Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Whilokii bei windows 8 entfernen (https://www.trojaner-board.de/143201-whilokii-windows-8-entfernen.html)

jenso1608 17.10.2013 20:50
Whilokii bei windows 8 entfernen
 
Hallo zusammen,

ich würde gerne dieses lästige Programm entfernen.

Ich habe (hoffentlich) die bisherigen Anleitungen befolgt.

Anbei meine Logdatei.

Vielen Dank für eure Hilfe

Jenso


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by SYSTEM on MININT-QFALVEG on 17-10-2013 21:33:07
Running from E:\
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-22] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-29] (AVAST Software)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated)
HKU\Family\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)

==================== Services (Whitelisted) =================

S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-29] (AVAST Software)
S2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845664 2013-09-23] ()
S2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-22] (NTI Corporation)
S2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-26] (Dritek System INC.)
S2 Update Whilokii; C:\Program Files (x86)\Whilokii\updateWhilokii.exe [65304 2013-10-04] (Whilokii)
S2 Util Whilokii; C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe [65304 2013-10-12] (Whilokii)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
S2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [1706064 2013-10-10] (Wsys Co., Ltd.)
S2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros)

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-29] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-29] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-29] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-29] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-29] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-29] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-29] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-29] ()
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-26] (Dritek System Inc.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-17 21:32 - 2013-10-17 21:32 - 00000000 ____D C:\FRST
2013-10-17 11:29 - 2013-10-17 11:29 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-17 11:00 - 2013-10-17 11:00 - 01954124 _____ (Farbar) C:\Users\Family\Downloads\FRST64.exe
2013-10-14 11:00 - 2012-08-30 03:37 - 02213776 _____ (ELAN Microelectronics Corp.) C:\Windows\ETDUninst.dll
2013-10-14 10:05 - 2013-10-14 10:05 - 00000000 _____ C:\autoexec.bat
2013-10-14 10:03 - 2013-10-14 11:00 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-14 10:03 - 2013-10-14 10:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-14 09:58 - 2013-10-14 09:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Family\Downloads\SpyHunter-Installer.exe
2013-10-14 05:06 - 2013-10-14 05:06 - 00423696 _____ C:\Windows\System32\FNTCACHE.DAT
2013-10-12 22:12 - 2013-08-28 19:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbser.sys
2013-10-12 22:12 - 2013-07-05 16:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2013-10-12 22:12 - 2013-07-03 18:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-12 22:11 - 2013-09-22 15:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-12 22:11 - 2013-09-22 15:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-12 22:11 - 2013-09-22 15:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-12 22:11 - 2013-09-22 15:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-12 22:11 - 2013-09-22 15:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-12 22:11 - 2013-09-22 15:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-12 22:11 - 2013-09-22 15:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-12 22:11 - 2013-09-22 15:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-12 22:11 - 2013-09-22 14:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-10-12 22:11 - 2013-09-22 14:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-10-12 22:11 - 2013-09-22 14:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-10-12 22:11 - 2013-09-22 14:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-10-12 22:11 - 2013-09-22 14:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-10-12 22:11 - 2013-09-22 14:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-10-12 22:11 - 2013-09-22 14:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-10-12 22:11 - 2013-09-22 14:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-10-12 22:11 - 2013-09-22 14:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-10-12 22:10 - 2013-07-05 14:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2013-10-12 22:10 - 2013-07-05 14:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-10-12 22:10 - 2013-07-01 14:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2013-10-12 22:10 - 2013-06-28 19:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2013-10-12 22:10 - 2013-06-28 19:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-10-12 22:10 - 2013-06-21 21:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-10-12 22:10 - 2013-06-21 21:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2013-10-12 22:09 - 2013-08-22 21:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-10-12 22:09 - 2013-07-19 14:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-10-12 22:09 - 2013-07-19 14:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-12 22:09 - 2013-07-01 17:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-10-12 22:09 - 2013-07-01 17:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-10-12 22:09 - 2013-07-01 17:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-10-12 22:09 - 2013-06-30 17:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-10-12 22:09 - 2013-06-30 17:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-10-12 22:09 - 2013-06-30 17:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-10-12 22:09 - 2013-06-30 17:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-10-12 22:09 - 2013-06-28 19:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-10-12 22:09 - 2013-06-28 19:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2013-10-12 22:09 - 2013-05-26 15:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-12 22:09 - 2013-05-26 14:59 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-10-12 22:09 - 2013-05-24 19:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-10-12 22:09 - 2013-05-24 18:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-12 22:08 - 2013-08-09 21:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2013-10-12 22:08 - 2013-08-09 21:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncInfo.dll
2013-10-12 22:08 - 2013-08-09 19:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-10-12 22:08 - 2013-08-02 22:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\System32\wdc.dll
2013-10-12 22:08 - 2013-08-02 22:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\System32\wvc.dll
2013-10-12 22:08 - 2013-08-02 22:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\System32\sysmon.ocx
2013-10-12 22:08 - 2013-08-02 21:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-10-12 22:08 - 2013-08-02 21:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-10-12 22:08 - 2013-08-02 21:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-10-12 22:08 - 2013-08-01 22:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-10-12 22:08 - 2013-08-01 22:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-10-12 22:08 - 2013-08-01 22:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-10-12 22:08 - 2013-08-01 22:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-10-12 22:08 - 2013-08-01 21:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-12 22:08 - 2013-08-01 21:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-10-12 22:08 - 2013-08-01 21:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-12 22:08 - 2013-08-01 21:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-12 22:08 - 2013-08-01 02:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-10-12 22:08 - 2013-07-30 15:30 - 00386923 _____ C:\Windows\System32\ApnDatabase.xml
2013-10-12 22:08 - 2013-07-24 15:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-12 22:08 - 2013-07-24 15:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\System32\mbsmsapi.dll
2013-10-12 22:08 - 2013-04-09 15:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll
2013-10-12 22:08 - 2013-04-09 14:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-10-10 11:44 - 2013-10-10 11:44 - 00001926 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-10 11:44 - 2013-08-29 23:48 - 00378944 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-10-10 11:44 - 2013-08-29 23:48 - 00072016 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-10-10 11:44 - 2013-08-29 23:48 - 00064288 _____ (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-10-10 11:44 - 2013-08-29 23:48 - 00033400 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-10-10 11:43 - 2013-10-17 10:49 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-10 11:43 - 2013-10-10 11:43 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-10 11:43 - 2013-10-10 11:43 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-10 11:43 - 2013-08-29 23:48 - 01030952 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-10-10 11:43 - 2013-08-29 23:48 - 00204880 _____ C:\Windows\System32\Drivers\aswVmm.sys
2013-10-10 11:43 - 2013-08-29 23:48 - 00080816 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-10-10 11:43 - 2013-08-29 23:48 - 00065336 _____ C:\Windows\System32\Drivers\aswRvrt.sys
2013-10-10 11:43 - 2013-08-29 23:47 - 00287840 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-10-10 11:43 - 2013-08-29 23:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-10 11:42 - 2013-10-10 11:43 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-10 11:41 - 2013-10-10 11:41 - 131918888 _____ C:\Users\Family\Downloads\avast_free_antivirus_setup.exe
2013-10-10 11:38 - 2013-10-10 11:39 - 05709056 _____ (Systweak Inc                                                ) C:\Users\Family\Downloads\rcpsetup_chip_de_chip_de.exe
2013-10-10 11:27 - 2013-10-15 21:30 - 00000094 _____ C:\Users\Family\AppData\Roaming\WB.CFG
2013-10-10 11:27 - 2013-10-15 21:30 - 00000006 _____ C:\Users\Family\AppData\Roaming\WBPU-TTL.DAT
2013-10-10 11:22 - 2013-10-10 11:22 - 00012784 _____ C:\Users\Family\Downloads\OTL.7z
2013-10-10 10:52 - 2013-10-10 08:19 - 00117428 _____ C:\Users\Family\Downloads\OTL.txt
2013-10-10 10:30 - 2013-10-10 10:30 - 127231689 _____ (Igor Pavlov) C:\Users\Family\Downloads\OTLPENet.exe
2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\Users\Family\AppData\Local\avgchrome
2013-10-10 10:27 - 2013-10-17 11:27 - 00000000 ____D C:\ProgramData\eSafe
2013-10-10 10:27 - 2013-10-16 21:29 - 00000306 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-10 10:27 - 2013-10-14 10:59 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-10 10:27 - 2013-10-12 22:04 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-10 10:27 - 2013-10-10 10:27 - 00002644 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-10 10:27 - 2013-10-10 10:27 - 00001078 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\Users\Family\AppData\Roaming\DigitalSite
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\Users\Family\AppData\Local\BonanzaDealsLive
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\ProgramData\Babylon
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-02 23:46 - 2013-10-02 23:46 - 00000000 ___RD C:\Users\Family\AppData\Roaming\Brother
2013-09-26 00:26 - 2013-10-04 22:21 - 00024064 _____ C:\Users\Family\Downloads\08-Sp13-14.xls
2013-09-26 00:26 - 2013-09-27 23:38 - 00025088 _____ C:\Users\Family\Downloads\07-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00031232 _____ C:\Users\Family\Downloads\13-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00031232 _____ C:\Users\Family\Downloads\12-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00031232 _____ C:\Users\Family\Downloads\11-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00031232 _____ C:\Users\Family\Downloads\10-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00030720 _____ C:\Users\Family\Downloads\14-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00025088 _____ C:\Users\Family\Downloads\09-Sp13-14.xls
2013-09-22 09:31 - 2013-08-15 21:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2013-09-22 09:31 - 2013-08-15 21:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\System32\WSService.dll
2013-09-22 09:31 - 2013-08-15 21:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-09-22 09:31 - 2013-08-15 21:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\System32\NotificationUI.exe
2013-09-22 09:31 - 2013-08-15 21:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2013-09-22 09:31 - 2013-08-15 21:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-09-22 09:31 - 2013-08-15 21:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\WSClient.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\System32\WSSync.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\System32\sppc.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\setupcln.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-09-22 09:31 - 2013-08-15 21:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-09-22 09:31 - 2013-08-15 21:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2013-09-22 09:31 - 2013-08-15 14:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-22 09:31 - 2013-08-15 14:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-22 09:31 - 2013-08-15 14:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-22 09:31 - 2013-08-15 14:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-22 09:31 - 2013-08-15 14:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-22 09:31 - 2013-08-15 14:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-22 09:31 - 2013-08-15 14:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-22 09:31 - 2013-08-15 14:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-22 09:31 - 2013-08-15 14:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-22 09:31 - 2013-08-15 14:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-22 09:31 - 2013-08-15 14:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-22 09:31 - 2013-08-15 14:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-22 09:31 - 2013-08-15 14:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-22 09:28 - 2013-07-09 00:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2013-09-22 09:28 - 2013-07-08 22:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\System32\WerFault.exe
2013-09-22 09:28 - 2013-07-08 20:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-22 09:28 - 2013-07-08 19:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-22 09:28 - 2013-07-08 14:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\System32\wwanmm.dll
2013-09-22 09:28 - 2013-07-08 14:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\System32\wwanconn.dll
2013-09-22 09:28 - 2013-07-08 14:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\System32\Wwanadvui.dll
2013-09-22 09:28 - 2013-07-08 14:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\System32\LocationApi.dll
2013-09-22 09:28 - 2013-07-05 16:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-09-22 09:28 - 2013-07-02 16:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2013-09-22 09:28 - 2013-07-02 16:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-09-22 09:28 - 2013-07-02 16:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2013-09-22 09:28 - 2013-07-02 16:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-09-22 09:28 - 2013-07-02 16:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-22 09:28 - 2013-07-02 16:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-22 09:28 - 2013-07-02 16:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-22 09:28 - 2013-06-30 14:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-22 09:28 - 2013-06-30 14:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\openfiles.exe
2013-09-22 09:28 - 2013-06-28 22:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-09-22 09:28 - 2013-06-28 22:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-09-22 09:28 - 2013-06-28 21:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-09-22 09:28 - 2013-06-28 17:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-22 09:28 - 2013-06-25 19:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2013-09-22 09:28 - 2013-06-25 18:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2013-09-22 09:28 - 2013-06-24 14:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-09-22 09:28 - 2013-06-24 14:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\System32\wcmsvc.dll
2013-09-22 09:28 - 2013-06-24 14:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\System32\wcmcsp.dll
2013-09-22 09:28 - 2013-06-18 21:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\System32\winmmbase.dll
2013-09-22 09:28 - 2013-06-18 21:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\winmm.dll
2013-09-22 09:28 - 2013-06-18 14:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-22 09:28 - 2013-06-18 14:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-22 09:28 - 2013-06-11 15:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-22 09:28 - 2013-06-11 15:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2013-09-22 09:28 - 2013-06-10 13:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2013-09-22 09:28 - 2013-06-10 11:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-09-22 09:28 - 2013-06-10 11:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-09-22 09:28 - 2013-06-10 11:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-09-22 09:28 - 2013-06-10 11:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-09-22 09:28 - 2013-06-10 11:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-22 09:28 - 2013-06-10 11:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-22 09:28 - 2013-06-06 00:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2013-09-22 09:26 - 2013-08-06 21:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\System32\tssdisai.dll

==================== One Month Modified Files and Folders =======

2013-10-17 21:32 - 2013-10-17 21:32 - 00000000 ____D C:\FRST
2013-10-17 11:29 - 2013-10-17 11:29 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-17 11:27 - 2013-10-10 10:27 - 00000000 ____D C:\ProgramData\eSafe
2013-10-17 11:27 - 2013-01-01 06:55 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-17 11:27 - 2012-07-25 23:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-17 11:17 - 2012-09-26 15:38 - 00753134 _____ C:\Windows\System32\perfh007.dat
2013-10-17 11:17 - 2012-09-26 15:38 - 00155826 _____ C:\Windows\System32\perfc007.dat
2013-10-17 11:17 - 2012-07-25 23:28 - 01745416 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-17 11:00 - 2013-10-17 11:00 - 01954124 _____ (Farbar) C:\Users\Family\Downloads\FRST64.exe
2013-10-17 11:00 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\sru
2013-10-17 10:51 - 2013-01-01 11:49 - 00000000 ____D C:\Users\Family\Documents\Ausgaben
2013-10-17 10:49 - 2013-10-10 11:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-17 10:48 - 2013-01-01 06:54 - 00000000 ____D C:\Users\Family\AppData\Local\Deployment
2013-10-16 21:29 - 2013-10-10 10:27 - 00000306 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-16 21:21 - 2013-01-01 06:55 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-15 21:30 - 2013-10-10 11:27 - 00000094 _____ C:\Users\Family\AppData\Roaming\WB.CFG
2013-10-15 21:30 - 2013-10-10 11:27 - 00000006 _____ C:\Users\Family\AppData\Roaming\WBPU-TTL.DAT
2013-10-15 21:29 - 2013-01-01 06:16 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2665461011-2761154639-2427061440-1002
2013-10-14 11:32 - 2013-10-10 10:27 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-14 11:00 - 2013-10-14 10:03 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-14 10:59 - 2013-10-10 10:27 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-14 10:17 - 2013-01-01 06:10 - 01885156 _____ C:\Windows\WindowsUpdate.log
2013-10-14 10:05 - 2013-10-14 10:05 - 00000000 _____ C:\autoexec.bat
2013-10-14 10:03 - 2013-10-14 10:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-14 09:58 - 2013-10-14 09:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Family\Downloads\SpyHunter-Installer.exe
2013-10-14 05:22 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-14 05:06 - 2013-10-14 05:06 - 00423696 _____ C:\Windows\System32\FNTCACHE.DAT
2013-10-12 22:24 - 2012-07-26 00:12 - 00000000 ___RD C:\Windows\ToastData
2013-10-12 22:24 - 2012-07-25 21:26 - 00262144 ___SH C:\Windows\System32\config\BBI
2013-10-12 22:20 - 2013-01-01 07:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-12 22:19 - 2013-07-26 11:31 - 00000000 ____D C:\Windows\System32\MRT
2013-10-12 22:18 - 2013-01-01 14:25 - 80541720 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-10-12 22:16 - 2013-01-01 06:55 - 00004092 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-12 22:16 - 2013-01-01 06:55 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-12 22:04 - 2013-10-10 10:27 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-12 21:59 - 2012-09-03 02:56 - 00019758 _____ C:\Windows\PFRO.log
2013-10-10 12:03 - 2013-01-01 06:56 - 00002223 _____ C:\Users\Family\Desktop\Google Chrome.lnk
2013-10-10 11:44 - 2013-10-10 11:44 - 00001926 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-10 11:43 - 2013-10-10 11:43 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-10 11:43 - 2013-10-10 11:43 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-10 11:43 - 2013-10-10 11:42 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-10 11:41 - 2013-10-10 11:41 - 131918888 _____ C:\Users\Family\Downloads\avast_free_antivirus_setup.exe
2013-10-10 11:39 - 2013-10-10 11:38 - 05709056 _____ (Systweak Inc                                                ) C:\Users\Family\Downloads\rcpsetup_chip_de_chip_de.exe
2013-10-10 11:22 - 2013-10-10 11:22 - 00012784 _____ C:\Users\Family\Downloads\OTL.7z
2013-10-10 10:30 - 2013-10-10 10:30 - 127231689 _____ (Igor Pavlov) C:\Users\Family\Downloads\OTLPENet.exe
2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 10:28 - 2013-10-10 10:28 - 00000000 ____D C:\Users\Family\AppData\Local\avgchrome
2013-10-10 10:27 - 2013-10-10 10:27 - 00002644 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-10 10:27 - 2013-10-10 10:27 - 00001078 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\Users\Family\AppData\Roaming\DigitalSite
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\Users\Family\AppData\Local\BonanzaDealsLive
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\ProgramData\Babylon
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-10-10 10:27 - 2013-10-10 10:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 08:19 - 2013-10-10 10:52 - 00117428 _____ C:\Users\Family\Downloads\OTL.txt
2013-10-07 00:39 - 2012-07-25 23:21 - 00043118 _____ C:\Windows\setupact.log
2013-10-06 00:13 - 2013-01-01 06:10 - 00000000 ____D C:\Users\Family\AppData\Local\Packages
2013-10-06 00:11 - 2013-02-15 23:01 - 00000000 ____D C:\Users\Family\AppData\Local\CrashDumps
2013-10-04 22:21 - 2013-09-26 00:26 - 00024064 _____ C:\Users\Family\Downloads\08-Sp13-14.xls
2013-10-02 23:46 - 2013-10-02 23:46 - 00000000 ___RD C:\Users\Family\AppData\Roaming\Brother
2013-10-01 17:38 - 2012-07-26 00:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-01 17:38 - 2012-07-26 00:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-27 23:38 - 2013-09-26 00:26 - 00025088 _____ C:\Users\Family\Downloads\07-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00031232 _____ C:\Users\Family\Downloads\13-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00031232 _____ C:\Users\Family\Downloads\12-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00031232 _____ C:\Users\Family\Downloads\11-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00031232 _____ C:\Users\Family\Downloads\10-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00030720 _____ C:\Users\Family\Downloads\14-Sp13-14.xls
2013-09-26 00:26 - 2013-09-26 00:26 - 00025088 _____ C:\Users\Family\Downloads\09-Sp13-14.xls
2013-09-22 15:28 - 2013-10-12 22:11 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-22 15:28 - 2013-10-12 22:11 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-22 15:27 - 2013-10-12 22:11 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-22 15:27 - 2013-10-12 22:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-22 15:27 - 2013-10-12 22:11 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-22 15:27 - 2013-10-12 22:11 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-22 15:27 - 2013-10-12 22:11 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-22 15:27 - 2013-10-12 22:11 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-22 14:55 - 2013-10-12 22:11 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-09-22 14:55 - 2013-10-12 22:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-09-22 14:55 - 2013-10-12 22:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-09-22 14:54 - 2013-10-12 22:11 - 19252224 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-09-22 14:54 - 2013-10-12 22:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-09-22 14:54 - 2013-10-12 22:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-09-22 14:54 - 2013-10-12 22:11 - 02647552 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-09-22 14:54 - 2013-10-12 22:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-09-22 14:54 - 2013-10-12 22:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-09-22 09:59 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\WinStore
2013-09-22 09:59 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-22 09:59 - 2012-07-25 21:38 - 00000000 ____D C:\Windows\System32\oobe
2013-09-22 09:52 - 2013-01-01 11:49 - 00000000 ____D C:\Users\Family\Documents\UP

Some content of TEMP:
====================
C:\Users\Family\AppData\Local\Temp\AcerCloudDocsSetup.exe
C:\Users\Family\AppData\Local\Temp\AcerCloudSetup.exe
C:\Users\Family\AppData\Local\Temp\AskSLib.dll
C:\Users\Family\AppData\Local\Temp\ose00000.exe
C:\Users\Family\AppData\Local\Temp\ose00002.exe
C:\Users\Family\AppData\Local\Temp\SHSetup.exe
C:\Users\Family\AppData\Local\Temp\uninst1.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

3
Restore point made on: 2013-09-22 09:32:09
Restore point made on: 2013-10-10 11:43:18
Restore point made on: 2013-10-14 10:03:22

==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 8007.27 MB
Available physical RAM: 7183.66 MB
Total Pagefile: 8007.27 MB
Available Pagefile: 7189.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.19 GB) (Free:635.03 GB) NTFS
Drive e: () (Removable) (Total:3.75 GB) (Free:3.75 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: A139FDE5)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 09ACCA1F)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)


LastRegBack: 2013-10-14 11:43

==================== End Of Log ============================
--- --- ---

jenso1608 17.10.2013 22:27
Und nun folgende Files:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Family (administrator) on CHEF on 17-10-2013 22:08:59
Running from C:\Users\Family\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Whilokii) C:\Program Files (x86)\Whilokii\updateWhilokii.exe
(Whilokii) C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=F0841A94235FA167&affID=125035&tsp=5031
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=F0841A94235FA167&affID=125035&tsp=5031
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABD075_92EVT0B9TXX92EVT0B9T&ts=1381429655&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABD075_92EVT0B9TXX92EVT0B9T&ts=1381429655&type=default&q={searchTerms}
SearchScopes: HKLM - {AF2E6D89-D3E4-4157-B44C-21D7E809C768} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABD075_92EVT0B9TXX92EVT0B9T&ts=1381429655&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABD075_92EVT0B9TXX92EVT0B9T&ts=1381429655&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {AF2E6D89-D3E4-4157-B44C-21D7E809C768} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F0841A94235FA167&affID=125035&tsp=5031
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F0841A94235FA167&affID=125035&tsp=5031
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=TOSHIBAXMQ01ABD075_92EVT0B9TXX92EVT0B9T&ts=1381429655&type=default&q={searchTerms}
SearchScopes: HKCU - {AF2E6D89-D3E4-4157-B44C-21D7E809C768} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Whilokii - {204df522-9a96-4a72-abb0-60f7a216d6d2} - C:\Program Files (x86)\Whilokii\Whilokiibho.dll (Whilokii)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome:
=======
CHR HomePage: hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=F0841A94235FA167&affID=125035&tsp=5031
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Yahoo! Deutschland) - hxxp://de.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR DefaultSuggestURL: (Yahoo! Deutschland) - hxxp://de-sayt.ff.search.yahoo.com/gossip-de-sayt?output=fxjson&command={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Extension: (Google Docs) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0
CHR Extension: (Whilokii) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845664 2013-09-23] ()
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-26] (Dritek System INC.)
R2 Update Whilokii; C:\Program Files (x86)\Whilokii\updateWhilokii.exe [65304 2013-10-05] (Whilokii)
R2 Util Whilokii; C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe [65304 2013-10-13] (Whilokii)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [1706064 2013-10-10] (Wsys Co., Ltd.)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-26] (Dritek System Inc.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-18 07:32 - 2013-10-18 07:32 - 00000000 ____D C:\FRST
2013-10-17 21:00 - 2013-10-17 21:00 - 01954124 _____ (Farbar) C:\Users\Family\Downloads\FRST64.exe
2013-10-14 21:00 - 2012-08-30 13:37 - 02213776 _____ (ELAN Microelectronics Corp.) C:\Windows\ETDUninst.dll
2013-10-14 20:05 - 2013-10-14 20:05 - 00000000 _____ C:\autoexec.bat
2013-10-14 20:03 - 2013-10-14 21:00 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-14 20:03 - 2013-10-14 20:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-14 19:58 - 2013-10-14 19:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Family\Downloads\SpyHunter-Installer.exe
2013-10-14 15:06 - 2013-10-14 15:06 - 00423696 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-13 08:12 - 2013-08-29 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2013-10-13 08:12 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-13 08:12 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-13 08:11 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-13 08:11 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-13 08:11 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-13 08:11 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-13 08:11 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-13 08:11 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-13 08:11 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-13 08:11 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-13 08:11 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-13 08:11 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-13 08:11 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-13 08:10 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-13 08:10 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-13 08:10 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-13 08:10 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-13 08:10 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-13 08:10 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-13 08:10 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-13 08:09 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-13 08:09 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 08:09 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 08:09 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-13 08:09 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-13 08:09 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-13 08:09 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-13 08:09 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-13 08:09 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-13 08:09 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-13 08:09 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-13 08:09 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-13 08:09 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-13 08:09 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-13 08:09 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-13 08:09 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-13 08:08 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-10-13 08:08 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-10-13 08:08 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-10-13 08:08 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-10-13 08:08 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-10-13 08:08 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-10-13 08:08 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-10-13 08:08 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-10-13 08:08 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-10-13 08:08 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-13 08:08 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-10-13 08:08 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-13 08:08 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-13 08:08 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-13 08:08 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-10-13 08:08 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-13 08:08 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-13 08:08 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-13 08:08 - 2013-07-31 01:30 - 00386923 _____ C:\Windows\system32\ApnDatabase.xml
2013-10-13 08:08 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-13 08:08 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-10-13 08:08 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-10-13 08:08 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-10-10 21:44 - 2013-10-10 21:44 - 00001926 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-10 21:44 - 2013-08-30 09:48 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-10 21:44 - 2013-08-30 09:48 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-10 21:44 - 2013-08-30 09:48 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-10 21:44 - 2013-08-30 09:48 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-10 21:43 - 2013-10-17 20:49 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-10 21:43 - 2013-10-10 21:43 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-10 21:43 - 2013-10-10 21:43 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-10 21:43 - 2013-08-30 09:48 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-10 21:43 - 2013-08-30 09:48 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-10 21:43 - 2013-08-30 09:48 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-10 21:43 - 2013-08-30 09:48 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-10 21:43 - 2013-08-30 09:47 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-10 21:43 - 2013-08-30 09:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-10 21:42 - 2013-10-10 21:43 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-10 21:41 - 2013-10-10 21:41 - 131918888 _____ C:\Users\Family\Downloads\avast_free_antivirus_setup.exe
2013-10-10 21:38 - 2013-10-10 21:39 - 05709056 _____ (Systweak Inc                                                ) C:\Users\Family\Downloads\rcpsetup_chip_de_chip_de.exe
2013-10-10 21:27 - 2013-10-16 07:30 - 00000094 _____ C:\Users\Family\AppData\Roaming\WB.CFG
2013-10-10 21:27 - 2013-10-16 07:30 - 00000006 _____ C:\Users\Family\AppData\Roaming\WBPU-TTL.DAT
2013-10-10 21:22 - 2013-10-10 21:22 - 00012784 _____ C:\Users\Family\Downloads\OTL.7z
2013-10-10 20:52 - 2013-10-10 18:19 - 00117428 _____ C:\Users\Family\Downloads\OTL.txt
2013-10-10 20:30 - 2013-10-10 20:30 - 127231689 _____ (Igor Pavlov) C:\Users\Family\Downloads\OTLPENet.exe
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Users\Family\AppData\Local\avgchrome
2013-10-10 20:27 - 2013-10-17 21:38 - 00000000 ____D C:\ProgramData\eSafe
2013-10-10 20:27 - 2013-10-17 07:29 - 00000306 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-10 20:27 - 2013-10-14 21:32 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-10 20:27 - 2013-10-14 20:59 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-10 20:27 - 2013-10-13 08:04 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-10 20:27 - 2013-10-10 20:27 - 00002644 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-10 20:27 - 2013-10-10 20:27 - 00001078 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\Users\Family\AppData\Roaming\DigitalSite
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\Users\Family\AppData\Local\BonanzaDealsLive
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\ProgramData\Babylon
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-03 09:46 - 2013-10-03 09:46 - 00000000 ___RD C:\Users\Family\AppData\Roaming\Brother
2013-09-26 10:26 - 2013-10-05 08:21 - 00024064 _____ C:\Users\Family\Downloads\08-Sp13-14.xls
2013-09-26 10:26 - 2013-09-28 09:38 - 00025088 _____ C:\Users\Family\Downloads\07-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\13-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\12-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\11-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\10-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00030720 _____ C:\Users\Family\Downloads\14-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00025088 _____ C:\Users\Family\Downloads\09-Sp13-14.xls
2013-09-22 19:31 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-22 19:31 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-22 19:31 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-22 19:31 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-22 19:31 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-22 19:31 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-22 19:31 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-22 19:31 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-22 19:31 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-22 19:31 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-22 19:31 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-22 19:28 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-22 19:28 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-22 19:28 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-22 19:28 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-22 19:28 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-22 19:28 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-22 19:28 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-22 19:28 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-22 19:28 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-22 19:28 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-22 19:28 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-22 19:28 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-22 19:28 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-22 19:28 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-22 19:28 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-22 19:28 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-22 19:28 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-22 19:28 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-22 19:28 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-22 19:28 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-22 19:28 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-22 19:28 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-22 19:28 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-22 19:28 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-22 19:28 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-22 19:28 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-22 19:28 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-22 19:28 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-22 19:28 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-22 19:28 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-22 19:28 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-22 19:28 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-22 19:28 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-22 19:28 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-22 19:28 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-22 19:28 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-22 19:28 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-22 19:28 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-22 19:28 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-22 19:28 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-22 19:28 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-22 19:26 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll

==================== One Month Modified Files and Folders =======

2013-10-18 07:32 - 2013-10-18 07:32 - 00000000 ____D C:\FRST
2013-10-17 22:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-17 21:59 - 2012-09-27 01:38 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-10-17 21:59 - 2012-09-27 01:38 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-10-17 21:59 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-17 21:38 - 2013-10-10 20:27 - 00000000 ____D C:\ProgramData\eSafe
2013-10-17 21:35 - 2013-01-01 16:55 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-17 21:35 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-17 21:00 - 2013-10-17 21:00 - 01954124 _____ (Farbar) C:\Users\Family\Downloads\FRST64.exe
2013-10-17 20:51 - 2013-01-01 21:49 - 00000000 ____D C:\Users\Family\Documents\Ausgaben
2013-10-17 20:49 - 2013-10-10 21:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-17 20:48 - 2013-01-01 16:54 - 00000000 ____D C:\Users\Family\AppData\Local\Deployment
2013-10-17 07:29 - 2013-10-10 20:27 - 00000306 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-17 07:21 - 2013-01-01 16:55 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-16 07:30 - 2013-10-10 21:27 - 00000094 _____ C:\Users\Family\AppData\Roaming\WB.CFG
2013-10-16 07:30 - 2013-10-10 21:27 - 00000006 _____ C:\Users\Family\AppData\Roaming\WBPU-TTL.DAT
2013-10-16 07:29 - 2013-01-01 16:16 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2665461011-2761154639-2427061440-1002
2013-10-14 21:32 - 2013-10-10 20:27 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-14 21:00 - 2013-10-14 20:03 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-14 20:59 - 2013-10-10 20:27 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-14 20:47 - 2013-01-01 16:11 - 00001446 _____ C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-14 20:17 - 2013-01-01 16:10 - 01885156 _____ C:\Windows\WindowsUpdate.log
2013-10-14 20:05 - 2013-10-14 20:05 - 00000000 _____ C:\autoexec.bat
2013-10-14 20:03 - 2013-10-14 20:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-14 19:58 - 2013-10-14 19:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Family\Downloads\SpyHunter-Installer.exe
2013-10-14 15:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-14 15:06 - 2013-10-14 15:06 - 00423696 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 00:24 - 2013-01-01 16:11 - 00000000 ___RD C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-14 00:24 - 2013-01-01 16:11 - 00000000 ___RD C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-13 08:24 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-10-13 08:24 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-13 08:20 - 2013-01-01 17:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-13 08:19 - 2013-07-26 21:31 - 00000000 ____D C:\Windows\system32\MRT
2013-10-13 08:18 - 2013-01-02 00:25 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-13 08:16 - 2013-01-01 16:55 - 00004092 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-13 08:16 - 2013-01-01 16:55 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-13 08:04 - 2013-10-10 20:27 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-13 07:59 - 2012-09-03 12:56 - 00019758 _____ C:\Windows\PFRO.log
2013-10-10 22:03 - 2013-01-01 16:56 - 00002223 _____ C:\Users\Family\Desktop\Google Chrome.lnk
2013-10-10 21:44 - 2013-10-10 21:44 - 00001926 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-10 21:43 - 2013-10-10 21:43 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-10 21:43 - 2013-10-10 21:43 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-10 21:43 - 2013-10-10 21:42 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-10 21:41 - 2013-10-10 21:41 - 131918888 _____ C:\Users\Family\Downloads\avast_free_antivirus_setup.exe
2013-10-10 21:39 - 2013-10-10 21:38 - 05709056 _____ (Systweak Inc                                                ) C:\Users\Family\Downloads\rcpsetup_chip_de_chip_de.exe
2013-10-10 21:22 - 2013-10-10 21:22 - 00012784 _____ C:\Users\Family\Downloads\OTL.7z
2013-10-10 20:30 - 2013-10-10 20:30 - 127231689 _____ (Igor Pavlov) C:\Users\Family\Downloads\OTLPENet.exe
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Users\Family\AppData\Local\avgchrome
2013-10-10 20:27 - 2013-10-10 20:27 - 00002644 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-10 20:27 - 2013-10-10 20:27 - 00001078 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\Users\Family\AppData\Roaming\DigitalSite
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\Users\Family\AppData\Local\BonanzaDealsLive
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\ProgramData\Babylon
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\Program Files (x86)\OpenIt
2013-10-10 20:27 - 2013-10-10 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 18:19 - 2013-10-10 20:52 - 00117428 _____ C:\Users\Family\Downloads\OTL.txt
2013-10-07 10:39 - 2012-07-26 09:21 - 00043118 _____ C:\Windows\setupact.log
2013-10-06 10:13 - 2013-01-01 16:10 - 00000000 ____D C:\Users\Family\AppData\Local\Packages
2013-10-06 10:11 - 2013-02-16 09:01 - 00000000 ____D C:\Users\Family\AppData\Local\CrashDumps
2013-10-05 08:21 - 2013-09-26 10:26 - 00024064 _____ C:\Users\Family\Downloads\08-Sp13-14.xls
2013-10-03 09:46 - 2013-10-03 09:46 - 00000000 ___RD C:\Users\Family\AppData\Roaming\Brother
2013-10-02 03:38 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-28 09:38 - 2013-09-26 10:26 - 00025088 _____ C:\Users\Family\Downloads\07-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\13-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\12-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\11-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\10-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00030720 _____ C:\Users\Family\Downloads\14-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00025088 _____ C:\Users\Family\Downloads\09-Sp13-14.xls
2013-09-23 01:28 - 2013-10-13 08:11 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-13 08:11 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 00:55 - 2013-10-13 08:11 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-13 08:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-13 08:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-13 08:11 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-13 08:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-13 08:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-13 08:11 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-13 08:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-13 08:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-22 19:59 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-22 19:59 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-22 19:59 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-22 19:52 - 2013-01-01 21:49 - 00000000 ____D C:\Users\Family\Documents\UP

Some content of TEMP:
====================
C:\Users\Family\AppData\Local\Temp\AcerCloudDocsSetup.exe
C:\Users\Family\AppData\Local\Temp\AcerCloudSetup.exe
C:\Users\Family\AppData\Local\Temp\AskSLib.dll
C:\Users\Family\AppData\Local\Temp\ose00000.exe
C:\Users\Family\AppData\Local\Temp\ose00002.exe
C:\Users\Family\AppData\Local\Temp\SHSetup.exe
C:\Users\Family\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-14 21:43

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Family at 2013-10-17 22:09:34
Running from C:\Users\Family\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.1925)
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2008)
Acer Backup Manager (x32 Version: 4.0.0.0059)
Acer Device Fast-lane (Version: 1.00.3007)
Acer Instant Update Service (Version: 1.00.3013)
Acer Power Management (Version: 7.00.3006)
Acer Recovery Management (Version: 6.00.3011)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Backup Manager v4 (x32 Version: 4.0.0.0059)
BitGuard (x32)
Broadcom Card Reader Driver Installer (Version: 15.4.7.1)
CDBurnerXP (x32 Version: 4.5.2.4214)
clear.fi Media (x32 Version: 2.01.3108)
clear.fi Photo (x32 Version: 2.01.3108)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819)
Dolby Home Theater v4 (x32 Version: 7.2.8000.13)
Google Chrome (x32 Version: 30.0.1599.69)
Google Update Helper (x32 Version: 1.3.21.165)
Identity Card (x32 Version: 2.00.3004)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Launch Manager (x32 Version: 7.0.5)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
MyWinLocker (Version: 4.0.14.35)
MyWinLocker 4 (x32 Version: 4.0.14.35)
MyWinLocker Suite (x32 Version: 4.0.14.24)
Nokia Connectivity Cable Driver (Version: 7.1.32.69)
NVIDIA Grafiktreiber 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613)
NVIDIA Systemsteuerung 306.97 (Version: 306.97)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Office Addin (x32 Version: 2.01.3200)
Open It! (x32 Version: 1.1.1)
PDF24 Creator 5.2.0 (x32)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.206)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.05)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Skype™ 6.3 (x32 Version: 6.3.105)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition (x32)
Update for Zip Extractor (HKCU)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
Whilokii 1.0.0 (Version: 1.0.0)
Wsys Control 10.2.1.2652 (x32 Version: 10.2.1.2652)

==================== Restore Points  =========================

22-09-2013 17:31:48 Windows Update
10-10-2013 19:43:07 avast! Free Antivirus Setup
14-10-2013 18:03:08 Installed SpyHunter

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1F069D73-D2DA-4AAF-A370-6B1C036D7A3D} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {1FE7FA4A-ABF7-4D64-8A8D-1E835CB50289} - System32\Tasks\DigitalSite => C:\Users\Family\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {272012AA-8409-482F-B24A-7B7E63A22A60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-01] (Google Inc.)
Task: {2F099D74-6915-469A-87C3-2C0054D175E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-01] (Google Inc.)
Task: {3B04812C-632E-440A-9B5B-B3AEF5B353AF} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {67C9DDB9-FED3-426C-A642-0384968350D3} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
Task: {78CB0438-4B3A-41E1-A3B2-0EF44A3673A5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {7A778780-1117-490B-A597-94FAE91ECD29} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {B7FF15ED-EA7E-4BD3-861B-A8B8547E91C3} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {CEDAB060-F54A-42B8-BFD4-65CDCA82D8CE} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {E1B232EC-44E8-4A4C-974B-D2ECB59CF591} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Family\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-09-03 13:50 - 2012-08-08 17:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-17 20:49 - 2013-10-17 14:50 - 02105856 _____ () C:\Program Files\AVAST Software\Avast\defs\13101700\algo.dll
2013-10-10 20:28 - 2013-09-23 13:55 - 02704352 _____ () C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2012-09-26 15:59 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/17/2013 09:12:06 PM) (Source: ESENT) (User: )
Description: DllHost (1956) WebCacheLocal: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1032 auf.

Error: (10/17/2013 09:12:06 PM) (Source: ESENT) (User: )
Description: taskhostex (1980) WebCacheLocal: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1032 auf.

Error: (10/17/2013 09:12:06 PM) (Source: ESENT) (User: )
Description: taskhostex (1980) WebCacheLocal: Die Shadowkopfzeile für Datei C:\Users\Family\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat konnte nicht geschrieben werden. Fehler -1032.

Error: (10/17/2013 09:12:06 PM) (Source: ESENT) (User: )
Description: DllHost (1956) WebCacheLocal: Versuch, Datei "C:\Users\Family\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (10/17/2013 09:12:06 PM) (Source: ESENT) (User: )
Description: taskhostex (1980) WebCacheLocal: Versuch, Datei "C:\Users\Family\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (10/17/2013 09:07:20 PM) (Source: ESENT) (User: )
Description: DllHost (1964) WebCacheLocal: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.

Error: (10/17/2013 09:07:20 PM) (Source: ESENT) (User: )
Description: DllHost (1964) WebCacheLocal: Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\Users\Family\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.

Error: (10/17/2013 09:07:20 PM) (Source: ESENT) (User: )
Description: DllHost (1964) WebCacheLocal: Versuch, Datei "C:\Users\Family\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (10/17/2013 08:47:55 PM) (Source: ESENT) (User: )
Description: taskhostex (2036) WebCacheLocal: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1032 auf.

Error: (10/17/2013 08:47:55 PM) (Source: ESENT) (User: )
Description: taskhostex (2036) WebCacheLocal: Versuch, Datei "C:\Users\Family\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.


System errors:
=============
Error: (10/17/2013 09:35:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.

Error: (10/17/2013 09:34:46 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (10/17/2013 09:28:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.

Error: (10/17/2013 09:27:13 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (10/17/2013 09:23:57 PM) (Source: DCOM) (User: Chef)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ChefFamilyS-1-5-21-2665461011-2761154639-2427061440-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/17/2013 09:23:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.

Error: (10/17/2013 09:22:16 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (10/17/2013 09:12:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.

Error: (10/17/2013 09:11:32 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (10/17/2013 09:08:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 8007.27 MB
Available physical RAM: 6650.01 MB
Total Pagefile: 9223.27 MB
Available Pagefile: 7822.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:680.19 GB) (Free:635.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: A139FDE5)

Partition: GPT Partition Type
==================== End Of Log ============================
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.17.07

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
Family :: CHEF [Administrator]

17.10.2013 22:20:06
mbam-log-2013-10-17 (22-20-06).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 222909
Laufzeit: 2 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 3
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (PUP.Optional.PerformerSoft.A) -> 2624 -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (PUP.Optional.PerformerSoft.A) -> 3092 -> Löschen bei Neustart.
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Esafe.A) -> 1684 -> Löschen bei Neustart.

Infizierte Speichermodule: 1
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll (PUP.Optional.Protector) -> Löschen bei Neustart.

Infizierte Registrierungsschlüssel: 21
HKLM\SYSTEM\CurrentControlSet\Services\BitGuard (PUP.Optional.PerformerSoft.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{204df522-9a96-4a72-abb0-60f7a216d6d2} (Adware.Whilokii) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{8B0295E2-967E-439E-9560-807D9F625B57} (Adware.Whilokii) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1} (Adware.Whilokii) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{204DF522-9A96-4A72-ABB0-60F7A216D6D2} (Adware.Whilokii) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DigitalSite (PUP.Optional.DigitalSite.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc (PUP.Optional.Esafe.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl (PUP.Optional.Esafe.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\qvo6Software (PUP.Optional.qvo6.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo (PUP.Optional.Elex.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Daten: hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=F0841A94235FA167&affID=125035&tsp=5031 -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Daten: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 2O1R1G2Z1F1G1M -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\BitGuard|ImagePath (PUP.Optional.BitGuard.A) -> Daten: C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\WsysSvc|ImagePath (PUP.Optional.Esafe.A) -> Daten: C:\ProgramData\eSafe\eGdpSvc.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Protector) -> Bösartig: (c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll) Gut: () -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage.A) -> Bösartig: (hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=F0841A94235FA167&affID=125035&tsp=5031) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 15
C:\Users\Family\AppData\Roaming\DigitalSite\UpdateProc (PUP.Optional.DigitalSite.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BitGuard\2.6.1694.246 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\Users\Family\AppData\Local\Temp\mt_ffx\searchgol (PUP.Optional.SearchGolTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\mt_ffx\searchgol\searchgol (PUP.Optional.SearchGolTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\mt_ffx\searchgol\searchgol\1.8.16.19 (PUP.Optional.SearchGolTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BonanzaDealsLive\Update (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\BonanzaDealsLive\Update\Log (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\BonanzaDealsLive (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\BonanzaDealsLive\CrashReports (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 41
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (PUP.Optional.PerformerSoft.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll (PUP.Optional.Protector) -> Löschen bei Neustart.
C:\Program Files (x86)\Whilokii\WhilokiiBHO.dll (Adware.Whilokii) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$Recycle.Bin\S-1-5-21-2665461011-2761154639-2427061440-1002\$R6EMXI3.exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\$Recycle.Bin\S-1-5-21-2665461011-2761154639-2427061440-1002\$R7YVH5D.exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\B9F27641-BAB0-7891-803D-F2B4129CCD88\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\B9F27641-BAB0-7891-803D-F2B4129CCD88\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\B9F27641-BAB0-7891-803D-F2B4129CCD88\Latest\ccp.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\B9F27641-BAB0-7891-803D-F2B4129CCD88\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\B9F27641-BAB0-7891-803D-F2B4129CCD88\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\B9F27641-BAB0-7891-803D-F2B4129CCD88\Latest\MySgolTB.exe (PUP.Optional.SearchGolTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\B9F27641-BAB0-7891-803D-F2B4129CCD88\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\eIntaller\A2AF12536C18485bBAB87513F4E49EB2\eXQ.exe (PUP.Optional.Elex) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\is1590112554\2158594_stp\SearchGol.exe (PUP.Optional.PCFixSpeed.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\is1590112554\2158600_stp\cor_ar_qvo6.exe (PUP.Optional.Elex) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Local\Temp\is1590112554\2158722_stp\bd.exe (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\Downloads\cdbxp_setup_4.5.2.4214_minimal.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\Downloads\rcpsetup_chip_de_chip_de.exe (PUP.Optional.RegCleanerPro) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Roaming\DigitalSite\UpdateProc\config.dat (PUP.Optional.DigitalSite.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Roaming\DigitalSite\UpdateProc\prod.dat (PUP.Optional.DigitalSite.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Roaming\DigitalSite\UpdateProc\STTL.DAT (PUP.Optional.DigitalSite.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Roaming\DigitalSite\UpdateProc\TTL.DAT (PUP.Optional.DigitalSite.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Family\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe (PUP.Optional.DigitalSite.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\eSafe\eGdpSvc.exe (PUP.Optional.Esafe.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart.
C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log (PUP.Optional.BonanzaDeals.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Code:
# AdwCleaner v3.008 - Bericht erstellt am 17/10/2013 um 22:39:35
# Updated 17/10/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Family - CHEF
# Gestartet von : C:\Users\Family\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDeals
Ordner Gelöscht : C:\Program Files (x86)\openit
Ordner Gelöscht : C:\Users\Family\AppData\Local\Temp\eIntaller
Ordner Gelöscht : C:\Users\Family\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Datei Gelöscht : C:\Users\Public\Desktop\Open It!.lnk
Datei Gelöscht : C:\Windows\System32\Tasks\BitGuard
Datei Gelöscht : C:\Windows\Tasks\digitalsite.job
Datei Gelöscht : C:\Windows\System32\Tasks\digitalsite

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKCU\Software\d6d6dde135ef13
Schlüssel Gelöscht : HKLM\SOFTWARE\d6d6dde135ef13
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\eSafeSecControl
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Google Chrome v30.0.1599.69

[ Datei : C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage

*************************

AdwCleaner[R0].txt - [2894 octets] - [17/10/2013 22:38:30]
AdwCleaner[S0].txt - [2469 octets] - [17/10/2013 22:39:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2529 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 8 x64
Ran by Family on 17.10.2013 at 22:54:20,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] update whilokii
Successfully deleted: [Service] update whilokii



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2665461011-2761154639-2427061440-1002\Software\SweetIM



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Program Files (x86)\whilokii"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!"



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Family\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.10.2013 at 22:58:31,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

jenso1608 17.10.2013 22:34
Und das ist die letzte FRST Logfile:

Bisher habe ich keine Anzeichen mehr!


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Family (administrator) on CHEF on 17-10-2013 23:31:20
Running from C:\Users\Family\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Whilokii) C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-10-17] (AVAST Software)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-08-21] (Acer Incorporated)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {AF2E6D89-D3E4-4157-B44C-21D7E809C768} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AF2E6D89-D3E4-4157-B44C-21D7E809C768} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {AF2E6D89-D3E4-4157-B44C-21D7E809C768} URL =
SearchScopes: HKCU - {AF2E6D89-D3E4-4157-B44C-21D7E809C768} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\m05l4hq1.default
FF Homepage: hxxp://de.yahoo.com/
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-17] (AVAST Software)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-26] (Dritek System INC.)
R2 Util Whilokii; C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe [65304 2013-10-13] (Whilokii)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-17] ()
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-26] (Dritek System Inc.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-18 07:32 - 2013-10-18 07:32 - 00000000 ____D C:\FRST
2013-10-17 23:09 - 2013-10-17 23:09 - 00001232 _____ C:\Users\Family\Desktop\Revo Uninstaller.lnk
2013-10-17 23:09 - 2013-10-17 23:09 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-10-17 23:05 - 2013-10-17 23:06 - 00000000 ____D C:\Users\Family\AppData\Roaming\Mozilla
2013-10-17 23:05 - 2013-10-17 23:05 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-17 23:05 - 2013-10-17 23:05 - 00000000 ____D C:\Users\Family\AppData\Local\Mozilla
2013-10-17 23:05 - 2013-10-17 23:05 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-17 23:05 - 2013-10-17 23:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-17 23:04 - 2013-10-17 23:04 - 00281896 _____ (Mozilla) C:\Users\Family\Downloads\Firefox Setup Stub 24.0.exe
2013-10-17 23:03 - 2013-10-17 23:03 - 00163792 _____ C:\Users\Family\Documents\bookmarks_17.10.13.html
2013-10-17 22:58 - 2013-10-17 22:58 - 00001572 _____ C:\Users\Family\Downloads\JRT.txt
2013-10-17 22:54 - 2013-10-17 22:54 - 00000000 ____D C:\Windows\ERUNT
2013-10-17 22:51 - 2013-10-17 22:51 - 00000000 ____D C:\Users\Family\AppData\Roaming\AVAST Software
2013-10-17 22:45 - 2013-10-17 22:45 - 01033335 _____ (Thisisu) C:\Users\Family\Downloads\JRT.exe
2013-10-17 22:44 - 2013-10-17 22:44 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Family\Downloads\revosetup95.exe
2013-10-17 22:41 - 2013-10-17 22:41 - 00002617 _____ C:\Users\Family\Downloads\AdwCleaner[S0].txt
2013-10-17 22:37 - 2013-10-17 22:39 - 00000000 ____D C:\AdwCleaner
2013-10-17 22:31 - 2013-10-17 22:31 - 01050644 _____ C:\Users\Family\Downloads\adwcleaner.exe
2013-10-17 22:17 - 2013-10-17 22:17 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-17 22:17 - 2013-10-17 22:17 - 00000000 ____D C:\Users\Family\AppData\Roaming\Malwarebytes
2013-10-17 22:17 - 2013-10-17 22:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-17 22:17 - 2013-10-17 22:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-17 22:17 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-17 22:15 - 2013-10-17 22:15 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Family\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-17 22:09 - 2013-10-17 22:09 - 00017087 _____ C:\Users\Family\Downloads\Addition.txt
2013-10-17 21:00 - 2013-10-17 21:00 - 01954124 _____ (Farbar) C:\Users\Family\Downloads\FRST64.exe
2013-10-14 21:00 - 2012-08-30 13:37 - 02213776 _____ (ELAN Microelectronics Corp.) C:\Windows\ETDUninst.dll
2013-10-14 20:05 - 2013-10-14 20:05 - 00000000 _____ C:\autoexec.bat
2013-10-14 20:03 - 2013-10-14 21:00 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-14 20:03 - 2013-10-14 20:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-14 15:06 - 2013-10-14 15:06 - 00423696 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-13 08:12 - 2013-08-29 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2013-10-13 08:12 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-13 08:12 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-13 08:11 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-13 08:11 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-13 08:11 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-13 08:11 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-13 08:11 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-13 08:11 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-13 08:11 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-13 08:11 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-13 08:11 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-13 08:11 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-13 08:11 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-13 08:11 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-13 08:10 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-13 08:10 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-13 08:10 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-13 08:10 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-13 08:10 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-13 08:10 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-13 08:10 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-13 08:09 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-13 08:09 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 08:09 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 08:09 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-13 08:09 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-13 08:09 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-13 08:09 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-13 08:09 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-13 08:09 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-13 08:09 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-13 08:09 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-13 08:09 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-13 08:09 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-13 08:09 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-13 08:09 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-13 08:09 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-13 08:08 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-10-13 08:08 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-10-13 08:08 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-10-13 08:08 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-10-13 08:08 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-10-13 08:08 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-10-13 08:08 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-10-13 08:08 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-10-13 08:08 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-10-13 08:08 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-13 08:08 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-10-13 08:08 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-13 08:08 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-13 08:08 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-13 08:08 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-10-13 08:08 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-13 08:08 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-13 08:08 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-13 08:08 - 2013-07-31 01:30 - 00386923 _____ C:\Windows\system32\ApnDatabase.xml
2013-10-13 08:08 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-13 08:08 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-10-13 08:08 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-10-13 08:08 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-10-10 21:44 - 2013-10-17 22:49 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-10 21:44 - 2013-10-17 22:49 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-10 21:44 - 2013-10-17 22:49 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-10 21:44 - 2013-10-17 22:49 - 00001970 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-10 21:43 - 2013-10-17 22:49 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-10 21:43 - 2013-10-17 22:49 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-10 21:43 - 2013-10-17 22:49 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-10 21:43 - 2013-10-17 22:49 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-10 21:43 - 2013-10-17 22:49 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-10 21:43 - 2013-10-17 22:49 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-10 21:43 - 2013-10-17 22:49 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-10 21:43 - 2013-10-17 22:47 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-10 21:43 - 2013-10-10 21:43 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-10 21:42 - 2013-10-17 22:48 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-10 21:41 - 2013-10-10 21:41 - 131918888 _____ C:\Users\Family\Downloads\avast_free_antivirus_setup.exe
2013-10-10 21:27 - 2013-10-16 07:30 - 00000094 _____ C:\Users\Family\AppData\Roaming\WB.CFG
2013-10-10 21:27 - 2013-10-16 07:30 - 00000006 _____ C:\Users\Family\AppData\Roaming\WBPU-TTL.DAT
2013-10-10 21:22 - 2013-10-10 21:22 - 00012784 _____ C:\Users\Family\Downloads\OTL.7z
2013-10-10 20:52 - 2013-10-10 18:19 - 00117428 _____ C:\Users\Family\Downloads\OTL.txt
2013-10-10 20:30 - 2013-10-10 20:30 - 127231689 _____ (Igor Pavlov) C:\Users\Family\Downloads\OTLPENet.exe
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Users\Family\AppData\Local\avgchrome
2013-10-10 20:27 - 2013-10-17 23:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-10 20:27 - 2013-10-17 22:55 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-03 09:46 - 2013-10-03 09:46 - 00000000 ___RD C:\Users\Family\AppData\Roaming\Brother
2013-09-26 10:26 - 2013-10-05 08:21 - 00024064 _____ C:\Users\Family\Downloads\08-Sp13-14.xls
2013-09-26 10:26 - 2013-09-28 09:38 - 00025088 _____ C:\Users\Family\Downloads\07-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\13-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\12-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\11-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\10-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00030720 _____ C:\Users\Family\Downloads\14-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00025088 _____ C:\Users\Family\Downloads\09-Sp13-14.xls
2013-09-22 19:31 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-22 19:31 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-22 19:31 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-22 19:31 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-22 19:31 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-22 19:31 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-22 19:31 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-22 19:31 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-22 19:31 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-22 19:31 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-22 19:31 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-22 19:31 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-22 19:31 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-22 19:28 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-22 19:28 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-22 19:28 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-22 19:28 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-22 19:28 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-22 19:28 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-22 19:28 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-22 19:28 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-22 19:28 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-22 19:28 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-22 19:28 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-22 19:28 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-22 19:28 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-22 19:28 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-22 19:28 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-22 19:28 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-22 19:28 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-22 19:28 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-22 19:28 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-22 19:28 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-22 19:28 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-22 19:28 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-22 19:28 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-22 19:28 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-22 19:28 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-22 19:28 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-22 19:28 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-22 19:28 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-22 19:28 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-22 19:28 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-22 19:28 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-22 19:28 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-22 19:28 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-22 19:28 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-22 19:28 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-22 19:28 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-22 19:28 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-22 19:28 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-22 19:28 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-22 19:28 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-22 19:28 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-22 19:26 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll

==================== One Month Modified Files and Folders =======

2013-10-18 07:32 - 2013-10-18 07:32 - 00000000 ____D C:\FRST
2013-10-17 23:19 - 2013-01-01 16:16 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2665461011-2761154639-2427061440-1002
2013-10-17 23:14 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-17 23:10 - 2013-01-01 16:55 - 00000000 ____D C:\Users\Family\AppData\Local\Google
2013-10-17 23:10 - 2013-01-01 16:55 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-17 23:09 - 2013-10-17 23:09 - 00001232 _____ C:\Users\Family\Desktop\Revo Uninstaller.lnk
2013-10-17 23:09 - 2013-10-17 23:09 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-10-17 23:06 - 2013-10-17 23:05 - 00000000 ____D C:\Users\Family\AppData\Roaming\Mozilla
2013-10-17 23:05 - 2013-10-17 23:05 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-17 23:05 - 2013-10-17 23:05 - 00000000 ____D C:\Users\Family\AppData\Local\Mozilla
2013-10-17 23:05 - 2013-10-17 23:05 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-17 23:05 - 2013-10-17 23:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-17 23:05 - 2013-10-10 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-17 23:04 - 2013-10-17 23:04 - 00281896 _____ (Mozilla) C:\Users\Family\Downloads\Firefox Setup Stub 24.0.exe
2013-10-17 23:03 - 2013-10-17 23:03 - 00163792 _____ C:\Users\Family\Documents\bookmarks_17.10.13.html
2013-10-17 22:58 - 2013-10-17 22:58 - 00001572 _____ C:\Users\Family\Downloads\JRT.txt
2013-10-17 22:55 - 2013-10-10 20:27 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-17 22:54 - 2013-10-17 22:54 - 00000000 ____D C:\Windows\ERUNT
2013-10-17 22:51 - 2013-10-17 22:51 - 00000000 ____D C:\Users\Family\AppData\Roaming\AVAST Software
2013-10-17 22:50 - 2012-09-03 12:56 - 00071018 _____ C:\Windows\PFRO.log
2013-10-17 22:49 - 2013-10-10 21:44 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-17 22:49 - 2013-10-10 21:44 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-17 22:49 - 2013-10-10 21:44 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-17 22:49 - 2013-10-10 21:44 - 00001970 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-17 22:49 - 2013-10-10 21:43 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-17 22:49 - 2013-10-10 21:43 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-17 22:49 - 2013-10-10 21:43 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-17 22:49 - 2013-10-10 21:43 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-17 22:49 - 2013-10-10 21:43 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-17 22:49 - 2013-10-10 21:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-17 22:49 - 2013-10-10 21:43 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-17 22:48 - 2013-10-10 21:42 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-17 22:47 - 2013-10-10 21:43 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-17 22:45 - 2013-10-17 22:45 - 01033335 _____ (Thisisu) C:\Users\Family\Downloads\JRT.exe
2013-10-17 22:44 - 2013-10-17 22:44 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Family\Downloads\revosetup95.exe
2013-10-17 22:41 - 2013-10-17 22:41 - 00002617 _____ C:\Users\Family\Downloads\AdwCleaner[S0].txt
2013-10-17 22:39 - 2013-10-17 22:37 - 00000000 ____D C:\AdwCleaner
2013-10-17 22:31 - 2013-10-17 22:31 - 01050644 _____ C:\Users\Family\Downloads\adwcleaner.exe
2013-10-17 22:17 - 2013-10-17 22:17 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-17 22:17 - 2013-10-17 22:17 - 00000000 ____D C:\Users\Family\AppData\Roaming\Malwarebytes
2013-10-17 22:17 - 2013-10-17 22:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-17 22:17 - 2013-10-17 22:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-17 22:15 - 2013-10-17 22:15 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Family\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-17 22:09 - 2013-10-17 22:09 - 00017087 _____ C:\Users\Family\Downloads\Addition.txt
2013-10-17 22:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-17 21:59 - 2012-09-27 01:38 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-10-17 21:59 - 2012-09-27 01:38 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-10-17 21:59 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-17 21:00 - 2013-10-17 21:00 - 01954124 _____ (Farbar) C:\Users\Family\Downloads\FRST64.exe
2013-10-17 20:51 - 2013-01-01 21:49 - 00000000 ____D C:\Users\Family\Documents\Ausgaben
2013-10-17 20:48 - 2013-01-01 16:54 - 00000000 ____D C:\Users\Family\AppData\Local\Deployment
2013-10-16 07:30 - 2013-10-10 21:27 - 00000094 _____ C:\Users\Family\AppData\Roaming\WB.CFG
2013-10-16 07:30 - 2013-10-10 21:27 - 00000006 _____ C:\Users\Family\AppData\Roaming\WBPU-TTL.DAT
2013-10-14 21:00 - 2013-10-14 20:03 - 00000000 ____D C:\Windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-14 20:47 - 2013-01-01 16:11 - 00001446 _____ C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-14 20:17 - 2013-01-01 16:10 - 01885156 _____ C:\Windows\WindowsUpdate.log
2013-10-14 20:05 - 2013-10-14 20:05 - 00000000 _____ C:\autoexec.bat
2013-10-14 20:03 - 2013-10-14 20:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-10-14 15:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-14 15:06 - 2013-10-14 15:06 - 00423696 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 00:24 - 2013-01-01 16:11 - 00000000 ___RD C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-14 00:24 - 2013-01-01 16:11 - 00000000 ___RD C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-13 08:24 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-10-13 08:24 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-13 08:20 - 2013-01-01 17:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-13 08:19 - 2013-07-26 21:31 - 00000000 ____D C:\Windows\system32\MRT
2013-10-13 08:18 - 2013-01-02 00:25 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 21:43 - 2013-10-10 21:43 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-10 21:41 - 2013-10-10 21:41 - 131918888 _____ C:\Users\Family\Downloads\avast_free_antivirus_setup.exe
2013-10-10 21:22 - 2013-10-10 21:22 - 00012784 _____ C:\Users\Family\Downloads\OTL.7z
2013-10-10 20:30 - 2013-10-10 20:30 - 127231689 _____ (Igor Pavlov) C:\Users\Family\Downloads\OTLPENet.exe
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-10 20:28 - 2013-10-10 20:28 - 00000000 ____D C:\Users\Family\AppData\Local\avgchrome
2013-10-10 18:19 - 2013-10-10 20:52 - 00117428 _____ C:\Users\Family\Downloads\OTL.txt
2013-10-07 10:39 - 2012-07-26 09:21 - 00043118 _____ C:\Windows\setupact.log
2013-10-06 10:13 - 2013-01-01 16:10 - 00000000 ____D C:\Users\Family\AppData\Local\Packages
2013-10-06 10:11 - 2013-02-16 09:01 - 00000000 ____D C:\Users\Family\AppData\Local\CrashDumps
2013-10-05 08:21 - 2013-09-26 10:26 - 00024064 _____ C:\Users\Family\Downloads\08-Sp13-14.xls
2013-10-03 09:46 - 2013-10-03 09:46 - 00000000 ___RD C:\Users\Family\AppData\Roaming\Brother
2013-10-02 03:38 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-28 09:38 - 2013-09-26 10:26 - 00025088 _____ C:\Users\Family\Downloads\07-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\13-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\12-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\11-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00031232 _____ C:\Users\Family\Downloads\10-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00030720 _____ C:\Users\Family\Downloads\14-Sp13-14.xls
2013-09-26 10:26 - 2013-09-26 10:26 - 00025088 _____ C:\Users\Family\Downloads\09-Sp13-14.xls
2013-09-23 01:28 - 2013-10-13 08:11 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-13 08:11 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 01:27 - 2013-10-13 08:11 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 00:55 - 2013-10-13 08:11 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-13 08:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-13 08:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-13 08:11 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-13 08:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-13 08:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-13 08:11 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-23 00:54 - 2013-10-13 08:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-13 08:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-22 19:59 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-22 19:59 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-22 19:59 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-22 19:52 - 2013-01-01 21:49 - 00000000 ____D C:\Users\Family\Documents\UP

Some content of TEMP:
====================
C:\Users\Family\AppData\Local\Temp\AcerCloudDocsSetup.exe
C:\Users\Family\AppData\Local\Temp\AcerCloudSetup.exe
C:\Users\Family\AppData\Local\Temp\AskSLib.dll
C:\Users\Family\AppData\Local\Temp\ose00000.exe
C:\Users\Family\AppData\Local\Temp\ose00002.exe
C:\Users\Family\AppData\Local\Temp\Quarantine.exe
C:\Users\Family\AppData\Local\Temp\SHSetup.exe
C:\Users\Family\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-14 21:43

==================== End Of Log ============================
--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:32 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131