Windows 8: Pup.Optional gefunden

Iischen · 29.09.2013, 01:41

Hallo zusammen,
ich hab meinen Laptop ganz neu, aber leider schon einen Virus :/
Ich habe ihn mit MBAM gefunden und auch schon gelöscht, nun will ich nur wissen ob er ganz weg ist, könnt ihr mir helfen?
Bei weiteren Scans mit MBAM wurde nichts mehr gefunden.
Danke schonmal

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.28.11

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16384
Isa :: ISAS-ACER [limitiert]

29.09.2013 01:17:49
MBAM-log-2013-09-29 (02-10-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 351423
Laufzeit: 51 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\IE\priam_bho.dll.vir (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\update.exe.vir (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\WajamUpdater.exe.vir (PUP.Optional.Wajam.A) -> Keine Aktion durchgeführt.

(Ende)

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by Isa (administrator) on ISAS-ACER on 29-09-2013 02:00:44
Running from C:\Users\Isa\Desktop\Virus
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Qualcomm Atheros) c:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) c:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\syswow64\wwahost.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-07-31] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568 2012-08-22] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-07-31] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [202600 2012-07-31] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = 
SearchScopes: HKCU - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Google Docs) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (SiteAdvisor) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_1
CHR Extension: (Lakeside Sunrise Theme) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgdnkapcadpkfhpeljgdnoebcppgean\1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1
CHR Extension: (Gmail) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-08-06] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-08-05] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-22] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-12] (Dritek System INC.)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [344720 2012-08-22] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)

==================== Drivers (Whitelisted) ====================

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [377040 2013-07-09] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-07-09] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-12] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-29 03:20 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-482187.txt
2013-09-29 03:20 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-483156.txt
2013-09-29 03:19 - 2013-09-29 03:19 - 00000117 _____ C:\Windows\system32\netcfg-427390.txt
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-09-29 02:00 - 2013-09-29 02:00 - 00000000 ____D C:\FRST
2013-09-29 01:59 - 2013-09-29 01:59 - 00000000 ____D C:\Users\Isa\Desktop\Virus
2013-09-29 01:57 - 2013-09-29 01:57 - 00000000 _____ C:\Users\Isa\defogger_reenable
2013-09-29 01:23 - 2013-09-29 01:23 - 00000117 _____ C:\Windows\system32\netcfg-437390.txt
2013-09-29 01:16 - 2013-09-29 01:16 - 00000936 _____ C:\Windows\PFRO.log
2013-09-29 01:16 - 2013-09-29 01:16 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-09-29 01:15 - 2013-09-29 01:15 - 00000117 _____ C:\Windows\system32\netcfg-5755468.txt
2013-09-29 00:26 - 2013-09-29 00:26 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-29 00:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-29 00:24 - 2013-09-29 00:25 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Isa\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-29 00:15 - 2013-09-29 01:43 - 00077104 _____ C:\Windows\WindowsUpdate.log
2013-09-29 00:08 - 2013-09-29 00:08 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-29 00:00 - 2013-09-29 01:16 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-29 00:00 - 2013-09-29 00:00 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-29 00:00 - 2013-09-29 00:00 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-29 00:00 - 2013-09-29 00:00 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-28 23:40 - 2013-09-28 23:40 - 00000117 _____ C:\Windows\system32\netcfg-24234.txt
2013-09-28 23:39 - 2013-09-28 23:39 - 00000117 _____ C:\Windows\system32\netcfg-9064750.txt
2013-09-28 23:37 - 2013-09-29 01:15 - 00000000 ____D C:\AdwCleaner
2013-09-28 23:37 - 2013-09-28 23:37 - 01039554 _____ C:\Users\Isa\Downloads\adwcleaner005.exe
2013-09-28 23:28 - 2013-09-28 23:28 - 00002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-28 23:28 - 2013-09-28 23:28 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-28 23:28 - 2013-09-28 23:28 - 00000000 ____D C:\Program Files\CCleaner
2013-09-28 23:27 - 2013-09-28 23:27 - 04369632 _____ (Piriform Ltd) C:\Users\Isa\Downloads\ccsetup406.exe
2013-09-28 23:20 - 2013-09-29 01:25 - 00000940 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-09-28 23:20 - 2013-09-29 01:16 - 00000936 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-09-28 23:20 - 2013-09-28 23:45 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-09-28 23:20 - 2013-09-28 23:20 - 00003912 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-09-28 23:20 - 2013-09-28 23:20 - 00003676 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-09-28 22:18 - 2012-05-28 10:28 - 00197264 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-09-28 22:17 - 2013-09-29 02:01 - 00000000 ____D C:\Users\Isa\AppData\Local\CrashDumps
2013-09-28 22:13 - 2013-09-29 00:08 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-28 22:13 - 2013-09-28 22:22 - 00000000 ____D C:\Users\Isa\AppData\Local\Google
2013-09-28 22:11 - 2013-09-29 00:00 - 00000000 ____D C:\Users\Isa\AppData\Local\Deployment
2013-09-28 22:11 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Apps\2.0
2013-09-28 22:06 - 2013-09-28 22:06 - 00000000 ____D C:\Users\Isa\PicStream
2013-09-28 22:05 - 2013-09-28 22:39 - 00000000 ____D C:\Users\Isa\AppData\Local\clear.fi
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456718.txt
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456343.txt
2013-09-28 22:02 - 2013-09-28 22:02 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-28 21:37 - 2013-09-28 21:37 - 00000000 ____D C:\Users\Isa\AppData\Local\EgisTec IPS
2013-09-28 21:34 - 2013-09-29 01:31 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2794635576-2599266069-3530023200-1002
2013-09-28 21:29 - 2013-09-28 21:29 - 00002156 _____ C:\Users\Isa\Desktop\McAfee Anti-Theft.lnk
2013-09-28 21:29 - 2013-09-28 21:29 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Atheros
2013-09-28 21:28 - 2013-09-28 23:38 - 00000995 _____ C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 21:28 - 2013-09-28 21:29 - 00000000 ____D C:\Program Files\Preload
2013-09-28 21:28 - 2013-09-28 21:28 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Macromedia
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\lm
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Adobe
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Accessory Store
2013-09-28 21:27 - 2013-09-29 01:57 - 00000000 ____D C:\Users\Isa
2013-09-28 21:27 - 2013-09-28 22:25 - 00000000 ____D C:\Users\Isa\AppData\Local\Packages
2013-09-28 21:27 - 2013-09-28 21:27 - 00000020 ___SH C:\Users\Isa\ntuser.ini
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Vorlagen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Startmenü
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Netzwerkumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Lokale Einstellungen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Eigene Dateien
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Druckumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Musik
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Bilder
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Verlauf
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\VirtualStore
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486281.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486234.txt

==================== One Month Modified Files and Folders =======

2013-09-29 03:20 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-482187.txt
2013-09-29 03:19 - 2013-09-29 03:19 - 00000117 _____ C:\Windows\system32\netcfg-427390.txt
2013-09-29 03:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-09-29 03:13 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-09-29 03:13 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-09-29 02:01 - 2013-09-28 22:17 - 00000000 ____D C:\Users\Isa\AppData\Local\CrashDumps
2013-09-29 02:00 - 2013-09-29 02:00 - 00000000 ____D C:\FRST
2013-09-29 02:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-29 01:59 - 2013-09-29 01:59 - 00000000 ____D C:\Users\Isa\Desktop\Virus
2013-09-29 01:57 - 2013-09-29 01:57 - 00000000 _____ C:\Users\Isa\defogger_reenable
2013-09-29 01:57 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa
2013-09-29 01:43 - 2013-09-29 00:15 - 00077104 _____ C:\Windows\WindowsUpdate.log
2013-09-29 01:31 - 2013-09-28 21:34 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2794635576-2599266069-3530023200-1002
2013-09-29 01:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore
2013-09-29 01:25 - 2013-09-28 23:20 - 00000940 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-09-29 01:23 - 2013-09-29 01:23 - 00000117 _____ C:\Windows\system32\netcfg-437390.txt
2013-09-29 01:23 - 2012-09-12 10:22 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-09-29 01:23 - 2012-09-12 10:22 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-09-29 01:23 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-29 01:20 - 2012-08-03 03:58 - 00001848 _____ C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2013-09-29 01:16 - 2013-09-29 01:16 - 00000936 _____ C:\Windows\PFRO.log
2013-09-29 01:16 - 2013-09-29 01:16 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-09-29 01:16 - 2013-09-29 00:00 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-29 01:16 - 2013-09-28 23:20 - 00000936 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-09-29 01:16 - 2012-08-03 03:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-09-29 01:16 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-29 01:15 - 2013-09-29 01:15 - 00000117 _____ C:\Windows\system32\netcfg-5755468.txt
2013-09-29 01:15 - 2013-09-28 23:37 - 00000000 ____D C:\AdwCleaner
2013-09-29 01:15 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-09-29 00:26 - 2013-09-29 00:26 - 00001117 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-29 00:25 - 2013-09-29 00:24 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Isa\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-29 00:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-29 00:08 - 2013-09-29 00:08 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-29 00:08 - 2013-09-28 22:13 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-29 00:00 - 2013-09-29 00:00 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-29 00:00 - 2013-09-29 00:00 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-29 00:00 - 2013-09-29 00:00 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-29 00:00 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Deployment
2013-09-28 23:45 - 2013-09-28 23:20 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-09-28 23:42 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-09-28 23:40 - 2013-09-28 23:40 - 00000117 _____ C:\Windows\system32\netcfg-24234.txt
2013-09-28 23:40 - 2012-08-03 03:58 - 00000000 ____D C:\ProgramData\McAfee
2013-09-28 23:40 - 2012-08-03 03:58 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-09-28 23:39 - 2013-09-28 23:39 - 00000117 _____ C:\Windows\system32\netcfg-9064750.txt
2013-09-28 23:38 - 2013-09-28 21:28 - 00000995 _____ C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 23:37 - 2013-09-28 23:37 - 01039554 _____ C:\Users\Isa\Downloads\adwcleaner005.exe
2013-09-28 23:28 - 2013-09-28 23:28 - 00002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-28 23:28 - 2013-09-28 23:28 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-28 23:28 - 2013-09-28 23:28 - 00000000 ____D C:\Program Files\CCleaner
2013-09-28 23:28 - 2012-08-03 04:50 - 00000000 ____D C:\Windows\Panther
2013-09-28 23:27 - 2013-09-28 23:27 - 04369632 _____ (Piriform Ltd) C:\Users\Isa\Downloads\ccsetup406.exe
2013-09-28 23:20 - 2013-09-28 23:20 - 00003912 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-09-28 23:20 - 2013-09-28 23:20 - 00003676 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-09-28 22:39 - 2013-09-28 22:05 - 00000000 ____D C:\Users\Isa\AppData\Local\clear.fi
2013-09-28 22:25 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\Packages
2013-09-28 22:22 - 2013-09-28 22:13 - 00000000 ____D C:\Users\Isa\AppData\Local\Google
2013-09-28 22:17 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-09-28 22:11 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Apps\2.0
2013-09-28 22:06 - 2013-09-28 22:06 - 00000000 ____D C:\Users\Isa\PicStream
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456718.txt
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456343.txt
2013-09-28 22:02 - 2013-09-28 22:02 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-28 21:37 - 2013-09-28 21:37 - 00000000 ____D C:\Users\Isa\AppData\Local\EgisTec IPS
2013-09-28 21:37 - 2012-08-03 03:59 - 00000000 ____D C:\ProgramData\EgisTec IPS
2013-09-28 21:29 - 2013-09-28 21:29 - 00002156 _____ C:\Users\Isa\Desktop\McAfee Anti-Theft.lnk
2013-09-28 21:29 - 2013-09-28 21:29 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Atheros
2013-09-28 21:29 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Preload
2013-09-28 21:29 - 2012-08-03 04:48 - 00000000 ___HD C:\OEM
2013-09-28 21:28 - 2013-09-28 21:28 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Macromedia
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\lm
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Adobe
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Accessory Store
2013-09-28 21:28 - 2012-08-03 03:58 - 00000000 ____D C:\ProgramData\OEM
2013-09-28 21:27 - 2013-09-28 21:27 - 00000020 ___SH C:\Users\Isa\ntuser.ini
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Vorlagen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Startmenü
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Netzwerkumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Lokale Einstellungen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Eigene Dateien
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Druckumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Musik
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Bilder
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Verlauf
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\VirtualStore
2013-09-28 21:27 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-09-28 21:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-28 21:16 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-483156.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486281.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486234.txt

Some content of TEMP:
====================
C:\Users\Isa\AppData\Local\Temp\ICReinstall_SkypeSetup.exe
C:\Users\Isa\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-08-03 03:50

==================== End Of Log ============================

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013 02
Ran by Isa at 2013-09-29 02:01:38
Running from C:\Users\Isa\Desktop\Virus
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.1910)
 clear.fi SDK- Movie 2 (x32 Version: 2.1.1910)
Acer Backup Manager (x32 Version: 4.0.0.0059)
Acer Device Fast-lane (Version: 1.00.3007)
Acer Instant Update Service (Version: 1.00.3013)
Acer PicEvermore (x32 Version: 1.0.0.0035)
Acer Power Management (Version: 7.00.3006)
Acer Recovery Management (Version: 6.00.3011)
Acer Theft Shield (Version: 1.01.3001)
Acer USB Charge Manager (Version: 2.00.3001)
AcerCloud (x32 Version: 2.01.3115)
AcerCloud Docs (x32 Version: 1.00.3201)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Aloha TriPeaks (x32 Version: 2.2.0.98)
Backup Manager v4 (x32 Version: 4.0.0.0059)
Bejeweled 3 (x32 Version: 2.2.0.98)
CCleaner (Version: 4.06)
clear.fi Media (x32 Version: 2.01.3107)
clear.fi Photo (x32 Version: 2.01.3107)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98)
Dolby Home Theater v4 (x32 Version: 7.2.8000.16)
ETDWare PS/2-X64 11.6.4.001_WHQL (Version: 11.6.4.001)
ExpressCache (Version: 1.0.86)
Final Drive: Nitro (x32 Version: 2.2.0.95)
Google Chrome (x32 Version: 29.0.1547.76)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110)
Identity Card (x32 Version: 2.00.3004)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Start Technology (x32 Version: 2.1.0.1002)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Island Tribe (x32 Version: 2.2.0.98)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Launch Manager (x32 Version: 7.0.4)
Live Updater (x32 Version: 2.00.3003)
Magic Academy (x32 Version: 2.2.0.98)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Internet Security Suite (x32 Version: 12.8.750)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
MyWinLocker (Version: 4.0.14.35)
MyWinLocker 4 (x32 Version: 4.0.14.35)
MyWinLocker Suite (x32 Version: 4.0.14.24)
Norton Online Backup (x32 Version: 2.2.3.45)
Norton Online Backup ARA (x32 Version: 4.1.0.10)
NTI Media Maker 9 (x32 Version: 9.0.2.9008)
NVIDIA Grafiktreiber 305.46 (Version: 305.46)
NVIDIA Install Application (Version: 2.1002.82.513)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613)
NVIDIA Systemsteuerung 305.46 (Version: 305.46)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Office Addin (x32 Version: 2.01.3200)
Penguins! (x32 Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Polar Bowler (x32 Version: 2.2.0.97)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.204)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.05)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.28123)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Sleep Memory Optimizer (Version: 1.01.3000)
Smart Timer (x32 Version: 1.00.3007)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update Installer for WildTangent Games App (x32)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.3)
Zuma's Revenge (x32 Version: 2.2.0.98)

==================== Restore Points  =========================

28-09-2013 23:27:40 eBay Worldwide wird entfernt

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {007A90BD-63BE-40A4-B758-658285BB3BEC} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-22] ()
Task: {0E897566-C00F-4BB3-B2E5-B3E90167E62B} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-22] ()
Task: {0F6B5338-306D-41DE-8EA5-BF353C202C7A} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {332E5027-FD0D-440B-8AB0-290E400DFB1A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-24] ()
Task: {663817F0-72C5-4A37-80ED-BF6BE80313EB} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {7020F102-2B8B-452D-927A-5AA4BC9D2CEC} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {74FAFD28-AAB2-4636-AEEA-04DB00048390} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: {78CC63D2-731F-4E62-B968-A54255ACEE6E} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: {83DC54CB-FF52-4732-BE30-6A63C9BD8663} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-19] (Intel)
Task: {9E4D3C6D-D336-419B-936C-BEC8AC0939F9} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {A8301C96-1C0A-434E-959A-2C2EBF773952} - System32\Tasks\Smart Timer Task Scheduler => C:\Program Files\Smart Timer\Smart_Timer.exe [2012-06-22] (Acer Incorporated)
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {AC853C74-DF9B-46F2-B30B-BF76A72E0BBA} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {B6FED6EF-F955-4CDA-AF31-A0F375970383} - System32\Tasks\Theft Shield\AcerTheftShieldTask => C:\Program Files\Acer\Acer Theft Shield\USecuAppLauncher.exe [2012-08-22] (Acer Incorporated)
Task: {B72ACC57-C112-4B77-9922-4944040C2A38} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {CED8D654-B5A2-411B-9306-D6F96AF52426} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-29] (Google Inc.)
Task: {DFB5A716-D004-4FFD-AF73-A29EA29E2D84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-29] (Google Inc.)
Task: {F02A5516-5EB9-4DF8-B0C3-F94F5AB98A93} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {F8E9F306-F34A-402E-A5B7-FB560F72E779} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-08-11 22:46 - 2012-08-07 16:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-31 17:45 - 2012-07-31 17:45 - 00384128 _____ () c:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-07-31 17:40 - 2012-07-31 17:40 - 00020992 _____ () c:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-08-22 23:26 - 2012-08-22 23:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-22 23:25 - 2012-08-22 23:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-22 23:26 - 2012-08-22 23:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-22 23:25 - 2012-08-22 23:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-22 23:25 - 2012-08-22 23:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-22 23:25 - 2012-08-22 23:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-22 23:26 - 2012-08-22 23:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-09-12 00:45 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-29 00:08 - 2013-09-17 05:20 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-29 00:08 - 2013-09-17 05:20 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll
2013-09-29 00:08 - 2013-09-17 05:21 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-29 00:08 - 2013-09-17 05:21 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-29 00:08 - 2013-09-17 05:20 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
2013-09-29 00:08 - 2013-09-17 05:21 - 13611984 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2013 02:01:24 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1350
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:58:25 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0xf84
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:54:44 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1ad4
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:47:24 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1a0c
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:43:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: ISAS-ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/29/2013 01:43:43 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1ac0
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:35:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: ISAS-ACER)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/29/2013 01:35:08 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1a08
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:33:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x165c
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5

Error: (09/29/2013 01:26:50 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LiveComm.exe, Version: 17.0.1119.516, Zeitstempel: 0x519504e1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x17f8
Startzeit der fehlerhaften Anwendung: 0xLiveComm.exe0
Pfad der fehlerhaften Anwendung: LiveComm.exe1
Pfad des fehlerhaften Moduls: LiveComm.exe2
Berichtskennung: LiveComm.exe3
Vollständiger Name des fehlerhaften Pakets: LiveComm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LiveComm.exe5


System errors:
=============
Error: (09/29/2013 00:27:05 AM) (Source: DCOM) (User: ISAS-ACER)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Isas-AcerIsaS-1-5-21-2794635576-2599266069-3530023200-1002LocalHost (unter Verwendung von LRPC)Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2S-1-15-2-1566113643-3457890625-2773052717-3604661574-1193979766-2894550657-4013660604

Error: (09/29/2013 00:16:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: GAMELOFTSA.SharkDash

Error: (09/29/2013 00:16:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: ZeptoLabUKLimited.CutTheRope

Error: (09/29/2013 00:00:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: ZeptoLabUKLimited.CutTheRope

Error: (09/29/2013 00:00:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: GAMELOFTSA.SharkDash

Error: (09/28/2013 11:39:07 PM) (Source: DCOM) (User: ISAS-ACER)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (09/28/2013 10:22:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: GAMELOFTSA.SharkDash

Error: (09/28/2013 10:08:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: ZeptoLabUKLimited.CutTheRope

Error: (09/28/2013 10:06:12 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst McNASvc erreicht.

Error: (09/28/2013 10:00:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: GAMELOFTSA.SharkDash


Microsoft Office Sessions:
=========================
Error: (09/29/2013 02:01:24 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c00000050000000000000000135001cebca6faee66b3C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown46ef5d68-289a-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:58:25 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c00000050000000000000000f8401cebca67832a18fC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknowndc58e8fd-2899-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:54:44 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c000000500000000000000001ad401cebca5160142faC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown587d7621-2899-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:47:24 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c000000500000000000000001a0c01cebca4a2e6c95dC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown52bfc8e3-2898-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:43:45 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: ISAS-ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147023170

Error: (09/29/2013 01:43:43 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c000000500000000000000001ac001cebca39f6210c6C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknownceb9466b-2897-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:35:10 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: ISAS-ACER)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147023170

Error: (09/29/2013 01:35:08 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c000000500000000000000001a0801cebca358f3e7eaC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown9beeba2a-2896-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:33:57 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c00000050000000000000000165c01cebca25794c017C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown717ea224-2896-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail

Error: (09/29/2013 01:26:50 AM) (Source: Application Error)(User: )
Description: LiveComm.exe17.0.1119.516519504e1unknown0.0.0.000000000c0000005000000000000000017f801cebca22b0a80beC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exeunknown72ed93df-2895-11e3-be72-4c72b9897046microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbweMicrosoft.WindowsLive.Mail


==================== Memory info =========================== 

Percentage of memory in use: 75%
Total physical RAM: 3911.27 MB
Available physical RAM: 956.95 MB
Total Pagefile: 7495.27 MB
Available Pagefile: 4005.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:444.95 GB) (Free:412.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: F4FCF906)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 19 GB) (Disk ID: F83E1809)

Partition: GPT Partition Type
==================== End Of Log ============================

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 01:57 on 29/09/2013 (Isa)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Code:

ATTFilter

# AdwCleaner v3.004 - Bericht erstellt am 29/09/2013 um 01:15:04
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Isa - ISAS-ACER
# Gestartet von : C:\Users\Isa\Downloads\adwcleaner005.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16384


-\\ Google Chrome v29.0.1547.76

[ Datei : C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7917 octets] - [28/09/2013 23:37:44]
AdwCleaner[R1].txt - [934 octets] - [28/09/2013 23:47:23]
AdwCleaner[R2].txt - [1112 octets] - [29/09/2013 01:13:14]
AdwCleaner[S0].txt - [5526 octets] - [28/09/2013 23:38:43]
AdwCleaner[S1].txt - [1036 octets] - [29/09/2013 01:15:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1096 octets] ##########

schrauber · 29.09.2013, 05:35

hi,

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Iischen · 29.09.2013, 10:15

hey,
danke für die schnelle Antwort

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.005 - Bericht erstellt am 29/09/2013 um 10:35:47
# Updated 22/09/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Isa - ISAS-ACER
# Gestartet von : C:\Users\Isa\Desktop\Virus\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16384


-\\ Google Chrome v29.0.1547.76

[ Datei : C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7917 octets] - [28/09/2013 23:37:44]
AdwCleaner[R1].txt - [934 octets] - [28/09/2013 23:47:23]
AdwCleaner[R2].txt - [1112 octets] - [29/09/2013 01:13:14]
AdwCleaner[R3].txt - [1111 octets] - [29/09/2013 02:20:04]
AdwCleaner[R4].txt - [1235 octets] - [29/09/2013 10:34:20]
AdwCleaner[S0].txt - [5526 octets] - [28/09/2013 23:38:43]
AdwCleaner[S1].txt - [1176 octets] - [29/09/2013 01:15:04]
AdwCleaner[S2].txt - [1178 octets] - [29/09/2013 02:22:44]
AdwCleaner[S3].txt - [1159 octets] - [29/09/2013 10:35:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1219 octets] ##########

--- --- ---

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 8 x64
Ran by Isa on 29.09.2013 at 10:46:18,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.09.2013 at 11:02:32,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by Isa (administrator) on ISAS-ACER on 29-09-2013 11:06:14
Running from C:\Users\Isa\Desktop\Virus
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Qualcomm Atheros) c:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) c:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\syswow64\wwahost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\msc\mcupdmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Microsoft Corporation) C:\Windows\system32\wwahost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-07-31] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568 2012-08-22] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-07-31] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [202600 2012-07-31] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Google Docs) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (SiteAdvisor) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0
CHR Extension: (Lakeside Sunrise Theme) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgdnkapcadpkfhpeljgdnoebcppgean\1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1
CHR Extension: (Gmail) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx

==================== Services (Whitelisted) =================

S2 0277231380445521mcinstcleanup; C:\Windows\TEMP\027723~1.EXE [833616 2013-01-30] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-08-06] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-29] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-08-05] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-22] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-12] (Dritek System INC.)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [344720 2012-08-22] (Acer Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)

==================== Drivers (Whitelisted) ====================

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-29] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [377040 2013-07-09] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-07-09] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-12] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-29 11:02 - 2013-09-29 11:02 - 00000676 _____ C:\Users\Isa\Desktop\JRT.txt
2013-09-29 10:46 - 2013-09-29 10:46 - 00000000 ____D C:\Windows\ERUNT
2013-09-29 10:45 - 2013-09-29 10:45 - 00000117 _____ C:\Windows\system32\netcfg-506109.txt
2013-09-29 10:44 - 2013-09-29 10:44 - 00000117 _____ C:\Windows\system32\netcfg-469906.txt
2013-09-29 10:38 - 2013-09-29 10:38 - 00000117 _____ C:\Windows\system32\netcfg-84218.txt
2013-09-29 10:37 - 2013-09-29 10:37 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-09-29 10:36 - 2013-09-29 10:36 - 00000117 _____ C:\Windows\system32\netcfg-29547281.txt
2013-09-29 03:20 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-482187.txt
2013-09-29 03:20 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-483156.txt
2013-09-29 03:19 - 2013-09-29 03:19 - 00000117 _____ C:\Windows\system32\netcfg-427390.txt
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-09-29 02:56 - 2013-09-29 02:56 - 00000117 _____ C:\Windows\system32\netcfg-1968281.txt
2013-09-29 02:56 - 2013-09-29 02:56 - 00000117 _____ C:\Windows\system32\netcfg-1965781.txt
2013-09-29 02:25 - 2013-09-29 02:25 - 00000117 _____ C:\Windows\system32\netcfg-76031.txt
2013-09-29 02:23 - 2013-09-29 02:23 - 00000117 _____ C:\Windows\system32\netcfg-691953.txt
2013-09-29 02:13 - 2013-09-29 02:13 - 00000117 _____ C:\Windows\system32\netcfg-98515.txt
2013-09-29 02:11 - 2013-09-29 02:11 - 00000117 _____ C:\Windows\system32\netcfg-3314281.txt
2013-09-29 02:00 - 2013-09-29 02:00 - 00000000 ____D C:\FRST
2013-09-29 01:59 - 2013-09-29 11:06 - 00000000 ____D C:\Users\Isa\Desktop\Virus
2013-09-29 01:57 - 2013-09-29 01:57 - 00000000 _____ C:\Users\Isa\defogger_reenable
2013-09-29 01:23 - 2013-09-29 01:23 - 00000117 _____ C:\Windows\system32\netcfg-437390.txt
2013-09-29 01:16 - 2013-09-29 10:37 - 00002572 _____ C:\Windows\PFRO.log
2013-09-29 01:15 - 2013-09-29 01:15 - 00000117 _____ C:\Windows\system32\netcfg-5755468.txt
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-29 00:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-29 00:15 - 2013-09-29 01:43 - 00077104 _____ C:\Windows\WindowsUpdate.log
2013-09-29 00:08 - 2013-09-29 00:08 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-29 00:00 - 2013-09-29 10:37 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-29 00:00 - 2013-09-29 00:00 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-29 00:00 - 2013-09-29 00:00 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-29 00:00 - 2013-09-29 00:00 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-28 23:40 - 2013-09-28 23:40 - 00000117 _____ C:\Windows\system32\netcfg-24234.txt
2013-09-28 23:39 - 2013-09-28 23:39 - 00000117 _____ C:\Windows\system32\netcfg-9064750.txt
2013-09-28 23:37 - 2013-09-29 10:36 - 00000000 ____D C:\AdwCleaner
2013-09-28 23:28 - 2013-09-28 23:28 - 00002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-28 23:28 - 2013-09-28 23:28 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-28 23:28 - 2013-09-28 23:28 - 00000000 ____D C:\Program Files\CCleaner
2013-09-28 23:20 - 2013-09-29 10:37 - 00000936 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-09-28 23:20 - 2013-09-29 04:25 - 00000940 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-09-28 23:20 - 2013-09-28 23:45 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-09-28 23:20 - 2013-09-28 23:20 - 00003912 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-09-28 23:20 - 2013-09-28 23:20 - 00003676 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-09-28 22:18 - 2012-05-28 10:28 - 00197264 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-09-28 22:17 - 2013-09-29 11:05 - 00000000 ____D C:\Users\Isa\AppData\Local\CrashDumps
2013-09-28 22:13 - 2013-09-29 00:08 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-28 22:13 - 2013-09-28 22:22 - 00000000 ____D C:\Users\Isa\AppData\Local\Google
2013-09-28 22:11 - 2013-09-29 00:00 - 00000000 ____D C:\Users\Isa\AppData\Local\Deployment
2013-09-28 22:11 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Apps\2.0
2013-09-28 22:06 - 2013-09-28 22:06 - 00000000 ____D C:\Users\Isa\PicStream
2013-09-28 22:05 - 2013-09-28 22:39 - 00000000 ____D C:\Users\Isa\AppData\Local\clear.fi
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456718.txt
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456343.txt
2013-09-28 22:02 - 2013-09-28 22:02 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-28 21:37 - 2013-09-28 21:37 - 00000000 ____D C:\Users\Isa\AppData\Local\EgisTec IPS
2013-09-28 21:34 - 2013-09-29 04:27 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2794635576-2599266069-3530023200-1002
2013-09-28 21:29 - 2013-09-28 21:29 - 00002156 _____ C:\Users\Isa\Desktop\McAfee Anti-Theft.lnk
2013-09-28 21:29 - 2013-09-28 21:29 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Atheros
2013-09-28 21:28 - 2013-09-28 23:38 - 00000995 _____ C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 21:28 - 2013-09-28 21:29 - 00000000 ____D C:\Program Files\Preload
2013-09-28 21:28 - 2013-09-28 21:28 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Macromedia
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\lm
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Adobe
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Accessory Store
2013-09-28 21:27 - 2013-09-29 01:57 - 00000000 ____D C:\Users\Isa
2013-09-28 21:27 - 2013-09-28 22:25 - 00000000 ____D C:\Users\Isa\AppData\Local\Packages
2013-09-28 21:27 - 2013-09-28 21:27 - 00000020 ___SH C:\Users\Isa\ntuser.ini
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Vorlagen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Startmenü
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Netzwerkumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Lokale Einstellungen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Eigene Dateien
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Druckumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Musik
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Bilder
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Verlauf
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\VirtualStore
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486281.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486234.txt

==================== One Month Modified Files and Folders =======

2013-09-29 11:06 - 2013-09-29 01:59 - 00000000 ____D C:\Users\Isa\Desktop\Virus
2013-09-29 11:06 - 2013-09-28 22:17 - 00000000 ____D C:\Users\Isa\AppData\Local\CrashDumps
2013-09-29 11:04 - 2012-08-03 03:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-09-29 11:03 - 2012-08-03 03:58 - 00001848 _____ C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2013-09-29 11:02 - 2013-09-29 11:02 - 00000676 _____ C:\Users\Isa\Desktop\JRT.txt
2013-09-29 11:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-29 10:46 - 2013-09-29 10:46 - 00000000 ____D C:\Windows\ERUNT
2013-09-29 10:45 - 2013-09-29 10:45 - 00000117 _____ C:\Windows\system32\netcfg-506109.txt
2013-09-29 10:44 - 2013-09-29 10:44 - 00000117 _____ C:\Windows\system32\netcfg-469906.txt
2013-09-29 10:42 - 2012-09-12 10:22 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-09-29 10:42 - 2012-09-12 10:22 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-09-29 10:42 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-29 10:38 - 2013-09-29 10:38 - 00000117 _____ C:\Windows\system32\netcfg-84218.txt
2013-09-29 10:37 - 2013-09-29 10:37 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-09-29 10:37 - 2013-09-29 01:16 - 00002572 _____ C:\Windows\PFRO.log
2013-09-29 10:37 - 2013-09-29 00:00 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-29 10:37 - 2013-09-28 23:20 - 00000936 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-09-29 10:37 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-29 10:36 - 2013-09-29 10:36 - 00000117 _____ C:\Windows\system32\netcfg-29547281.txt
2013-09-29 10:36 - 2013-09-28 23:37 - 00000000 ____D C:\AdwCleaner
2013-09-29 10:36 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-09-29 10:28 - 2012-08-03 03:58 - 00000000 ____D C:\ProgramData\McAfee
2013-09-29 10:28 - 2012-08-03 03:58 - 00000000 ____D C:\Program Files\mcafee
2013-09-29 04:27 - 2013-09-28 21:34 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2794635576-2599266069-3530023200-1002
2013-09-29 04:25 - 2013-09-28 23:20 - 00000940 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-09-29 03:20 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-482187.txt
2013-09-29 03:19 - 2013-09-29 03:19 - 00000117 _____ C:\Windows\system32\netcfg-427390.txt
2013-09-29 03:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-09-29 03:13 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-09-29 03:13 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-09-29 02:56 - 2013-09-29 02:56 - 00000117 _____ C:\Windows\system32\netcfg-1968281.txt
2013-09-29 02:56 - 2013-09-29 02:56 - 00000117 _____ C:\Windows\system32\netcfg-1965781.txt
2013-09-29 02:25 - 2013-09-29 02:25 - 00000117 _____ C:\Windows\system32\netcfg-76031.txt
2013-09-29 02:23 - 2013-09-29 02:23 - 00000117 _____ C:\Windows\system32\netcfg-691953.txt
2013-09-29 02:13 - 2013-09-29 02:13 - 00000117 _____ C:\Windows\system32\netcfg-98515.txt
2013-09-29 02:11 - 2013-09-29 02:11 - 00000117 _____ C:\Windows\system32\netcfg-3314281.txt
2013-09-29 02:00 - 2013-09-29 02:00 - 00000000 ____D C:\FRST
2013-09-29 01:57 - 2013-09-29 01:57 - 00000000 _____ C:\Users\Isa\defogger_reenable
2013-09-29 01:57 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa
2013-09-29 01:43 - 2013-09-29 00:15 - 00077104 _____ C:\Windows\WindowsUpdate.log
2013-09-29 01:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore
2013-09-29 01:23 - 2013-09-29 01:23 - 00000117 _____ C:\Windows\system32\netcfg-437390.txt
2013-09-29 01:15 - 2013-09-29 01:15 - 00000117 _____ C:\Windows\system32\netcfg-5755468.txt
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-29 00:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-29 00:08 - 2013-09-29 00:08 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-29 00:08 - 2013-09-28 22:13 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-29 00:00 - 2013-09-29 00:00 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-29 00:00 - 2013-09-29 00:00 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-29 00:00 - 2013-09-29 00:00 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-29 00:00 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Deployment
2013-09-28 23:45 - 2013-09-28 23:20 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-09-28 23:42 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-09-28 23:40 - 2013-09-28 23:40 - 00000117 _____ C:\Windows\system32\netcfg-24234.txt
2013-09-28 23:40 - 2012-08-03 03:58 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-09-28 23:39 - 2013-09-28 23:39 - 00000117 _____ C:\Windows\system32\netcfg-9064750.txt
2013-09-28 23:38 - 2013-09-28 21:28 - 00000995 _____ C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 23:28 - 2013-09-28 23:28 - 00002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-28 23:28 - 2013-09-28 23:28 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-28 23:28 - 2013-09-28 23:28 - 00000000 ____D C:\Program Files\CCleaner
2013-09-28 23:28 - 2012-08-03 04:50 - 00000000 ____D C:\Windows\Panther
2013-09-28 23:20 - 2013-09-28 23:20 - 00003912 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-09-28 23:20 - 2013-09-28 23:20 - 00003676 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-09-28 22:39 - 2013-09-28 22:05 - 00000000 ____D C:\Users\Isa\AppData\Local\clear.fi
2013-09-28 22:25 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\Packages
2013-09-28 22:22 - 2013-09-28 22:13 - 00000000 ____D C:\Users\Isa\AppData\Local\Google
2013-09-28 22:17 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-09-28 22:11 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Apps\2.0
2013-09-28 22:06 - 2013-09-28 22:06 - 00000000 ____D C:\Users\Isa\PicStream
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456718.txt
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456343.txt
2013-09-28 22:02 - 2013-09-28 22:02 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-28 21:37 - 2013-09-28 21:37 - 00000000 ____D C:\Users\Isa\AppData\Local\EgisTec IPS
2013-09-28 21:37 - 2012-08-03 03:59 - 00000000 ____D C:\ProgramData\EgisTec IPS
2013-09-28 21:29 - 2013-09-28 21:29 - 00002156 _____ C:\Users\Isa\Desktop\McAfee Anti-Theft.lnk
2013-09-28 21:29 - 2013-09-28 21:29 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Atheros
2013-09-28 21:29 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Preload
2013-09-28 21:29 - 2012-08-03 04:48 - 00000000 ___HD C:\OEM
2013-09-28 21:28 - 2013-09-28 21:28 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Macromedia
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\lm
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Adobe
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Accessory Store
2013-09-28 21:28 - 2012-08-03 03:58 - 00000000 ____D C:\ProgramData\OEM
2013-09-28 21:27 - 2013-09-28 21:27 - 00000020 ___SH C:\Users\Isa\ntuser.ini
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Vorlagen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Startmenü
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Netzwerkumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Lokale Einstellungen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Eigene Dateien
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Druckumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Musik
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Bilder
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Verlauf
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\VirtualStore
2013-09-28 21:27 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-09-28 21:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-28 21:16 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-483156.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486281.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486234.txt

Some content of TEMP:
====================
C:\Users\Isa\AppData\Local\Temp\ICReinstall_SkypeSetup.exe
C:\Users\Isa\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-08-03 03:50

==================== End Of Log ============================

--- --- ---

schrauber · 29.09.2013, 18:05

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Iischen · 30.09.2013, 05:59

hey, hier sind die Logs

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3f43b1fa06a30f4dbb015aa3d734748b
# engine=15302
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-29 08:45:31
# local_time=2013-09-29 10:45:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=5122 16777214 66 79 83123 42774557 0 0
# compatibility_mode=5893 16776574 100 94 42139 39993642 0 0
# scanned=230662
# found=0
# cleaned=0
# scan_time=5902

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.73  
   x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
McAfee Anti-Virus und Anti-Spyware   
Windows Defender                     
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Google Chrome 29.0.1547.76  
````````Process Check: objlist.exe by Laurent````````  
 Isa Desktop Virus SecurityCheck.exe 
 Symantec Norton Online Backup NOBuAgent.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by Isa (administrator) on ISAS-ACER on 30-09-2013 06:47:33
Running from C:\Users\Isa\Desktop\Virus
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Qualcomm Atheros) c:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) c:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\syswow64\wwahost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-07-31] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568 2012-08-22] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-08-06] (McAfee, Inc.)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-07-31] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [202600 2012-07-31] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = 
SearchScopes: HKCU - {0A6536A7-95DB-4463-B263-85F85D38ED42} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Google Docs) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (SiteAdvisor) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0
CHR Extension: (Lakeside Sunrise Theme) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgdnkapcadpkfhpeljgdnoebcppgean\1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1
CHR Extension: (Gmail) - C:\Users\Isa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [ieadcoanfjloocmfafkebdnfefmohngj] - C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-09-06] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-08-06] (McAfee, Inc.)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-29] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-08-05] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-22] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-12] (Dritek System INC.)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [344720 2012-08-22] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)

==================== Drivers (Whitelisted) ====================

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-29] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [377040 2013-07-09] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-07-09] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-12] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-30 06:43 - 2013-09-30 06:43 - 00000000 ___SH C:\DkHyperbootSync
2013-09-29 21:01 - 2013-09-29 21:01 - 00000117 _____ C:\Windows\system32\netcfg-25562.txt
2013-09-29 21:00 - 2013-09-29 21:00 - 00000117 _____ C:\Windows\system32\netcfg-37410812.txt
2013-09-29 20:59 - 2013-09-29 21:00 - 00001184 _____ C:\Users\Isa\Desktop\Neues Textdokument.txt
2013-09-29 20:25 - 2013-09-29 20:25 - 00891144 _____ C:\Users\Isa\Downloads\SecurityCheck.exe
2013-09-29 20:23 - 2013-09-29 20:23 - 02347384 _____ (ESET) C:\Users\Isa\Downloads\esetsmartinstaller_enu.exe
2013-09-29 17:45 - 2013-09-29 22:25 - 00000000 ____D C:\Users\Isa\AppData\Roaming\WildTangent
2013-09-29 17:21 - 2013-09-29 17:21 - 00000117 _____ C:\Windows\system32\netcfg-24287375.txt
2013-09-29 17:21 - 2013-09-29 17:21 - 00000117 _____ C:\Windows\system32\netcfg-24286578.txt
2013-09-29 17:16 - 2013-09-29 17:16 - 00000117 _____ C:\Windows\system32\netcfg-23952171.txt
2013-09-29 17:16 - 2013-09-29 17:16 - 00000117 _____ C:\Windows\system32\netcfg-23948843.txt
2013-09-29 13:33 - 2013-09-29 13:33 - 00000117 _____ C:\Windows\system32\netcfg-10564250.txt
2013-09-29 13:33 - 2013-09-29 13:33 - 00000117 _____ C:\Windows\system32\netcfg-10564140.txt
2013-09-29 10:46 - 2013-09-29 10:46 - 00000000 ____D C:\Windows\ERUNT
2013-09-29 10:45 - 2013-09-29 10:45 - 00000117 _____ C:\Windows\system32\netcfg-506109.txt
2013-09-29 10:44 - 2013-09-29 10:44 - 00000117 _____ C:\Windows\system32\netcfg-469906.txt
2013-09-29 10:38 - 2013-09-29 10:38 - 00000117 _____ C:\Windows\system32\netcfg-84218.txt
2013-09-29 10:37 - 2013-09-29 10:37 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-09-29 10:36 - 2013-09-29 10:36 - 00000117 _____ C:\Windows\system32\netcfg-29547281.txt
2013-09-29 03:20 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-482187.txt
2013-09-29 03:20 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-483156.txt
2013-09-29 03:19 - 2013-09-29 03:19 - 00000117 _____ C:\Windows\system32\netcfg-427390.txt
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-09-29 02:56 - 2013-09-29 02:56 - 00000117 _____ C:\Windows\system32\netcfg-1968281.txt
2013-09-29 02:56 - 2013-09-29 02:56 - 00000117 _____ C:\Windows\system32\netcfg-1965781.txt
2013-09-29 02:25 - 2013-09-29 02:25 - 00000117 _____ C:\Windows\system32\netcfg-76031.txt
2013-09-29 02:23 - 2013-09-29 02:23 - 00000117 _____ C:\Windows\system32\netcfg-691953.txt
2013-09-29 02:13 - 2013-09-29 02:13 - 00000117 _____ C:\Windows\system32\netcfg-98515.txt
2013-09-29 02:11 - 2013-09-29 02:11 - 00000117 _____ C:\Windows\system32\netcfg-3314281.txt
2013-09-29 02:00 - 2013-09-29 02:00 - 00000000 ____D C:\FRST
2013-09-29 01:59 - 2013-09-30 06:47 - 00000000 ____D C:\Users\Isa\Desktop\Virus
2013-09-29 01:57 - 2013-09-29 01:57 - 00000000 _____ C:\Users\Isa\defogger_reenable
2013-09-29 01:23 - 2013-09-29 01:23 - 00000117 _____ C:\Windows\system32\netcfg-437390.txt
2013-09-29 01:16 - 2013-09-29 21:01 - 00003226 _____ C:\Windows\PFRO.log
2013-09-29 01:15 - 2013-09-29 01:15 - 00000117 _____ C:\Windows\system32\netcfg-5755468.txt
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-29 00:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-29 00:15 - 2013-09-29 22:10 - 01182735 _____ C:\Windows\WindowsUpdate.log
2013-09-29 00:08 - 2013-09-29 00:08 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-29 00:00 - 2013-09-29 21:01 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-29 00:00 - 2013-09-29 00:00 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-29 00:00 - 2013-09-29 00:00 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-29 00:00 - 2013-09-29 00:00 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-28 23:40 - 2013-09-28 23:40 - 00000117 _____ C:\Windows\system32\netcfg-24234.txt
2013-09-28 23:39 - 2013-09-28 23:39 - 00000117 _____ C:\Windows\system32\netcfg-9064750.txt
2013-09-28 23:37 - 2013-09-29 10:36 - 00000000 ____D C:\AdwCleaner
2013-09-28 23:28 - 2013-09-28 23:28 - 00002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-28 23:28 - 2013-09-28 23:28 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-28 23:28 - 2013-09-28 23:28 - 00000000 ____D C:\Program Files\CCleaner
2013-09-28 23:20 - 2013-09-29 22:25 - 00000940 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-09-28 23:20 - 2013-09-29 21:01 - 00000936 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-09-28 23:20 - 2013-09-28 23:45 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-09-28 23:20 - 2013-09-28 23:20 - 00003912 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-09-28 23:20 - 2013-09-28 23:20 - 00003676 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-09-28 22:18 - 2012-05-28 10:28 - 00197264 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-09-28 22:17 - 2013-09-29 22:36 - 00000000 ____D C:\Users\Isa\AppData\Local\CrashDumps
2013-09-28 22:13 - 2013-09-29 00:08 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-28 22:13 - 2013-09-28 22:22 - 00000000 ____D C:\Users\Isa\AppData\Local\Google
2013-09-28 22:11 - 2013-09-29 00:00 - 00000000 ____D C:\Users\Isa\AppData\Local\Deployment
2013-09-28 22:11 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Apps\2.0
2013-09-28 22:06 - 2013-09-28 22:06 - 00000000 ____D C:\Users\Isa\PicStream
2013-09-28 22:05 - 2013-09-28 22:39 - 00000000 ____D C:\Users\Isa\AppData\Local\clear.fi
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456718.txt
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456343.txt
2013-09-28 22:02 - 2013-09-28 22:02 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-28 21:37 - 2013-09-28 21:37 - 00000000 ____D C:\Users\Isa\AppData\Local\EgisTec IPS
2013-09-28 21:34 - 2013-09-29 21:31 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2794635576-2599266069-3530023200-1002
2013-09-28 21:29 - 2013-09-28 21:29 - 00002156 _____ C:\Users\Isa\Desktop\McAfee Anti-Theft.lnk
2013-09-28 21:29 - 2013-09-28 21:29 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Atheros
2013-09-28 21:28 - 2013-09-28 23:38 - 00000995 _____ C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 21:28 - 2013-09-28 21:29 - 00000000 ____D C:\Program Files\Preload
2013-09-28 21:28 - 2013-09-28 21:28 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Macromedia
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\lm
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Adobe
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Accessory Store
2013-09-28 21:27 - 2013-09-29 17:42 - 00000000 ____D C:\Users\Isa\AppData\Local\Packages
2013-09-28 21:27 - 2013-09-29 01:57 - 00000000 ____D C:\Users\Isa
2013-09-28 21:27 - 2013-09-28 21:27 - 00000020 ___SH C:\Users\Isa\ntuser.ini
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Vorlagen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Startmenü
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Netzwerkumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Lokale Einstellungen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Eigene Dateien
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Druckumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Musik
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Bilder
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Verlauf
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\VirtualStore
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-09-28 21:27 - 2012-07-26 10:13 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486281.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486234.txt

==================== One Month Modified Files and Folders =======

2013-09-30 06:47 - 2013-09-29 01:59 - 00000000 ____D C:\Users\Isa\Desktop\Virus
2013-09-30 06:47 - 2013-09-29 00:15 - 01182735 _____ C:\Windows\WindowsUpdate.log
2013-09-30 06:45 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-30 06:43 - 2013-09-30 06:43 - 00000000 ___SH C:\DkHyperbootSync
2013-09-29 22:36 - 2013-09-28 22:17 - 00000000 ____D C:\Users\Isa\AppData\Local\CrashDumps
2013-09-29 22:25 - 2013-09-29 17:45 - 00000000 ____D C:\Users\Isa\AppData\Roaming\WildTangent
2013-09-29 22:25 - 2013-09-28 23:20 - 00000940 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-09-29 21:58 - 2012-08-03 03:58 - 00001848 _____ C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2013-09-29 21:31 - 2013-09-28 21:34 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2794635576-2599266069-3530023200-1002
2013-09-29 21:28 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-29 21:06 - 2012-09-12 10:22 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-09-29 21:06 - 2012-09-12 10:22 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-09-29 21:06 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-29 21:01 - 2013-09-29 21:01 - 00000117 _____ C:\Windows\system32\netcfg-25562.txt
2013-09-29 21:01 - 2013-09-29 01:16 - 00003226 _____ C:\Windows\PFRO.log
2013-09-29 21:01 - 2013-09-29 00:00 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-29 21:01 - 2013-09-28 23:20 - 00000936 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-09-29 21:01 - 2012-08-03 03:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-09-29 21:01 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-29 21:01 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-09-29 21:01 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-09-29 21:00 - 2013-09-29 21:00 - 00000117 _____ C:\Windows\system32\netcfg-37410812.txt
2013-09-29 21:00 - 2013-09-29 20:59 - 00001184 _____ C:\Users\Isa\Desktop\Neues Textdokument.txt
2013-09-29 20:25 - 2013-09-29 20:25 - 00891144 _____ C:\Users\Isa\Downloads\SecurityCheck.exe
2013-09-29 20:23 - 2013-09-29 20:23 - 02347384 _____ (ESET) C:\Users\Isa\Downloads\esetsmartinstaller_enu.exe
2013-09-29 17:51 - 2012-08-03 03:55 - 00000000 ____D C:\ProgramData\WildTangent
2013-09-29 17:46 - 2012-08-03 03:55 - 00002662 ____N C:\Users\Public\Desktop\WildTangent Games App - acer.lnk
2013-09-29 17:46 - 2012-08-03 03:55 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2013-09-29 17:42 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\Packages
2013-09-29 17:21 - 2013-09-29 17:21 - 00000117 _____ C:\Windows\system32\netcfg-24287375.txt
2013-09-29 17:21 - 2013-09-29 17:21 - 00000117 _____ C:\Windows\system32\netcfg-24286578.txt
2013-09-29 17:16 - 2013-09-29 17:16 - 00000117 _____ C:\Windows\system32\netcfg-23952171.txt
2013-09-29 17:16 - 2013-09-29 17:16 - 00000117 _____ C:\Windows\system32\netcfg-23948843.txt
2013-09-29 13:33 - 2013-09-29 13:33 - 00000117 _____ C:\Windows\system32\netcfg-10564250.txt
2013-09-29 13:33 - 2013-09-29 13:33 - 00000117 _____ C:\Windows\system32\netcfg-10564140.txt
2013-09-29 10:46 - 2013-09-29 10:46 - 00000000 ____D C:\Windows\ERUNT
2013-09-29 10:45 - 2013-09-29 10:45 - 00000117 _____ C:\Windows\system32\netcfg-506109.txt
2013-09-29 10:44 - 2013-09-29 10:44 - 00000117 _____ C:\Windows\system32\netcfg-469906.txt
2013-09-29 10:38 - 2013-09-29 10:38 - 00000117 _____ C:\Windows\system32\netcfg-84218.txt
2013-09-29 10:37 - 2013-09-29 10:37 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-09-29 10:36 - 2013-09-29 10:36 - 00000117 _____ C:\Windows\system32\netcfg-29547281.txt
2013-09-29 10:36 - 2013-09-28 23:37 - 00000000 ____D C:\AdwCleaner
2013-09-29 10:28 - 2012-08-03 03:58 - 00000000 ____D C:\ProgramData\McAfee
2013-09-29 10:28 - 2012-08-03 03:58 - 00000000 ____D C:\Program Files\mcafee
2013-09-29 03:20 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-482187.txt
2013-09-29 03:19 - 2013-09-29 03:19 - 00000117 _____ C:\Windows\system32\netcfg-427390.txt
2013-09-29 03:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Programme
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-09-29 03:13 - 2013-09-29 03:13 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-09-29 03:13 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows NT
2013-09-29 03:13 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2013-09-29 02:56 - 2013-09-29 02:56 - 00000117 _____ C:\Windows\system32\netcfg-1968281.txt
2013-09-29 02:56 - 2013-09-29 02:56 - 00000117 _____ C:\Windows\system32\netcfg-1965781.txt
2013-09-29 02:25 - 2013-09-29 02:25 - 00000117 _____ C:\Windows\system32\netcfg-76031.txt
2013-09-29 02:23 - 2013-09-29 02:23 - 00000117 _____ C:\Windows\system32\netcfg-691953.txt
2013-09-29 02:13 - 2013-09-29 02:13 - 00000117 _____ C:\Windows\system32\netcfg-98515.txt
2013-09-29 02:11 - 2013-09-29 02:11 - 00000117 _____ C:\Windows\system32\netcfg-3314281.txt
2013-09-29 02:00 - 2013-09-29 02:00 - 00000000 ____D C:\FRST
2013-09-29 01:57 - 2013-09-29 01:57 - 00000000 _____ C:\Users\Isa\defogger_reenable
2013-09-29 01:57 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa
2013-09-29 01:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore
2013-09-29 01:23 - 2013-09-29 01:23 - 00000117 _____ C:\Windows\system32\netcfg-437390.txt
2013-09-29 01:15 - 2013-09-29 01:15 - 00000117 _____ C:\Windows\system32\netcfg-5755468.txt
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-29 00:26 - 2013-09-29 00:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-29 00:08 - 2013-09-29 00:08 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-29 00:08 - 2013-09-28 22:13 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-29 00:00 - 2013-09-29 00:00 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-29 00:00 - 2013-09-29 00:00 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-29 00:00 - 2013-09-29 00:00 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-29 00:00 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Deployment
2013-09-28 23:45 - 2013-09-28 23:20 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-09-28 23:40 - 2013-09-28 23:40 - 00000117 _____ C:\Windows\system32\netcfg-24234.txt
2013-09-28 23:40 - 2012-08-03 03:58 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-09-28 23:39 - 2013-09-28 23:39 - 00000117 _____ C:\Windows\system32\netcfg-9064750.txt
2013-09-28 23:38 - 2013-09-28 21:28 - 00000995 _____ C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-28 23:28 - 2013-09-28 23:28 - 00002768 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-28 23:28 - 2013-09-28 23:28 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-28 23:28 - 2013-09-28 23:28 - 00000000 ____D C:\Program Files\CCleaner
2013-09-28 23:28 - 2012-08-03 04:50 - 00000000 ____D C:\Windows\Panther
2013-09-28 23:20 - 2013-09-28 23:20 - 00003912 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-09-28 23:20 - 2013-09-28 23:20 - 00003676 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-09-28 22:39 - 2013-09-28 22:05 - 00000000 ____D C:\Users\Isa\AppData\Local\clear.fi
2013-09-28 22:22 - 2013-09-28 22:13 - 00000000 ____D C:\Users\Isa\AppData\Local\Google
2013-09-28 22:17 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-09-28 22:11 - 2013-09-28 22:11 - 00000000 ____D C:\Users\Isa\AppData\Local\Apps\2.0
2013-09-28 22:06 - 2013-09-28 22:06 - 00000000 ____D C:\Users\Isa\PicStream
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456718.txt
2013-09-28 22:05 - 2013-09-28 22:05 - 00000117 _____ C:\Windows\system32\netcfg-3456343.txt
2013-09-28 22:02 - 2013-09-28 22:02 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-28 21:37 - 2013-09-28 21:37 - 00000000 ____D C:\Users\Isa\AppData\Local\EgisTec IPS
2013-09-28 21:37 - 2012-08-03 03:59 - 00000000 ____D C:\ProgramData\EgisTec IPS
2013-09-28 21:29 - 2013-09-28 21:29 - 00002156 _____ C:\Users\Isa\Desktop\McAfee Anti-Theft.lnk
2013-09-28 21:29 - 2013-09-28 21:29 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Atheros
2013-09-28 21:29 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Preload
2013-09-28 21:29 - 2012-08-03 04:48 - 00000000 ___HD C:\OEM
2013-09-28 21:28 - 2013-09-28 21:28 - 00002027 _____ C:\Users\Public\Desktop\LOVEFiLM.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00001736 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ___RD C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Macromedia
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\lm
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Users\Isa\AppData\Roaming\Adobe
2013-09-28 21:28 - 2013-09-28 21:28 - 00000000 ____D C:\Program Files\Accessory Store
2013-09-28 21:28 - 2012-08-03 03:58 - 00000000 ____D C:\ProgramData\OEM
2013-09-28 21:27 - 2013-09-28 21:27 - 00000020 ___SH C:\Users\Isa\ntuser.ini
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Vorlagen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Startmenü
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Netzwerkumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Lokale Einstellungen
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Eigene Dateien
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Druckumgebung
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Musik
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Documents\Eigene Bilder
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Verlauf
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\AppData\Local\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 _SHDL C:\Users\Isa\Anwendungsdaten
2013-09-28 21:27 - 2013-09-28 21:27 - 00000000 ____D C:\Users\Isa\AppData\Local\VirtualStore
2013-09-28 21:27 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-09-28 21:27 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-28 21:16 - 2013-09-29 03:20 - 00000117 _____ C:\Windows\system32\netcfg-483156.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486281.txt
2013-09-28 21:16 - 2013-09-28 21:16 - 00000117 _____ C:\Windows\system32\netcfg-486234.txt

Some content of TEMP:
====================
C:\Users\Isa\AppData\Local\Temp\ICReinstall_SkypeSetup.exe
C:\Users\Isa\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-08-03 03:50

==================== End Of Log ============================

--- --- ---

ne, ich hab keine probleme mehr

danke für die hilfe

schrauber · 30.09.2013, 11:02

Fertig

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Windows 8: Pup.Optional gefunden

Log-Analyse und Auswertung: Windows 8: Pup.Optional gefunden