Windows 8: Pup.Optional gefunden

Iischen · 29.09.2013, 01:41

Hallo zusammen,
ich hab meinen Laptop ganz neu, aber leider schon einen Virus :/
Ich habe ihn mit MBAM gefunden und auch schon gelöscht, nun will ich nur wissen ob er ganz weg ist, könnt ihr mir helfen?
Bei weiteren Scans mit MBAM wurde nichts mehr gefunden.
Danke schonmal

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.28.11

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16384
Isa :: ISAS-ACER [limitiert]

29.09.2013 01:17:49
MBAM-log-2013-09-29 (02-10-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 351423
Laufzeit: 51 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\IE\priam_bho.dll.vir (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\update.exe.vir (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\WajamUpdater.exe.vir (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt.

(Ende)

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by Isa (administrator) on ISAS-ACER on 29-09-2013 02:00:44
Running from C:\Users\Isa\Desktop\Virus
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Qualcomm Atheros) c:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) c:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\syswow64\wwahost.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-07-31] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568 2012-08-22] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-07-31] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [202600 2012-07-31] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = 
SearchScopes: HKCU - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Google Docs) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (SiteAdvisor) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_1
CHR Extension: (Lakeside Sunrise Theme) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgdnkapcadpkfhpeljgdnoebcppgean\1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1
CHR Extension: (Gmail) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-08-06] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-08-05] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-22] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-12] (Dritek System INC.)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [344720 2012-08-22] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)

==================== Drivers (Whitelisted) ====================

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [377040 2013-07-09] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-07-09] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-12] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-29 03:20 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-482187.txt
2013-09-29 03:20 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-483156.txt
2013-09-29 03:19 - 2013-09-29 03:19 - 00000117 _____ C:\Windows\system32\netcfg-427390.txt
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-09-29 02:00 - 2013-09-29 02:00 - 00000000 ____D C:\FRST
2013-09-29 01:59 - 2013-09-29 01:59 - 00000000 ____D C:\Users\Isa\Desktop\Virus
2013-09-29 01:57 - 2013-09-29 01:57 - 00000000 _____ C:\Users\Isa\defogger_reenable
2013-09-29 01:23 - 2013-09-29 01:23 - 00000117 _____ C:\Windows\system32\netcfg-437390.txt
2013-09-29 01:16 - 2013-09-29 01:16 - 00000936 _____ C:\Windows\PFRO.log
2013-09-29 01:16 - 2013-09-29 01:16 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-09-29 01:15 - 2013-09-29 01:15 - 00000117 _____ C:\Windows\system32\netcfg-5755468.txt
2013-09-29 00:26 - 2013-09-29 00:26 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-29 00:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-29 00:24 - 2013-09-29 00:25 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Isa\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-29 00:15 - 2013-09-29 01:43 - 00077104 _____ C:\Windows\WindowsUpdate.log
2013-09-29 00:08 - 2013-09-29 00:08 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-29 00:00 - 2013-09-29 01:16 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-29 00:00 - 2013-09-29 00:00 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-29 00:00 - 2013-09-29 00:00 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-29 00:00 - 2013-09-29 00:00 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-28 23:40 - 2013-09-28 23:40 - 00000117 _____ C:\Windows\system32\netcfg-24234.txt
2013-09-28 23:39 - 2013-09-28 23:39 - 00000117 _____ C:\Windows\system32\netcfg-9064750.txt
2013-09-28 23:37 - 2013-09-29 01:15 - 00000000 ____D C:\AdwCleaner
2013-09-28 23:37 - 2013-09-28 23:37 - 01039554 _____ C:\Users\Isa\Downloads\adwcleaner005.exe
2013-09-28 23:28 - 2013-09-28 23:28 - 00002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-28 23:28 - 2013-09-28 23:28 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-28 23:28 - 2013-09-28 23:28 - 00000000 ____D C:\Program Files\CCleaner
2013-09-28 23:27 - 2013-09-28 23:27 - 04369632 _____ (Piriform Ltd) C:\Users\Isa\Downloads\ccsetup406.exe
2013-09-28 23:20 - 2013-09-29 01:25 - 00000940 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-09-28 23:20 - 2013-09-29 01:16 - 00000936 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-09-28 23:20 - 2013-09-28 23:45 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-09-28 23:20 - 2013-09-28 23:20 - 00003912 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-09-28 23:20 - 2013-09-28 23:20 - 00003676 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-09-28 22:18 - 2012-05-28 10:28 - 00197264 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-09-28 22:17 - 2013-09-29 02:01 - 00000000 ____D C:\Users\Isa\AppData\Local\CrashDumps
2013-09-28 22:13 - 2013-09-29 00:08 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-28 22:13 - 2013-09-28 22:22 - 00000000 ____D C:\Users\Isa\AppData\Local\Google
2013-09-28 22:11 - 2013-09-29 00:00 - 00000000 ____D C:\Users\Isa\AppData\Local\Deployment
2013-09-28 22:11 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Apps\2.0
2013-09-28 22:06 - 2013-09-28 22:06 - 00000000 ____D C:\Users\Isa\PicStream
2013-09-28 22:05 - 2013-09-28 22:39 - 00000000 ____D C:\Users\Isa\AppData\Local\clear.fi
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456718.txt
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456343.txt
2013-09-28 22:02 - 2013-09-28 22:02 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-28 21:37 - 2013-09-28 21:37 - 00000000 ____D C:\Users\Isa\AppData\Local\EgisTec IPS
2013-09-28 21:34 - 2013-09-29 01:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2794635576-2599266069-3530023200-1002
2013-09-28 21:29 - 2013-09-28 21:29 - 00002156 _____ C:\Users\Isa\Desktop\McAfee Anti-Theft.lnk
2013-09-28 21:29 - 2013-09-28 21:29 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Atheros
2013-09-28 21:28 - 2013-09-28 23:38 - 00000995 _____ C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 21:28 - 2013-09-28 21:29 - 00000000 ____D C:\Program Files\Preload
2013-09-28 21:28 - 2013-09-28 21:28 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Macromedia
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\lm
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Adobe
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Accessory Store
2013-09-28 21:27 - 2013-09-29 01:57 - 00000000 ____D C:\Users\Isa
2013-09-28 21:27 - 2013-09-28 22:25 - 00000000 ____D C:\Users\Isa\AppData\Local\Packages
2013-09-28 21:27 - 2013-09-28 21:27 - 00000020 ___SH C:\Users\Isa\ntuser.ini
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Vorlagen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Startmenü
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Netzwerkumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Lokale Einstellungen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Eigene Dateien
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Druckumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Musik
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Bilder
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Verlauf
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\VirtualStore
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486281.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486234.txt

==================== One Month Modified Files and Folders =======

2013-09-29 03:20 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-482187.txt
2013-09-29 03:19 - 2013-09-29 03:19 - 00000117 _____ C:\Windows\system32\netcfg-427390.txt
2013-09-29 03:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-09-29 03:13 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-09-29 03:13 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-09-29 02:01 - 2013-09-28 22:17 - 00000000 ____D C:\Users\Isa\AppData\Local\CrashDumps
2013-09-29 02:00 - 2013-09-29 02:00 - 00000000 ____D C:\FRST
2013-09-29 02:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-29 01:59 - 2013-09-29 01:59 - 00000000 ____D C:\Users\Isa\Desktop\Virus
2013-09-29 01:57 - 2013-09-29 01:57 - 00000000 _____ C:\Users\Isa\defogger_reenable
2013-09-29 01:57 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa
2013-09-29 01:43 - 2013-09-29 00:15 - 00077104 _____ C:\Windows\WindowsUpdate.log
2013-09-29 01:31 - 2013-09-28 21:34 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2794635576-2599266069-3530023200-1002
2013-09-29 01:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore
2013-09-29 01:25 - 2013-09-28 23:20 - 00000940 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-09-29 01:23 - 2013-09-29 01:23 - 00000117 _____ C:\Windows\system32\netcfg-437390.txt
2013-09-29 01:23 - 2012-09-12 10:22 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-09-29 01:23 - 2012-09-12 10:22 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-09-29 01:23 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-29 01:20 - 2012-08-03 03:58 - 00001848 _____ C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2013-09-29 01:16 - 2013-09-29 01:16 - 00000936 _____ C:\Windows\PFRO.log
2013-09-29 01:16 - 2013-09-29 01:16 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-09-29 01:16 - 2013-09-29 00:00 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-29 01:16 - 2013-09-28 23:20 - 00000936 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-09-29 01:16 - 2012-08-03 03:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-09-29 01:16 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-29 01:15 - 2013-09-29 01:15 - 00000117 _____ C:\Windows\system32\netcfg-5755468.txt
2013-09-29 01:15 - 2013-09-28 23:37 - 00000000 ____D C:\AdwCleaner
2013-09-29 01:15 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-09-29 00:26 - 2013-09-29 00:26 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-29 00:25 - 2013-09-29 00:24 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Isa\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-29 00:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-29 00:08 - 2013-09-29 00:08 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-29 00:08 - 2013-09-28 22:13 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-29 00:00 - 2013-09-29 00:00 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-29 00:00 - 2013-09-29 00:00 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-29 00:00 - 2013-09-29 00:00 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-29 00:00 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Deployment
2013-09-28 23:45 - 2013-09-28 23:20 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-09-28 23:42 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-09-28 23:40 - 2013-09-28 23:40 - 00000117 _____ C:\Windows\system32\netcfg-24234.txt
2013-09-28 23:40 - 2012-08-03 03:58 - 00000000 ____D C:\ProgramData\McAfee
2013-09-28 23:40 - 2012-08-03 03:58 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-09-28 23:39 - 2013-09-28 23:39 - 00000117 _____ C:\Windows\system32\netcfg-9064750.txt
2013-09-28 23:38 - 2013-09-28 21:28 - 00000995 _____ C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 23:37 - 2013-09-28 23:37 - 01039554 _____ C:\Users\Isa\Downloads\adwcleaner005.exe
2013-09-28 23:28 - 2013-09-28 23:28 - 00002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-28 23:28 - 2013-09-28 23:28 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-28 23:28 - 2013-09-28 23:28 - 00000000 ____D C:\Program Files\CCleaner
2013-09-28 23:28 - 2012-08-03 04:50 - 00000000 ____D C:\Windows\Panther
2013-09-28 23:27 - 2013-09-28 23:27 - 04369632 _____ (Piriform Ltd) C:\Users\Isa\Downloads\ccsetup406.exe
2013-09-28 23:20 - 2013-09-28 23:20 - 00003912 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-09-28 23:20 - 2013-09-28 23:20 - 00003676 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-09-28 22:39 - 2013-09-28 22:05 - 00000000 ____D C:\Users\Isa\AppData\Local\clear.fi
2013-09-28 22:25 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\Packages
2013-09-28 22:22 - 2013-09-28 22:13 - 00000000 ____D C:\Users\Isa\AppData\Local\Google
2013-09-28 22:17 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-09-28 22:11 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Apps\2.0
2013-09-28 22:06 - 2013-09-28 22:06 - 00000000 ____D C:\Users\Isa\PicStream
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456718.txt
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456343.txt
2013-09-28 22:02 - 2013-09-28 22:02 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-28 21:37 - 2013-09-28 21:37 - 00000000 ____D C:\Users\Isa\AppData\Local\EgisTec IPS
2013-09-28 21:37 - 2012-08-03 03:59 - 00000000 ____D C:\ProgramData\EgisTec IPS
2013-09-28 21:29 - 2013-09-28 21:29 - 00002156 _____ C:\Users\Isa\Desktop\McAfee Anti-Theft.lnk
2013-09-28 21:29 - 2013-09-28 21:29 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Atheros
2013-09-28 21:29 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Preload
2013-09-28 21:29 - 2012-08-03 04:48 - 00000000 ___HD C:\OEM
2013-09-28 21:28 - 2013-09-28 21:28 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Macromedia
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\lm
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Adobe
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Accessory Store
2013-09-28 21:28 - 2012-08-03 03:58 - 00000000 ____D C:\ProgramData\OEM
2013-09-28 21:27 - 2013-09-28 21:27 - 00000020 ___SH C:\Users\Isa\ntuser.ini
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Vorlagen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Startmenü
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Netzwerkumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Lokale Einstellungen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Eigene Dateien
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Druckumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Musik
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Bilder
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Verlauf
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\VirtualStore
2013-09-28 21:27 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-09-28 21:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-28 21:16 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-483156.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486281.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486234.txt

Some content of TEMP:
====================
C:\Users\Isa\AppData\Local\Temp\ICReinstall_SkypeSetup.exe
C:\Users\Isa\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-08-03 03:50

==================== End Of Log ============================

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
Ran by Isa at 2013-09-29 02:01:38
Running from C:\Users\Isa\Desktop\Virus
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.1910)
 clear.fi SDK- Movie 2 (x32 Version: 2.1.1910)
Acer Backup Manager (x32 Version: 4.0.0.0059)
Acer Device Fast-lane (Version: 1.00.3007)
Acer Instant Update Service (Version: 1.00.3013)
Acer PicEvermore (x32 Version: 1.0.0.0035)
Acer Power Management (Version: 7.00.3006)
Acer Recovery Management (Version: 6.00.3011)
Acer Theft Shield (Version: 1.01.3001)
Acer USB Charge Manager (Version: 2.00.3001)
AcerCloud (x32 Version: 2.01.3115)
AcerCloud Docs (x32 Version: 1.00.3201)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Aloha TriPeaks (x32 Version: 2.2.0.98)
Backup Manager v4 (x32 Version: 4.0.0.0059)
Bejeweled 3 (x32 Version: 2.2.0.98)
CCleaner (Version: 4.06)
clear.fi Media (x32 Version: 2.01.3107)
clear.fi Photo (x32 Version: 2.01.3107)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98)
Dolby Home Theater v4 (x32 Version: 7.2.8000.16)
ETDWare PS/2-X64 11.6.4.001_WHQL (Version: 11.6.4.001)
ExpressCache (Version: 1.0.86)
Final Drive: Nitro (x32 Version: 2.2.0.95)
Google Chrome (x32 Version: 29.0.1547.76)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110)
Identity Card (x32 Version: 2.00.3004)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Start Technology (x32 Version: 2.1.0.1002)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Island Tribe (x32 Version: 2.2.0.98)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Launch Manager (x32 Version: 7.0.4)
Live Updater (x32 Version: 2.00.3003)
Magic Academy (x32 Version: 2.2.0.98)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Internet Security Suite (x32 Version: 12.8.750)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
MyWinLocker (Version: 4.0.14.35)
MyWinLocker 4 (x32 Version: 4.0.14.35)
MyWinLocker Suite (x32 Version: 4.0.14.24)
Norton Online Backup (x32 Version: 2.2.3.45)
Norton Online Backup ARA (x32 Version: 4.1.0.10)
NTI Media Maker 9 (x32 Version: 9.0.2.9008)
NVIDIA Grafiktreiber 305.46 (Version: 305.46)
NVIDIA Install Application (Version: 2.1002.82.513)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613)
NVIDIA Systemsteuerung 305.46 (Version: 305.46)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Office Addin (x32 Version: 2.01.3200)
Penguins! (x32 Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Polar Bowler (x32 Version: 2.2.0.97)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.204)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.05)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.28123)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Sleep Memory Optimizer (Version: 1.01.3000)
Smart Timer (x32 Version: 1.00.3007)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update Installer for WildTangent Games App (x32)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.3)
Zuma's Revenge (x32 Version: 2.2.0.98)

==================== Restore Points  =========================

28-09-2013 23:27:40 eBay Worldwide wird entfernt

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {007A90BD-63BE-40A4-B758-658285BB3BEC} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {0E897566-C00F-4BB3-B2E5-B3E90167E62B} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {0F6B5338-306D-41DE-8EA5-BF353C202C7A} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {332E5027-FD0D-440B-8AB0-290E400DFB1A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-24] ()
Task: {663817F0-72C5-4A37-80ED-BF6BE80313EB} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {7020F102-2B8B-452D-927A-5AA4BC9D2CEC} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {74FAFD28-AAB2-4636-AEEA-04DB00048390} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: {78CC63D2-731F-4E62-B968-A54255ACEE6E} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: {83DC54CB-FF52-4732-BE30-6A63C9BD8663} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-19] (Intel)
Task: {9E4D3C6D-D336-419B-936C-BEC8AC0939F9} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {A8301C96-1C0A-434E-959A-2C2EBF773952} - System32\Tasks\Smart Timer Task Scheduler => C:\Program Files\Smart Timer\Smart_Timer.exe [2012-06-22] (Acer Incorporated)
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {AC853C74-DF9B-46F2-B30B-BF76A72E0BBA} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {B6FED6EF-F955-4CDA-AF31-A0F375970383} - System32\Tasks\Theft Shield\AcerTheftShieldTask => C:\Program Files\Acer\Acer Theft Shield\USecuAppLauncher.exe [2012-08-22] (Acer Incorporated)
Task: {B72ACC57-C112-4B77-9922-4944040C2A38} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {CED8D654-B5A2-411B-9306-D6F96AF52426} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-29] (Google Inc.)
Task: {DFB5A716-D004-4FFD-AF73-A29EA29E2D84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-29] (Google Inc.)
Task: {F02A5516-5EB9-4DF8-B0C3-F94F5AB98A93} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {F8E9F306-F34A-402E-A5B7-FB560F72E779} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-08-11 22:46 - 2012-08-07 16:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-31 17:45 - 2012-07-31 17:45 - 00384128 _____ () c:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-07-31 17:40 - 2012-07-31 17:40 - 00020992 _____ () c:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-08-22 23:26 - 2012-08-22 23:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-22 23:25 - 2012-08-22 23:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-22 23:26 - 2012-08-22 23:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-22 23:25 - 2012-08-22 23:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-22 23:25 - 2012-08-22 23:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-22 23:25 - 2012-08-22 23:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-22 23:26 - 2012-08-22 23:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-09-12 00:45 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-29 00:08 - 2013-09-17 05:20 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-29 00:08 - 2013-09-17 05:20 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll
2013-09-29 00:08 - 2013-09-17 05:21 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-29 00:08 - 2013-09-17 05:21 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-29 00:08 - 2013-09-17 05:20 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
2013-09-29 00:08 - 2013-09-17 05:21 - 13611984 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2013 02:01:24 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1350
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:58:25 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0xf84
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:54:44 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1ad4
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:47:24 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1a0c
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:43:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: ISAS-ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/29/2013 01:43:43 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1ac0
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:35:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: ISAS-ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/29/2013 01:35:08 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1a08
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:33:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x165c
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:26:50 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x17f8
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5


System errors:
=============
Error: (09/29/2013 00:27:05 AM) (Source: DCOM) (User: ISAS-ACER)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Isas-AcerIsaS-1-5-21-2794635576-2599266069-3530023200-1002LocalHost (unter Verwendung von LRPC)Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2S-1-15-2-1566113643-3457890625-2773052717-3604661574-1193979766-2894550657-4013660604

Error: (09/29/2013 00:16:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: GAMELOFTSA.SharkDash

Error: (09/29/2013 00:16:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: ZeptoLabUKLimited.CutTheRope

Error: (09/29/2013 00:00:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: ZeptoLabUKLimited.CutTheRope

Error: (09/29/2013 00:00:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: GAMELOFTSA.SharkDash

Error: (09/28/2013 11:39:07 PM) (Source: DCOM) (User: ISAS-ACER)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (09/28/2013 10:22:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: GAMELOFTSA.SharkDash

Error: (09/28/2013 10:08:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: ZeptoLabUKLimited.CutTheRope

Error: (09/28/2013 10:06:12 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst McNASvc erreicht.

Error: (09/28/2013 10:00:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: GAMELOFTSA.SharkDash


Microsoft Office Sessions:
=========================
Error: (09/29/2013 02:01:24 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c00000050000000000000000135001cebca6faee66b3C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown46ef5d68-289a-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:58:25 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c00000050000000000000000f8401cebca67832a18fC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknowndc58e8fd-2899-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:54:44 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c000000500000000000000001ad401cebca5160142faC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown587d7621-2899-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:47:24 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c000000500000000000000001a0c01cebca4a2e6c95dC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown52bfc8e3-2898-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:43:45 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: ISAS-ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147023170

Error: (09/29/2013 01:43:43 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c000000500000000000000001ac001cebca39f6210c6C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknownceb9466b-2897-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:35:10 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: ISAS-ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147023170

Error: (09/29/2013 01:35:08 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c000000500000000000000001a0801cebca358f3e7eaC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown9beeba2a-2896-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:33:57 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c00000050000000000000000165c01cebca25794c017C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown717ea224-2896-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:26:50 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c0000005000000000000000017f801cebca22b0a80beC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown72ed93df-2895-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail


==================== Memory info =========================== 

Percentage of memory in use: 75%
Total physical RAM: 3911.27 MB
Available physical RAM: 956.95 MB
Total Pagefile: 7495.27 MB
Available Pagefile: 4005.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:444.95 GB) (Free:412.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: F4FCF906)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 19 GB) (Disk ID: F83E1809)

Partition: GPT Partition Type
==================== End Of Log ============================

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 01:57 on 29/09/2013 (Isa)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Code:

ATTFilter

# AdwCleaner v3.004 - Bericht erstellt am 29/09/2013 um 01:15:04
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Isa - ISAS-ACER
# Gestartet von : C:\Users\Isa\Downloads\adwcleaner005.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16384


-\\ Google Chrome v29.0.1547.76

[ Datei : C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7917 octets] - [28/09/2013 23:37:44]
AdwCleaner[R1].txt - [934 octets] - [28/09/2013 23:47:23]
AdwCleaner[R2].txt - [1112 octets] - [29/09/2013 01:13:14]
AdwCleaner[S0].txt - [5526 octets] - [28/09/2013 23:38:43]
AdwCleaner[S1].txt - [1036 octets] - [29/09/2013 01:15:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1096 octets] ##########

Windows 8: Pup.Optional gefunden

Log-Analyse und Auswertung: Windows 8: Pup.Optional gefunden

Windows 8: Pup.Optional gefunden

Ähnliche Themen: Windows 8: Pup.Optional gefunden