.0.1428) Intel(R) PRO/Wireless Driver (Version: 16.00.5000.0348) Intel(R) Processor Graphics (x32 Version: 9.18.10.3165) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.0.5.0046) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 3.0.1306.0342) Intel(R) Rapid Storage Technology (Version: 12.5.0.1066) Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463) Intel(R) Smart Connect Technology 4.1 x64 (Version: 4.1.41.2234) Intel(R) Update Manager (x32 Version: 1.6.0.56) Intel(R) WiDi (Version: 4.1.17.0) Intel® PROSet/Wireless Software (x32 Version: 16.0.5) Intel® PROSet/Wireless WiFi Software (Version: 16.00.4000.0176) Intel® Trusted Connect Service Client (Version: 1.27.798.1) Jewel Match 3 (x32 Version: 2.2.0.98) John Deere Drive Green (x32 Version: 2.2.0.95) Live Updater (x32 Version: 2.00.3010) Magic Academy (x32 Version: 2.2.0.98) McAfee Internet Security Suite (x32 Version: 12.8.750) Microsoft Office 365 Home Premium - de-de (Version: 15.0.4535.1004) Microsoft SkyDrive (HKCU Version: 16.4.6013.0910) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) Nero BackItUp (x32 Version: 12.5.5000) Nero BackItUp 12 Essentials OEM.a01 (x32 Version: 12.5.00500) Nero BackItUp Help (CHM) (x32 Version: 12.0.10000) Nero ControlCenter (x32 Version: 11.0.15600) Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000) Nero Core Components (x32 Version: 11.0.20200) Nero Launcher (x32 Version: 12.2.7000) Nero RescueAgent (x32 Version: 12.0.3001) Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000) Nero Update (x32 Version: 11.0.11800.31.0) Norton Online Backup (x32 Version: 2.2.3.51r2) Norton Online Backup ARA (x32 Version: 4.1.0.14) NVIDIA Grafiktreiber 311.41 (Version: 311.41) NVIDIA Install Application (Version: 2.1002.109.706) NVIDIA Optimus 1.11.3 (Version: 1.11.3) NVIDIA PhysX (x32 Version: 9.12.1031) NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031) NVIDIA Systemsteuerung 311.41 (Version: 311.41) NVIDIA Update 1.11.3 (Version: 1.11.3) NVIDIA Update Components (Version: 1.11.3) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4535.1004) Office 15 Click-to-Run Licensing Component (Version: 15.0.4535.1004) Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4535.1004) Office Addin (x32 Version: 2.02.2008) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98) Prerequisite installer (x32 Version: 12.0.0003) Realtek Ethernet Controller Driver (x32 Version: 8.14.327.2013) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6909) Realtek PCIE Card Reader (x32 Version: 6.2.9200.21222) Shared C Run-time for x64 (Version: 10.0.0) Skype™ 6.7 (x32 Version: 6.7.102) Spotify (x32 Version: 0.8.4.99.ga249b5f1) Synaptics Pointing Device Driver (Version: 16.3.12.31) Tales of Lagoona (x32 Version: 2.2.0.110) TeamSpeak 3 Client (HKCU Version: 3.0.12) Visual Studio 2005 Tools for Office Second Edition Runtime (x32) Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729) Visual Studio Tools for the Office system 3.0 Runtime (x32) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1) WildTangent Games (x32 Version: 1.0.4.0) ==================== Restore Points ========================= 12-09-2013 16:33:27 Windows Update 16-09-2013 15:09:23 Windows Update 19-09-2013 18:00:25 Windows Update 23-09-2013 02:16:57 Windows Update 26-09-2013 18:48:44 Windows Update ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {1E6CAFF6-30E0-4A76-8B52-7AAE51DC355F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002Core => C:\Users\Nilsis\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-17] (Facebook Inc.) Task: {20131466-9A07-4702-AB64-2B0F68FCB471} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] () Task: {23813CE1-CD3F-4361-B0F1-E9DBF2EAD431} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated) Task: {2DFC326B-2886-4E3C-A585-FFB8E4DF6E12} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002UA => C:\Users\Nilsis\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-17] (Facebook Inc.) Task: {33B8FF42-46B2-4E76-8172-3CD69B8CC117} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated) Task: {340C7141-BFFD-4C50-BA6D-D19ED9A44884} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated) Task: {3A83B4A1-5650-4278-B397-878554B49BAA} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.) Task: {3C11F596-6B6C-424B-B872-8A5A2D7A791E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-09-13] (Microsoft Corporation) Task: {8B0FD5CF-AE7E-4EE6-84AA-D481B42023E4} - System32\Tasks\Theft Shield\AcerTheftShieldTask => C:\Program Files\Acer\Acer Theft Shield\USecuAppLauncher.exe [2012-11-12] (Acer Incorporated) Task: {8CB68B1F-D590-4AFF-878A-F724CC3C0DE6} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {B0ECFC86-945B-4BDB-822C-5C7E5F1E7D90} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-03-08] (Intel Corporation) Task: {B6F38831-307B-40DF-A66D-8AC8370ED856} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-03-08] (Intel Corporation) Task: {DD1371E4-23F1-4EC2-9165-DC9BD3218E70} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-07-22] (Microsoft Corporation) Task: {F7EAF5CD-013C-467A-876C-8D12A9BC64FC} - System32\Tasks\HIDMonitor => C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe [2012-08-23] () Task: {FDFDBBF1-BE2E-4C7A-BD40-FD48DD1F9CE9} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002Core.job => C:\Users\Nilsis\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002UA.job => C:\Users\Nilsis\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-06-24 03:24 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2013-05-20 05:21 - 2013-04-02 06:42 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll 2013-09-11 20:18 - 2013-09-11 20:20 - 00053248 _____ () C:\Program Files\WindowsApps\GAMELOFTSA.SharkDash_1.3.6.9_x64__0pp20fcewvvtj\NotificationsExtensions.winmd 2012-07-25 22:44 - 2012-07-25 22:35 - 00129024 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd 2012-07-25 22:44 - 2012-07-25 22:35 - 00036864 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd 2012-07-25 22:44 - 2012-07-25 22:35 - 00074240 _____ () C:\Windows\system32\WinMetadata\Windows.ApplicationModel.winmd 2012-07-25 22:44 - 2012-07-25 22:35 - 00022016 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd 2013-06-24 02:28 - 2013-03-20 09:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2013-09-28 23:46 - 2013-09-28 23:45 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll 2013-09-11 01:37 - 2013-08-14 19:55 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== Faulty Device Manager Devices ============= Name: Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter Description: Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Intel Corporation Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/28/2013 06:58:55 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (09/27/2013 00:25:51 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (09/26/2013 07:39:16 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (09/25/2013 03:54:47 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (09/22/2013 03:41:20 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT-AUTORITÄT) Description: There was an error with the Windows Location Provider database Error: (09/22/2013 01:42:22 PM) (Source: Application Error) (User: ) Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden: Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten Speichertreibern, oder der Datenträger fehlt. Das Programm AptanaStudio3.exe wurde wegen dieses Fehlers geschlossen. Programm: AptanaStudio3.exe Datei: Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet. Benutzeraktion 1. Öffnen Sie die Datei erneut. Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird. 2. Wenn Sie weiterhin nicht auf die Datei zugreifen können und - diese sich im Netzwerk befindet, dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann. - diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist. 3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE. 4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht. 5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt. Zusätzliche Daten Fehlerwert: C0000098 Datenträgertyp: 0 Error: (09/22/2013 01:42:22 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: AptanaStudio3.exe, Version: 0.0.0.0, Zeitstempel: 0x4d87abff Name des fehlerhaften Moduls: jvm.dll, Version: 0.0.0.0, Zeitstempel: 0x4d4a3fae Ausnahmecode: 0xc0000006 Fehleroffset: 0x001f9fd0 ID des fehlerhaften Prozesses: 0x1dc8 Startzeit der fehlerhaften Anwendung: 0xAptanaStudio3.exe0 Pfad der fehlerhaften Anwendung: AptanaStudio3.exe1 Pfad des fehlerhaften Moduls: AptanaStudio3.exe2 Berichtskennung: AptanaStudio3.exe3 Vollständiger Name des fehlerhaften Pakets: AptanaStudio3.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AptanaStudio3.exe5 Error: (09/22/2013 11:30:41 AM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (09/21/2013 05:44:20 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80070005 Error: (09/20/2013 09:33:41 PM) (Source: Application Hang) (User: ) Description: Programm WWAHost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1ef8 Startzeit: 01ceb6379c72cd54 Endzeit: 4294967295 Anwendungspfad: C:\Windows\System32\WWAHost.exe Berichts-ID: 85be5b9e-222b-11e3-be79-089e01c31e9f Vollständiger Name des fehlerhaften Pakets: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Windows.Store System errors: ============= Error: (09/28/2013 11:49:05 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/28/2013 11:49:05 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht. Error: (09/28/2013 11:48:35 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht. Error: (09/28/2013 11:48:05 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht. Error: (09/28/2013 11:47:35 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/28/2013 11:47:35 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht. Error: (09/24/2013 09:59:46 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 24.09.2013 um 21:42:27 unerwartet heruntergefahren. Error: (09/20/2013 04:16:19 PM) (Source: EventLog) (User: ) Description: Das System wurde zuvor am 20.09.2013 um 16:13:48 unerwartet heruntergefahren. Error: (09/20/2013 09:27:58 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee Anti-Spam Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/20/2013 09:27:58 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "McAfee Proxy Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office Sessions: ========================= Error: (09/28/2013 06:58:55 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (09/27/2013 00:25:51 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (09/26/2013 07:39:16 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (09/25/2013 03:54:47 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (09/22/2013 03:41:20 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT-AUTORITÄT) Description: -2147024883 Error: (09/22/2013 01:42:22 PM) (Source: Application Error)(User: ) Description: AptanaStudio3.exeC00000980 Error: (09/22/2013 01:42:22 PM) (Source: Application Error)(User: ) Description: AptanaStudio3.exe0.0.0.04d87abffjvm.dll0.0.0.04d4a3faec0000006001f9fd01dc801ceb7024f3ddedfD:\Punctonews\AptanaStudio3.exeD:\Punctonews\jre\bin\client\ jvm.dll0ab0de0a-237c-11e3-be79-089e01c31e9f Error: (09/22/2013 11:30:41 AM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (09/21/2013 05:44:20 PM) (Source: Customer Experience Improvement Program)(User: ) Description: 80070005 Error: (09/20/2013 09:33:41 PM) (Source: Application Hang)(User: ) Description: WWAHost.exe6.2.9200.164201ef801ceb6379c72cd544294967295C:\Windows\System32\WWAHost.exe85be5b9e-222b-11e3-be79-089e01c31e9fwinstore_1.0.0.0_neutral_neutral_cw5n1h2txyewyWindows.Store CodeIntegrity Errors: =================================== Date: 2013-09-28 20:25:41.385 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-27 09:47:47.862 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-26 18:58:01.122 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-24 22:07:36.717 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-24 22:07:14.804 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-24 22:07:10.217 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-24 22:06:05.297 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-24 22:05:54.184 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-24 22:05:46.788 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2013-09-24 22:04:40.505 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 43% Total physical RAM: 7848.27 MB Available physical RAM: 4406.49 MB Total Pagefile: 11256.27 MB Available Pagefile: 4395.39 MB Total Virtual: 8192 MB Available Virtual: 8191.77 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:448.45 GB) (Free:398.55 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 466 GB) (Disk ID: 5BF1B68F) Partition: GPT Partition Type ======================================================== Disk: 1 (Size: 22 GB) (Disk ID: 74F02DEA) Partition 1: (Not Active) - (Size=22 GB) - (Type=73) ============================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe (McAfee, Inc.) C:\windows\system32\mfevtps.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) c:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\system32\wwahost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe () C:\Program Files\WindowsApps\GAMELOFTSA.SharkDash_1.3.6.9_x64__0pp20fcewvvtj\SharkDash.exe (Microsoft Corporation) C:\Windows\syswow64\wwahost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Camera_6.2.9200.20523_x64__8wekyb3d8bbwe\webcam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (Microsoft Corporation) C:\Windows\system32\msiexec.exe (McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saUpd.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016432 2013-03-07] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.) HKCU\...\Run: [Facebook Update] - C:\Users\Nilsis\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-17] (Facebook Inc.) HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-28] (Avira Operations GmbH & Co. KG) HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-02-20] (Acer Incorporated) AppInit_DLLs: C:\Windows\system32\nvinitx.dll [245872 2013-03-07] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [201576 2013-03-07] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com SearchScopes: HKLM - DefaultScope {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM - {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - DefaultScope {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM-x32 - {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKCU - DefaultScope {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKCU - {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Nilsis\AppData\Roaming\Mozilla\Firefox\Profiles\9qj28oux.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Nilsis\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK ==================== Services (Whitelisted) ================= S2 0274431380405298mcinstcleanup; C:\Windows\TEMP\027443~1.EXE [834664 2013-07-12] (McAfee, Inc.) S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-28] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-28] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [815160 2013-09-28] (Avira Operations GmbH & Co. KG) R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated) R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-05] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate) R2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [120592 2013-05-22] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-08-06] (McAfee, Inc.) S3 McAWFwk; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [334760 2012-12-21] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-17] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-08-05] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.) R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-16] () R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1901752 2013-07-22] (Microsoft Corporation) S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-04-21] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3379440 2013-04-16] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-28] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-09-28] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-09-28] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [82136 2013-09-28] (Avira Operations GmbH & Co. KG) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-03-25] (Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.) R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.) R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies) R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-04] (Intel Corporation) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] () R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] () R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.) R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-17] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [377040 2013-07-09] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-07-09] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3597792 2013-05-14] (Intel Corporation) S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-07] (Synaptics Incorporated) R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-09-24] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-29 12:03 - 2013-09-29 12:03 - 00000000 ____D C:\FRST 2013-09-29 12:02 - 2013-09-29 12:03 - 01953880 _____ (Farbar) C:\Users\Nilsis\Downloads\FRST64.exe 2013-09-28 23:51 - 2013-09-28 23:51 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Avira 2013-09-28 23:46 - 2013-09-28 23:46 - 00002074 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-09-28 23:45 - 2013-09-28 23:45 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00000000 ____D C:\ProgramData\Avira 2013-09-28 23:45 - 2013-09-28 23:45 - 00000000 ____D C:\Program Files (x86)\Avira 2013-09-28 23:43 - 2013-09-28 23:43 - 02092792 _____ C:\Users\Nilsis\Downloads\avira_free_antivirus.exe 2013-09-28 22:26 - 2013-09-28 22:26 - 00000053 _____ C:\Users\Nilsis\Desktop\style.css.css 2013-09-28 22:20 - 2013-09-28 23:00 - 00000000 ____D C:\Users\Nilsis\Desktop\projekt_starfight 2013-09-28 20:04 - 2013-09-28 20:04 - 00196744 _____ C:\Users\Nilsis\Downloads\script.zip 2013-09-28 19:33 - 2013-09-28 19:33 - 00000000 ____D C:\Users\Nilsis\Downloads\tictactoe 2013-09-28 19:32 - 2013-09-28 19:32 - 00132730 _____ C:\Users\Nilsis\Downloads\tictactoe.zip 2013-09-28 19:30 - 2013-09-28 19:30 - 00000841 _____ C:\Users\Nilsis\Downloads\tictactoe.c 2013-09-24 22:00 - 2013-09-24 22:00 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2013-09-21 21:16 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-09-21 21:16 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-09-21 19:21 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-09-21 19:21 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-09-21 19:21 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2013-09-21 19:21 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-09-21 18:24 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-09-20 23:15 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2013-09-20 23:15 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2013-09-20 21:32 - 2013-09-20 21:32 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-09-20 21:31 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2013-09-20 21:31 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2013-09-20 14:07 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-09-20 14:07 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-09-20 14:07 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2013-09-20 13:11 - 2013-09-20 13:11 - 00000000 ____D C:\Users\Nilsis\.eclipse 2013-09-20 13:07 - 2013-09-20 13:07 - 00000000 ____D C:\Users\Nilsis\Aptana Rubles 2013-09-20 13:06 - 2013-09-20 13:06 - 00000000 ____D C:\Users\Nilsis\Documents\Aptana Studio 3 Workspace 2013-09-20 01:56 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-09-20 01:56 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2013-09-19 22:42 - 2013-09-28 20:27 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\TS3Client 2013-09-19 22:42 - 2013-09-19 22:42 - 00001180 _____ C:\Users\Nilsis\Desktop\TeamSpeak 3 Client.lnk 2013-09-19 22:42 - 2013-09-19 22:42 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2013-09-19 22:42 - 2013-09-19 22:42 - 00000000 ____D C:\Users\Nilsis\AppData\Local\TeamSpeak 3 Client 2013-09-19 22:41 - 2013-09-19 22:41 - 32442656 _____ (TeamSpeak Systems GmbH) C:\Users\Nilsis\Downloads\TeamSpeak3-Client-win64-3.0.12.exe 2013-09-19 20:06 - 2013-03-06 09:10 - 00112872 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2013-09-19 20:06 - 2013-03-06 08:59 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2013-09-19 20:06 - 2013-03-06 08:31 - 19758592 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-19 20:06 - 2013-03-06 08:31 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2013-09-19 20:06 - 2013-03-06 08:31 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-19 20:06 - 2013-03-06 08:29 - 02303488 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-09-19 20:06 - 2013-03-06 08:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2013-09-19 20:06 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2013-09-19 20:06 - 2013-03-06 07:03 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-19 20:06 - 2013-03-06 07:03 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2013-09-19 20:06 - 2013-03-06 07:03 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-19 20:06 - 2013-03-06 07:02 - 02035200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-09-19 20:06 - 2013-03-06 07:02 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2013-09-19 20:01 - 2013-09-19 20:05 - 00000000 ____D C:\Windows\system32\MRT 2013-09-19 20:01 - 2013-09-01 17:08 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-18 22:35 - 2012-05-28 10:28 - 00197264 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys 2013-09-18 22:34 - 2013-09-18 22:34 - 00000979 _____ C:\Users\Nilsis\Desktop\Harald Albersdorf Süderstraße 14.contact 2013-09-18 22:11 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-09-18 22:11 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-09-18 22:11 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-09-18 22:11 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2013-09-18 22:11 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2013-09-18 22:11 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-09-18 22:11 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-09-18 22:11 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2013-09-18 22:11 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2013-09-18 09:41 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2013-09-18 09:41 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2013-09-18 09:41 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS 2013-09-18 09:41 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS 2013-09-18 09:41 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-18 09:41 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2013-09-18 09:41 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2013-09-18 09:41 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-09-18 09:41 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2013-09-18 09:41 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2013-09-18 09:41 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2013-09-18 09:41 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2013-09-18 09:41 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2013-09-18 09:41 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe 2013-09-18 09:41 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2013-09-18 09:41 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll 2013-09-18 09:41 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe 2013-09-18 09:41 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2013-09-18 09:41 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2013-09-18 09:41 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2013-09-18 09:41 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2013-09-18 09:41 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2013-09-18 09:41 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2013-09-18 09:41 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2013-09-18 09:41 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll 2013-09-18 09:41 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys 2013-09-18 09:41 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2013-09-18 09:41 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2013-09-18 09:41 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2013-09-18 09:41 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2013-09-18 09:41 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2013-09-18 09:41 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2013-09-18 09:41 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2013-09-18 09:41 - 2013-04-09 06:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2013-09-18 09:41 - 2013-04-09 04:34 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-09-18 09:41 - 2013-04-09 04:34 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2013-09-18 09:41 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2013-09-18 09:41 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2013-09-18 09:41 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2013-09-18 09:31 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys 2013-09-18 09:31 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-09-18 09:31 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-09-18 09:31 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll 2013-09-18 09:31 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2013-09-18 09:31 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2013-09-18 09:31 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll 2013-09-18 09:31 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll 2013-09-18 09:31 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-09-18 09:31 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2013-09-18 09:31 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-09-18 09:31 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2013-09-18 09:31 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-09-18 09:31 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2013-09-18 09:31 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-09-18 09:31 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2013-09-18 09:31 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml 2013-09-18 09:31 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe 2013-09-18 09:31 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe 2013-09-18 09:31 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-09-18 09:31 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-09-18 09:31 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2013-09-18 09:31 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-09-18 09:31 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2013-09-18 09:31 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2013-09-18 09:31 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-09-18 09:31 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-09-18 09:31 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2013-09-18 09:31 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll 2013-09-18 09:31 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2013-09-18 09:31 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll 2013-09-18 09:31 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2013-09-18 09:31 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-09-18 09:31 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-09-18 09:31 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-09-18 09:31 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-09-18 09:31 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-09-18 09:31 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-09-18 09:31 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-09-18 09:31 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-09-18 09:31 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-09-18 09:31 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2013-09-17 20:49 - 2013-09-28 23:54 - 00000942 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002UA.job 2013-09-17 20:49 - 2013-09-28 20:54 - 00000920 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002Core.job 2013-09-17 20:49 - 2013-09-17 20:49 - 00501248 _____ (Facebook Inc.) C:\Users\Nilsis\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe 2013-09-17 20:49 - 2013-09-17 20:49 - 00003792 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002UA 2013-09-17 20:49 - 2013-09-17 20:49 - 00003442 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002Core 2013-09-17 20:49 - 2013-09-17 20:49 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Facebook 2013-09-17 18:53 - 2013-09-17 18:53 - 00421880 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-16 17:14 - 2013-03-15 02:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2013-09-15 15:02 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2013-09-15 15:02 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2013-09-14 23:51 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll 2013-09-14 23:51 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2013-09-14 23:51 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2013-09-14 23:51 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll 2013-09-14 23:51 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll 2013-09-14 23:51 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll 2013-09-14 21:33 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2013-09-14 21:33 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2013-09-14 18:38 - 2013-09-24 20:27 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Skype 2013-09-14 18:38 - 2013-09-14 18:38 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk 2013-09-14 18:38 - 2013-09-14 18:38 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-14 18:38 - 2013-09-14 18:38 - 00000000 ____D C:\ProgramData\Skype 2013-09-14 18:37 - 2013-09-14 18:38 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Nilsis\Downloads\SkypeSetupFull_6.7.102.exe 2013-09-14 17:08 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-14 14:10 - 2013-09-14 14:10 - 00000477 _____ C:\Users\UpdatusUser\Desktop\Aptana Studio 3.lnk 2013-09-14 14:10 - 2013-09-14 14:10 - 00000477 _____ C:\Users\Nilsis\Desktop\Aptana Studio 3.lnk 2013-09-14 13:59 - 2013-09-14 14:00 - 153145968 _____ (Appcelerator, Inc.) C:\Users\Nilsis\Downloads\Aptana_Studio_3_Setup_3.4.2.exe 2013-09-11 22:02 - 2013-09-11 22:03 - 00000000 ____D C:\Bildschirm 2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Macromedia 2013-09-11 18:23 - 2013-09-29 01:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-11 18:23 - 2013-09-11 18:23 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-11 18:19 - 2013-09-11 18:38 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Adobe 2013-09-11 17:31 - 2013-09-11 17:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2013-09-11 17:27 - 2013-09-11 17:27 - 00002149 _____ C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00002128 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00002128 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ___RD C:\Users\Nilsis\SkyDrive 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive 2013-09-11 02:03 - 2013-09-11 02:03 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Intel_Corporation 2013-09-11 01:37 - 2013-09-11 01:37 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\ProgramData\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-11 01:35 - 2013-09-11 01:35 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Macromedia 2013-09-10 23:01 - 2013-09-29 01:49 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2349251602-3775558666-3161326686-1002 2013-09-10 22:57 - 2013-09-12 21:54 - 00000000 ____D C:\Users\Nilsis\AppData\Local\clear.fi 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Public\OEM 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Nilsis\PicStream 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Nilsis\Documents\clear.fi 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Synaptics 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\ProgramData\OEM_YAHOO 2013-09-10 22:53 - 2013-09-24 22:00 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-10 22:53 - 2013-09-24 22:00 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-10 22:53 - 2013-09-10 22:53 - 00001446 _____ C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-09-10 22:53 - 2013-09-10 22:53 - 00000442 _____ C:\Users\Nilsis\Downloads\Desktop.lnk 2013-09-10 22:53 - 2013-09-10 22:53 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Adobe 2013-09-10 22:52 - 2013-09-20 14:32 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Packages 2013-09-10 22:52 - 2013-09-20 13:11 - 00000000 ____D C:\Users\Nilsis 2013-09-10 22:52 - 2013-09-10 22:52 - 00000020 ___SH C:\Users\Nilsis\ntuser.ini 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Vorlagen 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Startmenü 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Netzwerkumgebung 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Lokale Einstellungen 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Eigene Dateien 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Druckumgebung 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Documents\Eigene Musik 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Documents\Eigene Bilder 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Local\Verlauf 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Local\Anwendungsdaten 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Anwendungsdaten 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Intel 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis\AppData\Local\VirtualStore 2013-09-10 22:52 - 2013-04-21 11:38 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-09-10 22:52 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-09-10 22:52 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-09-10 22:52 - 2012-07-26 10:13 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Vorlagen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Vorlagen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Startmenü 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Dokumente 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Dokumente und Einstellungen 2013-09-04 17:23 - 2013-09-28 21:57 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Deployment 2013-09-04 17:23 - 2013-09-04 17:23 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Apps\2.0 2013-09-04 17:20 - 2013-09-17 18:36 - 00000000 ____D C:\Program Files\Microsoft Office 15 2013-09-04 17:19 - 2013-09-04 17:19 - 00574656 _____ (Microsoft Corporation) C:\Users\Nilsis\Downloads\Setup.X86.de-DE_O365HomePremRetail_16e483c8-d43d-46bb-aa49-34bea1242bfe_TX_DB_.exe 2013-09-04 11:14 - 2013-09-04 11:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-09-04 11:14 - 2013-09-04 11:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-09-04 09:50 - 2013-09-04 09:50 - 00000000 _____ C:\Users\Nilsis\Desktop\Neues Textdokument.txt 2013-09-03 22:32 - 2013-09-03 22:32 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\NVIDIA 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Public\CyberLink 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\CyberLink 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Cyberlink 2013-09-03 22:13 - 2013-09-03 22:13 - 00000355 _____ C:\Users\Nilsis\Desktop\Arbeitsplatz.lnk ==================== One Month Modified Files and Folders ======= 2013-09-29 12:03 - 2013-09-29 12:03 - 00000000 ____D C:\FRST 2013-09-29 12:03 - 2013-09-29 12:02 - 01953880 _____ (Farbar) C:\Users\Nilsis\Downloads\FRST64.exe 2013-09-29 12:02 - 2013-06-24 02:23 - 01255377 _____ C:\Windows\WindowsUpdate.log 2013-09-29 11:59 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru 2013-09-29 01:49 - 2013-09-10 23:01 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2349251602-3775558666-3161326686-1002 2013-09-29 01:23 - 2013-09-11 18:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-28 23:54 - 2013-09-17 20:49 - 00000942 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002UA.job 2013-09-28 23:54 - 2013-05-20 05:27 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-09-28 23:51 - 2013-09-28 23:51 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Avira 2013-09-28 23:46 - 2013-09-28 23:46 - 00002074 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-09-28 23:45 - 2013-09-28 23:45 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00000000 ____D C:\ProgramData\Avira 2013-09-28 23:45 - 2013-09-28 23:45 - 00000000 ____D C:\Program Files (x86)\Avira 2013-09-28 23:43 - 2013-09-28 23:43 - 02092792 _____ C:\Users\Nilsis\Downloads\avira_free_antivirus.exe 2013-09-28 23:00 - 2013-09-28 22:20 - 00000000 ____D C:\Users\Nilsis\Desktop\projekt_starfight 2013-09-28 22:26 - 2013-09-28 22:26 - 00000053 _____ C:\Users\Nilsis\Desktop\style.css.css 2013-09-28 21:57 - 2013-09-04 17:23 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Deployment 2013-09-28 20:54 - 2013-09-17 20:49 - 00000920 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002Core.job 2013-09-28 20:27 - 2013-09-19 22:42 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\TS3Client 2013-09-28 20:04 - 2013-09-28 20:04 - 00196744 _____ C:\Users\Nilsis\Downloads\script.zip 2013-09-28 19:33 - 2013-09-28 19:33 - 00000000 ____D C:\Users\Nilsis\Downloads\tictactoe 2013-09-28 19:32 - 2013-09-28 19:32 - 00132730 _____ C:\Users\Nilsis\Downloads\tictactoe.zip 2013-09-28 19:30 - 2013-09-28 19:30 - 00000841 _____ C:\Users\Nilsis\Downloads\tictactoe.c 2013-09-27 09:38 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-09-26 20:41 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM 2013-09-24 22:06 - 2013-06-24 12:05 - 00753134 _____ C:\Windows\system32\perfh007.dat 2013-09-24 22:06 - 2013-06-24 12:05 - 00155826 _____ C:\Windows\system32\perfc007.dat 2013-09-24 22:06 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-24 22:00 - 2013-09-24 22:00 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2013-09-24 22:00 - 2013-09-10 22:53 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-24 22:00 - 2013-09-10 22:53 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-24 22:00 - 2013-06-24 03:08 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys 2013-09-24 21:59 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-24 21:58 - 2013-05-20 05:12 - 00014186 _____ C:\Windows\PFRO.log 2013-09-24 21:58 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData 2013-09-24 20:27 - 2013-09-14 18:38 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Skype 2013-09-20 22:53 - 2013-06-24 03:20 - 00000000 ____D C:\ProgramData\Norton 2013-09-20 21:32 - 2013-09-20 21:32 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-09-20 14:32 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Packages 2013-09-20 13:11 - 2013-09-20 13:11 - 00000000 ____D C:\Users\Nilsis\.eclipse 2013-09-20 13:11 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis 2013-09-20 13:07 - 2013-09-20 13:07 - 00000000 ____D C:\Users\Nilsis\Aptana Rubles 2013-09-20 13:06 - 2013-09-20 13:06 - 00000000 ____D C:\Users\Nilsis\Documents\Aptana Studio 3 Workspace 2013-09-20 09:24 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF 2013-09-19 22:42 - 2013-09-19 22:42 - 00001180 _____ C:\Users\Nilsis\Desktop\TeamSpeak 3 Client.lnk 2013-09-19 22:42 - 2013-09-19 22:42 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2013-09-19 22:42 - 2013-09-19 22:42 - 00000000 ____D C:\Users\Nilsis\AppData\Local\TeamSpeak 3 Client 2013-09-19 22:41 - 2013-09-19 22:41 - 32442656 _____ (TeamSpeak Systems GmbH) C:\Users\Nilsis\Downloads\TeamSpeak3-Client-win64-3.0.12.exe 2013-09-19 22:12 - 2013-05-20 05:27 - 00000000 ____D C:\ProgramData\McAfee 2013-09-19 22:01 - 2013-05-20 05:27 - 00000000 ____D C:\Program Files\Common Files\mcafee 2013-09-19 22:00 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-09-19 21:59 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore 2013-09-19 21:59 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe 2013-09-19 20:05 - 2013-09-19 20:01 - 00000000 ____D C:\Windows\system32\MRT 2013-09-18 22:34 - 2013-09-18 22:34 - 00000979 _____ C:\Users\Nilsis\Desktop\Harald Albersdorf Süderstraße 14.contact 2013-09-18 22:21 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP 2013-09-17 20:49 - 2013-09-17 20:49 - 00501248 _____ (Facebook Inc.) C:\Users\Nilsis\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe 2013-09-17 20:49 - 2013-09-17 20:49 - 00003792 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002UA 2013-09-17 20:49 - 2013-09-17 20:49 - 00003442 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002Core 2013-09-17 20:49 - 2013-09-17 20:49 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Facebook 2013-09-17 18:53 - 2013-09-17 18:53 - 00421880 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-17 18:53 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing 2013-09-17 18:36 - 2013-09-04 17:20 - 00000000 ____D C:\Program Files\Microsoft Office 15 2013-09-14 21:59 - 2012-07-26 09:21 - 00032502 _____ C:\Windows\setupact.log 2013-09-14 18:38 - 2013-09-14 18:38 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk 2013-09-14 18:38 - 2013-09-14 18:38 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-14 18:38 - 2013-09-14 18:38 - 00000000 ____D C:\ProgramData\Skype 2013-09-14 18:38 - 2013-09-14 18:37 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Nilsis\Downloads\SkypeSetupFull_6.7.102.exe 2013-09-14 14:10 - 2013-09-14 14:10 - 00000477 _____ C:\Users\UpdatusUser\Desktop\Aptana Studio 3.lnk 2013-09-14 14:10 - 2013-09-14 14:10 - 00000477 _____ C:\Users\Nilsis\Desktop\Aptana Studio 3.lnk 2013-09-14 14:00 - 2013-09-14 13:59 - 153145968 _____ (Appcelerator, Inc.) C:\Users\Nilsis\Downloads\Aptana_Studio_3_Setup_3.4.2.exe 2013-09-12 21:54 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Nilsis\AppData\Local\clear.fi 2013-09-11 22:03 - 2013-09-11 22:02 - 00000000 ____D C:\Bildschirm 2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Macromedia 2013-09-11 18:38 - 2013-09-11 18:19 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Adobe 2013-09-11 18:23 - 2013-09-11 18:23 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-11 17:31 - 2013-09-11 17:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2013-09-11 17:27 - 2013-09-11 17:27 - 00002149 _____ C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00002128 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00002128 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ___RD C:\Users\Nilsis\SkyDrive 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive 2013-09-11 02:03 - 2013-09-11 02:03 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Intel_Corporation 2013-09-11 01:41 - 2013-05-20 05:27 - 00000000 ____D C:\Program Files\mcafee 2013-09-11 01:37 - 2013-09-11 01:37 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\ProgramData\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-11 01:35 - 2013-09-11 01:35 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Macromedia 2013-09-10 22:58 - 2013-06-24 02:25 - 00000000 ____D C:\ProgramData\Intel 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Public\OEM 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Nilsis\PicStream 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Nilsis\Documents\clear.fi 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Synaptics 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\ProgramData\OEM_YAHOO 2013-09-10 22:54 - 2013-05-20 06:08 - 00000000 ___HD C:\OEM 2013-09-10 22:53 - 2013-09-10 22:53 - 00001446 _____ C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-09-10 22:53 - 2013-09-10 22:53 - 00000442 _____ C:\Users\Nilsis\Downloads\Desktop.lnk 2013-09-10 22:53 - 2013-09-10 22:53 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Adobe 2013-09-10 22:52 - 2013-09-10 22:52 - 00000020 ___SH C:\Users\Nilsis\ntuser.ini 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Vorlagen 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Startmenü 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Netzwerkumgebung 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Lokale Einstellungen 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Eigene Dateien 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Druckumgebung 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Documents\Eigene Musik 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Documents\Eigene Bilder 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Local\Verlauf 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Local\Anwendungsdaten 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Anwendungsdaten 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Intel 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis\AppData\Local\VirtualStore 2013-09-10 22:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2013-09-10 22:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Vorlagen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Vorlagen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Startmenü 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Dokumente 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Dokumente und Einstellungen 2013-09-10 22:48 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT 2013-09-10 22:48 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default 2013-09-05 22:09 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-05 22:09 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-04 17:23 - 2013-09-04 17:23 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Apps\2.0 2013-09-04 17:19 - 2013-09-04 17:19 - 00574656 _____ (Microsoft Corporation) C:\Users\Nilsis\Downloads\Setup.X86.de-DE_O365HomePremRetail_16e483c8-d43d-46bb-aa49-34bea1242bfe_TX_DB_.exe 2013-09-04 17:08 - 2013-05-20 05:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-04 17:04 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore 2013-09-04 11:14 - 2013-09-04 11:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-09-04 11:14 - 2013-09-04 11:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-09-04 09:50 - 2013-09-04 09:50 - 00000000 _____ C:\Users\Nilsis\Desktop\Neues Textdokument.txt 2013-09-03 22:32 - 2013-09-03 22:32 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\NVIDIA 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Public\CyberLink 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\CyberLink 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Cyberlink 2013-09-03 22:28 - 2013-06-24 03:24 - 00000000 ____D C:\ProgramData\CyberLink 2013-09-03 22:13 - 2013-09-03 22:13 - 00000355 _____ C:\Users\Nilsis\Desktop\Arbeitsplatz.lnk 2013-09-01 17:08 - 2013-09-19 20:01 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Some content of TEMP: ==================== C:\Users\Nilsis\AppData\Local\Temp\fp_pl_pfs_installer-1.exe C:\Users\Nilsis\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Nilsis\AppData\Local\Temp\OfficeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit |
|
29.09.2013, 11:14
| #4 |
| | Mein 64 BIT System macht was es will!! FRST: ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe (McAfee, Inc.) C:\windows\system32\mfevtps.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) c:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\system32\wwahost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe () C:\Program Files\WindowsApps\GAMELOFTSA.SharkDash_1.3.6.9_x64__0pp20fcewvvtj\SharkDash.exe (Microsoft Corporation) C:\Windows\syswow64\wwahost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Camera_6.2.9200.20523_x64__8wekyb3d8bbwe\webcam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (Microsoft Corporation) C:\Windows\system32\msiexec.exe (McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saUpd.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016432 2013-03-07] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.) HKCU\...\Run: [Facebook Update] - C:\Users\Nilsis\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-17] (Facebook Inc.) HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-28] (Avira Operations GmbH & Co. KG) HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-02-20] (Acer Incorporated) AppInit_DLLs: C:\Windows\system32\nvinitx.dll [245872 2013-03-07] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [201576 2013-03-07] (NVIDIA Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. SearchScopes: HKLM - DefaultScope {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM - {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - DefaultScope {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM-x32 - {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKCU - DefaultScope {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKCU - {AC0BC043-566E-49AF-89DA-EB4C672076AA} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Nilsis\AppData\Roaming\Mozilla\Firefox\Profiles\9qj28oux.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Nilsis\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK ==================== Services (Whitelisted) ================= S2 0274431380405298mcinstcleanup; C:\Windows\TEMP\027443~1.EXE [834664 2013-07-12] (McAfee, Inc.) S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-28] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-28] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [815160 2013-09-28] (Avira Operations GmbH & Co. KG) R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated) R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-05] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate) R2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [120592 2013-05-22] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-08-06] (McAfee, Inc.) S3 McAWFwk; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [334760 2012-12-21] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-17] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-08-05] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.) R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-16] () R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1901752 2013-07-22] (Microsoft Corporation) S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-04-21] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3379440 2013-04-16] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-28] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-09-28] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-09-28] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [82136 2013-09-28] (Avira Operations GmbH & Co. KG) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-03-25] (Motorola Solutions, Inc.) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.) R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.) R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies) R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-04] (Intel Corporation) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] () R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] () R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.) R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-17] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [377040 2013-07-09] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-07-09] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3597792 2013-05-14] (Intel Corporation) S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-07] (Synaptics Incorporated) R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-09-24] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-29 12:03 - 2013-09-29 12:03 - 00000000 ____D C:\FRST 2013-09-29 12:02 - 2013-09-29 12:03 - 01953880 _____ (Farbar) C:\Users\Nilsis\Downloads\FRST64.exe 2013-09-28 23:51 - 2013-09-28 23:51 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Avira 2013-09-28 23:46 - 2013-09-28 23:46 - 00002074 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-09-28 23:45 - 2013-09-28 23:45 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00000000 ____D C:\ProgramData\Avira 2013-09-28 23:45 - 2013-09-28 23:45 - 00000000 ____D C:\Program Files (x86)\Avira 2013-09-28 23:43 - 2013-09-28 23:43 - 02092792 _____ C:\Users\Nilsis\Downloads\avira_free_antivirus.exe 2013-09-28 22:26 - 2013-09-28 22:26 - 00000053 _____ C:\Users\Nilsis\Desktop\style.css.css 2013-09-28 22:20 - 2013-09-28 23:00 - 00000000 ____D C:\Users\Nilsis\Desktop\projekt_starfight 2013-09-28 20:04 - 2013-09-28 20:04 - 00196744 _____ C:\Users\Nilsis\Downloads\script.zip 2013-09-28 19:33 - 2013-09-28 19:33 - 00000000 ____D C:\Users\Nilsis\Downloads\tictactoe 2013-09-28 19:32 - 2013-09-28 19:32 - 00132730 _____ C:\Users\Nilsis\Downloads\tictactoe.zip 2013-09-28 19:30 - 2013-09-28 19:30 - 00000841 _____ C:\Users\Nilsis\Downloads\tictactoe.c 2013-09-24 22:00 - 2013-09-24 22:00 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2013-09-21 21:16 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-09-21 21:16 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-09-21 19:21 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-09-21 19:21 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-09-21 19:21 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2013-09-21 19:21 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-09-21 18:24 - 2013-07-09 08:07 - 02233168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-09-20 23:15 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2013-09-20 23:15 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2013-09-20 21:32 - 2013-09-20 21:32 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-09-20 21:31 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2013-09-20 21:31 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2013-09-20 14:07 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-09-20 14:07 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-09-20 14:07 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2013-09-20 13:11 - 2013-09-20 13:11 - 00000000 ____D C:\Users\Nilsis\.eclipse 2013-09-20 13:07 - 2013-09-20 13:07 - 00000000 ____D C:\Users\Nilsis\Aptana Rubles 2013-09-20 13:06 - 2013-09-20 13:06 - 00000000 ____D C:\Users\Nilsis\Documents\Aptana Studio 3 Workspace 2013-09-20 01:56 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-09-20 01:56 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2013-09-19 22:42 - 2013-09-28 20:27 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\TS3Client 2013-09-19 22:42 - 2013-09-19 22:42 - 00001180 _____ C:\Users\Nilsis\Desktop\TeamSpeak 3 Client.lnk 2013-09-19 22:42 - 2013-09-19 22:42 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2013-09-19 22:42 - 2013-09-19 22:42 - 00000000 ____D C:\Users\Nilsis\AppData\Local\TeamSpeak 3 Client 2013-09-19 22:41 - 2013-09-19 22:41 - 32442656 _____ (TeamSpeak Systems GmbH) C:\Users\Nilsis\Downloads\TeamSpeak3-Client-win64-3.0.12.exe 2013-09-19 20:06 - 2013-03-06 09:10 - 00112872 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2013-09-19 20:06 - 2013-03-06 08:59 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2013-09-19 20:06 - 2013-03-06 08:31 - 19758592 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-19 20:06 - 2013-03-06 08:31 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2013-09-19 20:06 - 2013-03-06 08:31 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-19 20:06 - 2013-03-06 08:29 - 02303488 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-09-19 20:06 - 2013-03-06 08:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2013-09-19 20:06 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2013-09-19 20:06 - 2013-03-06 07:03 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-19 20:06 - 2013-03-06 07:03 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2013-09-19 20:06 - 2013-03-06 07:03 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-19 20:06 - 2013-03-06 07:02 - 02035200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-09-19 20:06 - 2013-03-06 07:02 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2013-09-19 20:01 - 2013-09-19 20:05 - 00000000 ____D C:\Windows\system32\MRT 2013-09-19 20:01 - 2013-09-01 17:08 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-18 22:35 - 2012-05-28 10:28 - 00197264 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys 2013-09-18 22:34 - 2013-09-18 22:34 - 00000979 _____ C:\Users\Nilsis\Desktop\Harald Albersdorf Süderstraße 14.contact 2013-09-18 22:11 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-09-18 22:11 - 2013-07-13 08:16 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-09-18 22:11 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-09-18 22:11 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll 2013-09-18 22:11 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll 2013-09-18 22:11 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-09-18 22:11 - 2013-07-13 06:23 - 01568256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-09-18 22:11 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll 2013-09-18 22:11 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll 2013-09-18 09:41 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2013-09-18 09:41 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2013-09-18 09:41 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS 2013-09-18 09:41 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS 2013-09-18 09:41 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-18 09:41 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2013-09-18 09:41 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2013-09-18 09:41 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-09-18 09:41 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2013-09-18 09:41 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2013-09-18 09:41 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2013-09-18 09:41 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2013-09-18 09:41 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2013-09-18 09:41 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe 2013-09-18 09:41 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2013-09-18 09:41 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll 2013-09-18 09:41 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe 2013-09-18 09:41 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2013-09-18 09:41 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2013-09-18 09:41 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2013-09-18 09:41 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2013-09-18 09:41 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll 2013-09-18 09:41 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2013-09-18 09:41 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2013-09-18 09:41 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll 2013-09-18 09:41 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys 2013-09-18 09:41 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2013-09-18 09:41 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2013-09-18 09:41 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2013-09-18 09:41 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2013-09-18 09:41 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2013-09-18 09:41 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2013-09-18 09:41 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2013-09-18 09:41 - 2013-04-09 06:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2013-09-18 09:41 - 2013-04-09 04:34 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-09-18 09:41 - 2013-04-09 04:34 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2013-09-18 09:41 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2013-09-18 09:41 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2013-09-18 09:41 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2013-09-18 09:31 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys 2013-09-18 09:31 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2013-09-18 09:31 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2013-09-18 09:31 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll 2013-09-18 09:31 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2013-09-18 09:31 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2013-09-18 09:31 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll 2013-09-18 09:31 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll 2013-09-18 09:31 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2013-09-18 09:31 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2013-09-18 09:31 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll 2013-09-18 09:31 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2013-09-18 09:31 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-09-18 09:31 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2013-09-18 09:31 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-09-18 09:31 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2013-09-18 09:31 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml 2013-09-18 09:31 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe 2013-09-18 09:31 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe 2013-09-18 09:31 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2013-09-18 09:31 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2013-09-18 09:31 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2013-09-18 09:31 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-09-18 09:31 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2013-09-18 09:31 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2013-09-18 09:31 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-09-18 09:31 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2013-09-18 09:31 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2013-09-18 09:31 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll 2013-09-18 09:31 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2013-09-18 09:31 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll 2013-09-18 09:31 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2013-09-18 09:31 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2013-09-18 09:31 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2013-09-18 09:31 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2013-09-18 09:31 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-09-18 09:31 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-09-18 09:31 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2013-09-18 09:31 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-09-18 09:31 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-09-18 09:31 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-09-18 09:31 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2013-09-17 20:49 - 2013-09-28 23:54 - 00000942 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002UA.job 2013-09-17 20:49 - 2013-09-28 20:54 - 00000920 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002Core.job 2013-09-17 20:49 - 2013-09-17 20:49 - 00501248 _____ (Facebook Inc.) C:\Users\Nilsis\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe 2013-09-17 20:49 - 2013-09-17 20:49 - 00003792 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002UA 2013-09-17 20:49 - 2013-09-17 20:49 - 00003442 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002Core 2013-09-17 20:49 - 2013-09-17 20:49 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Facebook 2013-09-17 18:53 - 2013-09-17 18:53 - 00421880 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-16 17:14 - 2013-03-15 02:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2013-09-15 15:02 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2013-09-15 15:02 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2013-09-14 23:51 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll 2013-09-14 23:51 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2013-09-14 23:51 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2013-09-14 23:51 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll 2013-09-14 23:51 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll 2013-09-14 23:51 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll 2013-09-14 21:33 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2013-09-14 21:33 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2013-09-14 18:38 - 2013-09-24 20:27 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Skype 2013-09-14 18:38 - 2013-09-14 18:38 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk 2013-09-14 18:38 - 2013-09-14 18:38 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-14 18:38 - 2013-09-14 18:38 - 00000000 ____D C:\ProgramData\Skype 2013-09-14 18:37 - 2013-09-14 18:38 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Nilsis\Downloads\SkypeSetupFull_6.7.102.exe 2013-09-14 17:08 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-14 14:10 - 2013-09-14 14:10 - 00000477 _____ C:\Users\UpdatusUser\Desktop\Aptana Studio 3.lnk 2013-09-14 14:10 - 2013-09-14 14:10 - 00000477 _____ C:\Users\Nilsis\Desktop\Aptana Studio 3.lnk 2013-09-14 13:59 - 2013-09-14 14:00 - 153145968 _____ (Appcelerator, Inc.) C:\Users\Nilsis\Downloads\Aptana_Studio_3_Setup_3.4.2.exe 2013-09-11 22:02 - 2013-09-11 22:03 - 00000000 ____D C:\Bildschirm 2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Macromedia 2013-09-11 18:23 - 2013-09-29 01:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-11 18:23 - 2013-09-11 18:23 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-11 18:19 - 2013-09-11 18:38 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Adobe 2013-09-11 17:31 - 2013-09-11 17:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2013-09-11 17:27 - 2013-09-11 17:27 - 00002149 _____ C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00002128 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00002128 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ___RD C:\Users\Nilsis\SkyDrive 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive 2013-09-11 02:03 - 2013-09-11 02:03 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Intel_Corporation 2013-09-11 01:37 - 2013-09-11 01:37 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\ProgramData\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-11 01:35 - 2013-09-11 01:35 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Macromedia 2013-09-10 23:01 - 2013-09-29 01:49 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2349251602-3775558666-3161326686-1002 2013-09-10 22:57 - 2013-09-12 21:54 - 00000000 ____D C:\Users\Nilsis\AppData\Local\clear.fi 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Public\OEM 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Nilsis\PicStream 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Nilsis\Documents\clear.fi 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Synaptics 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\ProgramData\OEM_YAHOO 2013-09-10 22:53 - 2013-09-24 22:00 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-10 22:53 - 2013-09-24 22:00 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-10 22:53 - 2013-09-10 22:53 - 00001446 _____ C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-09-10 22:53 - 2013-09-10 22:53 - 00000442 _____ C:\Users\Nilsis\Downloads\Desktop.lnk 2013-09-10 22:53 - 2013-09-10 22:53 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Adobe 2013-09-10 22:52 - 2013-09-20 14:32 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Packages 2013-09-10 22:52 - 2013-09-20 13:11 - 00000000 ____D C:\Users\Nilsis 2013-09-10 22:52 - 2013-09-10 22:52 - 00000020 ___SH C:\Users\Nilsis\ntuser.ini 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Vorlagen 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Startmenü 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Netzwerkumgebung 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Lokale Einstellungen 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Eigene Dateien 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Druckumgebung 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Documents\Eigene Musik 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Documents\Eigene Bilder 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Local\Verlauf 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Local\Anwendungsdaten 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Anwendungsdaten 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Intel 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis\AppData\Local\VirtualStore 2013-09-10 22:52 - 2013-04-21 11:38 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-09-10 22:52 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-09-10 22:52 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-09-10 22:52 - 2012-07-26 10:13 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Vorlagen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Vorlagen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Startmenü 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Dokumente 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Dokumente und Einstellungen 2013-09-04 17:23 - 2013-09-28 21:57 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Deployment 2013-09-04 17:23 - 2013-09-04 17:23 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Apps\2.0 2013-09-04 17:20 - 2013-09-17 18:36 - 00000000 ____D C:\Program Files\Microsoft Office 15 2013-09-04 17:19 - 2013-09-04 17:19 - 00574656 _____ (Microsoft Corporation) C:\Users\Nilsis\Downloads\Setup.X86.de-DE_O365HomePremRetail_16e483c8-d43d-46bb-aa49-34bea1242bfe_TX_DB_.exe 2013-09-04 11:14 - 2013-09-04 11:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-09-04 11:14 - 2013-09-04 11:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-09-04 09:50 - 2013-09-04 09:50 - 00000000 _____ C:\Users\Nilsis\Desktop\Neues Textdokument.txt 2013-09-03 22:32 - 2013-09-03 22:32 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\NVIDIA 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Public\CyberLink 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\CyberLink 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Cyberlink 2013-09-03 22:13 - 2013-09-03 22:13 - 00000355 _____ C:\Users\Nilsis\Desktop\Arbeitsplatz.lnk ==================== One Month Modified Files and Folders ======= 2013-09-29 12:03 - 2013-09-29 12:03 - 00000000 ____D C:\FRST 2013-09-29 12:03 - 2013-09-29 12:02 - 01953880 _____ (Farbar) C:\Users\Nilsis\Downloads\FRST64.exe 2013-09-29 12:02 - 2013-06-24 02:23 - 01255377 _____ C:\Windows\WindowsUpdate.log 2013-09-29 11:59 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru 2013-09-29 01:49 - 2013-09-10 23:01 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2349251602-3775558666-3161326686-1002 2013-09-29 01:23 - 2013-09-11 18:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-28 23:54 - 2013-09-17 20:49 - 00000942 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002UA.job 2013-09-28 23:54 - 2013-05-20 05:27 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-09-28 23:51 - 2013-09-28 23:51 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Avira 2013-09-28 23:46 - 2013-09-28 23:46 - 00002074 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-09-28 23:45 - 2013-09-28 23:45 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-09-28 23:45 - 2013-09-28 23:45 - 00000000 ____D C:\ProgramData\Avira 2013-09-28 23:45 - 2013-09-28 23:45 - 00000000 ____D C:\Program Files (x86)\Avira 2013-09-28 23:43 - 2013-09-28 23:43 - 02092792 _____ C:\Users\Nilsis\Downloads\avira_free_antivirus.exe 2013-09-28 23:00 - 2013-09-28 22:20 - 00000000 ____D C:\Users\Nilsis\Desktop\projekt_starfight 2013-09-28 22:26 - 2013-09-28 22:26 - 00000053 _____ C:\Users\Nilsis\Desktop\style.css.css 2013-09-28 21:57 - 2013-09-04 17:23 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Deployment 2013-09-28 20:54 - 2013-09-17 20:49 - 00000920 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002Core.job 2013-09-28 20:27 - 2013-09-19 22:42 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\TS3Client 2013-09-28 20:04 - 2013-09-28 20:04 - 00196744 _____ C:\Users\Nilsis\Downloads\script.zip 2013-09-28 19:33 - 2013-09-28 19:33 - 00000000 ____D C:\Users\Nilsis\Downloads\tictactoe 2013-09-28 19:32 - 2013-09-28 19:32 - 00132730 _____ C:\Users\Nilsis\Downloads\tictactoe.zip 2013-09-28 19:30 - 2013-09-28 19:30 - 00000841 _____ C:\Users\Nilsis\Downloads\tictactoe.c 2013-09-27 09:38 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-09-26 20:41 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM 2013-09-24 22:06 - 2013-06-24 12:05 - 00753134 _____ C:\Windows\system32\perfh007.dat 2013-09-24 22:06 - 2013-06-24 12:05 - 00155826 _____ C:\Windows\system32\perfc007.dat 2013-09-24 22:06 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-24 22:00 - 2013-09-24 22:00 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2013-09-24 22:00 - 2013-09-10 22:53 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-24 22:00 - 2013-09-10 22:53 - 00000000 ___RD C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-24 22:00 - 2013-06-24 03:08 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys 2013-09-24 21:59 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-24 21:58 - 2013-05-20 05:12 - 00014186 _____ C:\Windows\PFRO.log 2013-09-24 21:58 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData 2013-09-24 20:27 - 2013-09-14 18:38 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Skype 2013-09-20 22:53 - 2013-06-24 03:20 - 00000000 ____D C:\ProgramData\Norton 2013-09-20 21:32 - 2013-09-20 21:32 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-09-20 14:32 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Packages 2013-09-20 13:11 - 2013-09-20 13:11 - 00000000 ____D C:\Users\Nilsis\.eclipse 2013-09-20 13:11 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis 2013-09-20 13:07 - 2013-09-20 13:07 - 00000000 ____D C:\Users\Nilsis\Aptana Rubles 2013-09-20 13:06 - 2013-09-20 13:06 - 00000000 ____D C:\Users\Nilsis\Documents\Aptana Studio 3 Workspace 2013-09-20 09:24 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF 2013-09-19 22:42 - 2013-09-19 22:42 - 00001180 _____ C:\Users\Nilsis\Desktop\TeamSpeak 3 Client.lnk 2013-09-19 22:42 - 2013-09-19 22:42 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2013-09-19 22:42 - 2013-09-19 22:42 - 00000000 ____D C:\Users\Nilsis\AppData\Local\TeamSpeak 3 Client 2013-09-19 22:41 - 2013-09-19 22:41 - 32442656 _____ (TeamSpeak Systems GmbH) C:\Users\Nilsis\Downloads\TeamSpeak3-Client-win64-3.0.12.exe 2013-09-19 22:12 - 2013-05-20 05:27 - 00000000 ____D C:\ProgramData\McAfee 2013-09-19 22:01 - 2013-05-20 05:27 - 00000000 ____D C:\Program Files\Common Files\mcafee 2013-09-19 22:00 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-09-19 21:59 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore 2013-09-19 21:59 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe 2013-09-19 20:05 - 2013-09-19 20:01 - 00000000 ____D C:\Windows\system32\MRT 2013-09-18 22:34 - 2013-09-18 22:34 - 00000979 _____ C:\Users\Nilsis\Desktop\Harald Albersdorf Süderstraße 14.contact 2013-09-18 22:21 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP 2013-09-17 20:49 - 2013-09-17 20:49 - 00501248 _____ (Facebook Inc.) C:\Users\Nilsis\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe 2013-09-17 20:49 - 2013-09-17 20:49 - 00003792 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002UA 2013-09-17 20:49 - 2013-09-17 20:49 - 00003442 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2349251602-3775558666-3161326686-1002Core 2013-09-17 20:49 - 2013-09-17 20:49 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Facebook 2013-09-17 18:53 - 2013-09-17 18:53 - 00421880 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-17 18:53 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing 2013-09-17 18:36 - 2013-09-04 17:20 - 00000000 ____D C:\Program Files\Microsoft Office 15 2013-09-14 21:59 - 2012-07-26 09:21 - 00032502 _____ C:\Windows\setupact.log 2013-09-14 18:38 - 2013-09-14 18:38 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk 2013-09-14 18:38 - 2013-09-14 18:38 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-09-14 18:38 - 2013-09-14 18:38 - 00000000 ____D C:\ProgramData\Skype 2013-09-14 18:38 - 2013-09-14 18:37 - 32782192 _____ (Skype Technologies S.A.) C:\Users\Nilsis\Downloads\SkypeSetupFull_6.7.102.exe 2013-09-14 14:10 - 2013-09-14 14:10 - 00000477 _____ C:\Users\UpdatusUser\Desktop\Aptana Studio 3.lnk 2013-09-14 14:10 - 2013-09-14 14:10 - 00000477 _____ C:\Users\Nilsis\Desktop\Aptana Studio 3.lnk 2013-09-14 14:00 - 2013-09-14 13:59 - 153145968 _____ (Appcelerator, Inc.) C:\Users\Nilsis\Downloads\Aptana_Studio_3_Setup_3.4.2.exe 2013-09-12 21:54 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Nilsis\AppData\Local\clear.fi 2013-09-11 22:03 - 2013-09-11 22:02 - 00000000 ____D C:\Bildschirm 2013-09-11 19:21 - 2013-09-11 19:21 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Macromedia 2013-09-11 18:38 - 2013-09-11 18:19 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Adobe 2013-09-11 18:23 - 2013-09-11 18:23 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-11 17:31 - 2013-09-11 17:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2013-09-11 17:27 - 2013-09-11 17:27 - 00002149 _____ C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00002128 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00002128 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ___RD C:\Users\Nilsis\SkyDrive 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive 2013-09-11 17:27 - 2013-09-11 17:27 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive 2013-09-11 02:03 - 2013-09-11 02:03 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Intel_Corporation 2013-09-11 01:41 - 2013-05-20 05:27 - 00000000 ____D C:\Program Files\mcafee 2013-09-11 01:37 - 2013-09-11 01:37 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\ProgramData\Mozilla 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-11 01:37 - 2013-09-11 01:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-11 01:35 - 2013-09-11 01:35 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Macromedia 2013-09-10 22:58 - 2013-06-24 02:25 - 00000000 ____D C:\ProgramData\Intel 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Public\OEM 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Nilsis\PicStream 2013-09-10 22:57 - 2013-09-10 22:57 - 00000000 ____D C:\Users\Nilsis\Documents\clear.fi 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Synaptics 2013-09-10 22:54 - 2013-09-10 22:54 - 00000000 ____D C:\ProgramData\OEM_YAHOO 2013-09-10 22:54 - 2013-05-20 06:08 - 00000000 ___HD C:\OEM 2013-09-10 22:53 - 2013-09-10 22:53 - 00001446 _____ C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-09-10 22:53 - 2013-09-10 22:53 - 00000442 _____ C:\Users\Nilsis\Downloads\Desktop.lnk 2013-09-10 22:53 - 2013-09-10 22:53 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Adobe 2013-09-10 22:52 - 2013-09-10 22:52 - 00000020 ___SH C:\Users\Nilsis\ntuser.ini 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Vorlagen 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Startmenü 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Netzwerkumgebung 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Lokale Einstellungen 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Eigene Dateien 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Druckumgebung 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Documents\Eigene Musik 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Documents\Eigene Bilder 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Local\Verlauf 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\AppData\Local\Anwendungsdaten 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 _SHDL C:\Users\Nilsis\Anwendungsdaten 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\Intel 2013-09-10 22:52 - 2013-09-10 22:52 - 00000000 ____D C:\Users\Nilsis\AppData\Local\VirtualStore 2013-09-10 22:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2013-09-10 22:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Vorlagen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Startmenü 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Programme 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Vorlagen 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Startmenü 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Dokumente 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2013-09-10 22:48 - 2013-09-10 22:48 - 00000000 _SHDL C:\Dokumente und Einstellungen 2013-09-10 22:48 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT 2013-09-10 22:48 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default 2013-09-05 22:09 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-05 22:09 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-04 17:23 - 2013-09-04 17:23 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Apps\2.0 2013-09-04 17:19 - 2013-09-04 17:19 - 00574656 _____ (Microsoft Corporation) C:\Users\Nilsis\Downloads\Setup.X86.de-DE_O365HomePremRetail_16e483c8-d43d-46bb-aa49-34bea1242bfe_TX_DB_.exe 2013-09-04 17:08 - 2013-05-20 05:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-04 17:04 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore 2013-09-04 11:14 - 2013-09-04 11:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2013-09-04 11:14 - 2013-09-04 11:14 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-09-04 09:50 - 2013-09-04 09:50 - 00000000 _____ C:\Users\Nilsis\Desktop\Neues Textdokument.txt 2013-09-03 22:32 - 2013-09-03 22:32 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\NVIDIA 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Public\CyberLink 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Nilsis\AppData\Roaming\CyberLink 2013-09-03 22:28 - 2013-09-03 22:28 - 00000000 ____D C:\Users\Nilsis\AppData\Local\Cyberlink 2013-09-03 22:28 - 2013-06-24 03:24 - 00000000 ____D C:\ProgramData\CyberLink 2013-09-03 22:13 - 2013-09-03 22:13 - 00000355 _____ C:\Users\Nilsis\Desktop\Arbeitsplatz.lnk 2013-09-01 17:08 - 2013-09-19 20:01 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Some content of TEMP: ==================== C:\Users\Nilsis\AppData\Local\Temp\fp_pl_pfs_installer-1.exe C:\Users\Nilsis\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\Nilsis\AppData\Local\Temp\OfficeSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-05-20 05:12 ==================== End Of Log ============================ |
|
29.09.2013, 18:09
| #5 | |
| /// the machine /// TB-Ausbilder | Mein 64 BIT System macht was es will!! Deinstalliere alles an Sicherheitssoftware bis auf eines. Man benutzt nur ein AV Programm. Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Mein 64 BIT System macht was es will!! |
| 64 bit, 64 bit system, abend, avira, bildschirmtastatur, check, fährt runter, glaube, guten, leute, mcafee, merkwürdige, nicht mehr, reagiert, reagiert nicht, reagiert nicht mehr, runter, starte, startet, startet nicht, system, tastatur funktionert nicht, troja, trojaner, zeitweise |
Linear-Darstellung
