Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 8: Trojaner (https://www.trojaner-board.de/144702-windows-8-trojaner.html)

cosinus 27.11.2013 12:48
Diesen Mist wollen wir hier bitte nicht sehen :plol:

Finger weg von Cracks, Keygens und anderen illegalen Dingen. Siehe http://www.trojaner-board.de/95394-c...-software.html

Lösch den Mist bitte. Was ist mit MBAM?

Humberto 05.12.2013 12:00
achja hatte ich vergessen zu posten,
der erste ist mit externer festplatte vom 25.11 und der zweite ohne von heute.

Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.25.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16736
Liz :: HUMBERTO [Administrator]

25.11.2013 18:12:15
mbam-log-2013-11-25 (18-12-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 261409
Laufzeit: 5 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 9
C:\$Recycle.Bin\S-1-5-21-3686124292-570556794-449095975-1002\$R9J6MRR.exe (PUP.BundleInstaller.DW) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\33440_updater.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Liz\Downloads\DTLite4461-0327.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Liz\Downloads\DTLite4471-0333.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Liz\Downloads\hdplugin_firefox.exe (PUP.BundleInstaller.DW) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Liz\Downloads\SoftonicDownloader_for_dmg-extractor.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Liz\Downloads\SoftonicDownloader_fuer_nikon-capture-nx.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Liz\Downloads\SoftonicDownloader_fuer_pixillion.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Liz\Downloads\SoftonicDownloader_fuer_spesoft-image-converter.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.05.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16736
Liz :: HUMBERTO [Administrator]

05.12.2013 11:52:13
mbam-log-2013-12-05 (11-52-13).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 262862
Laufzeit: 4 Minute(n), 35 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

und spiel is weg ;)

cosinus 05.12.2013 13:51
Frisches FRST Log bitte. FRST neu runterladen, starten, Haken bei additions.txt setzen und auf Scan klicken. Beide Logs in CODE-Tags posten.

Humberto 05.12.2013 14:26

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-12-2013
Ran by Liz (administrator) on HUMBERTO on 05-12-2013 14:24:39
Running from C:\Users\Liz\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Liz\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Liz\AppData\Local\Akamai\netsession_win.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-07-31] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-12-01] (Electronic Arts)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Liz\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2009-05-26] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [619008 2010-05-25] (Nikon Corporation)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845392 2012-07-20] (Acer Incorporated)
Startup: C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Liz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {45EE1CAB-3DC8-425D-87FE-B8909E6D470E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {45EE1CAB-3DC8-425D-87FE-B8909E6D470E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {45EE1CAB-3DC8-425D-87FE-B8909E6D470E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {45EE1CAB-3DC8-425D-87FE-B8909E6D470E} URL =
SearchScopes: HKCU - {45EE1CAB-3DC8-425D-87FE-B8909E6D470E} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Liz\AppData\Roaming\Mozilla\Firefox\Profiles\sr73dd2h.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_32 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (ArchiCAD) - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
CHR Extension: (Google Docs) - C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Plus-HD-2.6) - C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl\1.25.153_0
CHR Extension: (Google Wallet) - C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-19] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-06-10] ()
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-09-27] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-06-10] ()
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-19] (Dritek System Inc.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-05 14:17 - 2013-12-05 14:22 - 01959766 _____ (Farbar) C:\Users\Liz\Downloads\FRST64.exe
2013-12-02 21:41 - 2013-12-02 21:41 - 00002304 _____ C:\Users\Public\Desktop\Die Sims™ 3 Erstelle eine Welt-Tool - Beta.lnk
2013-12-02 21:32 - 2013-12-02 21:40 - 179881574 _____ (Acresso Software Inc.) C:\Users\Liz\Downloads\worldtool (2).exe
2013-12-02 19:41 - 2013-12-02 19:41 - 00000000 ____D C:\Users\Liz\AppData\Local\Oculus
2013-12-02 18:04 - 2013-12-02 18:04 - 00000000 __RHD C:\Users\Liz\AppData\Roaming\SecuROM
2013-12-02 18:03 - 2013-12-02 18:03 - 00002230 _____ C:\Users\Public\Desktop\Die Sims™ 3 Inselparadies.lnk
2013-12-01 21:14 - 2013-12-01 22:12 - 179881574 _____ (Acresso Software Inc.) C:\Users\Liz\Downloads\worldtool (1).exe
2013-11-29 18:31 - 2013-11-29 18:31 - 00000795 _____ C:\Users\Liz\Desktop\123.lnk
2013-11-25 18:21 - 2013-11-25 18:21 - 02347384 _____ (ESET) C:\Users\Liz\Downloads\esetsmartinstaller_enu.exe
2013-11-25 18:09 - 2013-11-25 18:09 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-25 18:09 - 2013-11-25 18:09 - 00000000 ____D C:\Users\Liz\AppData\Roaming\Malwarebytes
2013-11-25 18:09 - 2013-11-25 18:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-25 18:09 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-25 18:08 - 2013-11-25 18:08 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Liz\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-25 18:03 - 2013-11-25 18:06 - 00000000 ____D C:\Users\Liz\Desktop\mbar
2013-11-19 18:41 - 2013-11-19 18:41 - 00000339 _____ C:\Users\Liz\Desktop\Fixlist.txt
2013-11-18 19:16 - 2013-12-05 14:25 - 00015440 _____ C:\Users\Liz\Downloads\FRST.txt
2013-11-18 18:10 - 2013-11-18 18:10 - 00000806 _____ C:\Users\Liz\Desktop\JRT.txt
2013-11-18 18:05 - 2013-11-18 18:05 - 01034531 _____ (Thisisu) C:\Users\Liz\Downloads\JRT.exe
2013-11-18 18:05 - 2013-11-18 18:05 - 00000000 ____D C:\Windows\ERUNT
2013-11-18 18:02 - 2013-11-18 18:02 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-11-18 17:59 - 2013-11-18 18:01 - 00000000 ____D C:\AdwCleaner
2013-11-18 17:57 - 2013-11-18 17:58 - 01085542 _____ C:\Users\Liz\Downloads\adwcleaner.exe
2013-11-17 22:28 - 2013-11-17 23:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-17 22:28 - 2013-11-17 22:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-17 22:26 - 2013-11-25 18:06 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-17 22:24 - 2013-11-17 22:24 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Liz\Downloads\mbar-1.07.0.1007.exe
2013-11-17 20:11 - 2013-11-17 20:12 - 00227096 _____ C:\Users\Liz\Downloads\avira_registry_cleaner_de.exe
2013-11-16 23:34 - 2013-11-16 23:34 - 00377856 _____ C:\Users\Liz\Downloads\gmer_2.1.19163.exe
2013-11-16 23:32 - 2013-12-05 11:57 - 00000000 ____D C:\Users\Liz\Desktop\Neuer Ordner
2013-11-16 23:29 - 2013-11-16 23:29 - 00000000 ____D C:\FRST
2013-11-16 23:23 - 2013-11-16 23:24 - 00000468 _____ C:\Users\Liz\Downloads\defogger_disable.log
2013-11-16 23:23 - 2013-11-16 23:23 - 00000168 _____ C:\Users\Liz\defogger_reenable
2013-11-16 23:22 - 2013-11-16 23:22 - 00050477 _____ C:\Users\Liz\Downloads\Defogger.exe
2013-11-15 20:29 - 2013-11-15 20:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 19:39 - 2013-11-15 19:39 - 126764512 _____ C:\Users\Liz\Downloads\avira_free1401_antivirus_de.exe
2013-11-15 19:16 - 2013-11-15 19:17 - 02209056 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-14 18:40 - 2013-11-05 23:58 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 18:40 - 2013-11-05 23:58 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-13 09:30 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 09:30 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 09:30 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 09:30 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 09:30 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 09:30 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 09:30 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 09:30 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 09:30 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 09:30 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 09:30 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 09:30 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 09:30 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 09:30 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 09:30 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 09:30 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 09:30 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 09:30 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-11-13 09:30 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 09:30 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-11-13 09:30 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 09:30 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 09:30 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 09:30 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 09:30 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 09:30 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 09:30 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-11-13 09:30 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-11-13 09:30 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-11-13 09:30 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-11-13 09:30 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-11-13 09:30 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-11-13 09:30 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-11-13 09:30 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-11-13 09:30 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-11-13 09:30 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-11-13 09:30 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-11-13 09:30 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-11-13 09:30 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-11-13 09:30 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-11-13 09:30 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-11-13 09:30 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 09:30 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-11-13 09:30 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-11-13 09:30 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2013-11-13 09:30 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-13 09:30 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-13 09:30 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-11-13 09:30 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-11-13 09:30 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-11-13 09:30 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-11-13 09:30 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-11-13 09:30 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-11-13 09:30 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-11-13 09:30 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2013-11-13 09:29 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 09:29 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

==================== One Month Modified Files and Folders =======

2013-12-05 14:25 - 2013-11-18 19:16 - 00015440 _____ C:\Users\Liz\Downloads\FRST.txt
2013-12-05 14:22 - 2013-12-05 14:17 - 01959766 _____ (Farbar) C:\Users\Liz\Downloads\FRST64.exe
2013-12-05 14:15 - 2012-08-03 03:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-05 14:13 - 2013-05-12 15:36 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-05 14:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-12-05 13:48 - 2013-05-22 02:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-05 12:43 - 2013-04-07 18:55 - 00000000 ____D C:\Users\Liz\AppData\Local\Akamai
2013-12-05 12:37 - 2013-03-31 00:09 - 01139981 _____ C:\Windows\WindowsUpdate.log
2013-12-05 11:57 - 2013-11-16 23:32 - 00000000 ____D C:\Users\Liz\Desktop\Neuer Ordner
2013-12-05 11:57 - 2012-08-19 14:00 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-12-05 11:57 - 2012-08-19 14:00 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-12-05 11:57 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-05 11:56 - 2012-07-26 08:21 - 00038485 _____ C:\Windows\setupact.log
2013-12-05 11:37 - 2013-05-12 15:36 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-05 11:37 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-05 02:45 - 2012-07-26 06:26 - 01048576 ___SH C:\Windows\system32\config\BBI
2013-12-02 22:43 - 2013-04-08 08:40 - 00000000 ____D C:\Users\Liz\AppData\Local\CrashDumps
2013-12-02 21:41 - 2013-12-02 21:41 - 00002304 _____ C:\Users\Public\Desktop\Die Sims™ 3 Erstelle eine Welt-Tool - Beta.lnk
2013-12-02 21:40 - 2013-12-02 21:32 - 179881574 _____ (Acresso Software Inc.) C:\Users\Liz\Downloads\worldtool (2).exe
2013-12-02 21:40 - 2013-04-05 20:25 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-12-02 19:41 - 2013-12-02 19:41 - 00000000 ____D C:\Users\Liz\AppData\Local\Oculus
2013-12-02 18:52 - 2013-03-31 10:19 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3686124292-570556794-449095975-1002
2013-12-02 18:04 - 2013-12-02 18:04 - 00000000 __RHD C:\Users\Liz\AppData\Roaming\SecuROM
2013-12-02 18:03 - 2013-12-02 18:03 - 00002230 _____ C:\Users\Public\Desktop\Die Sims™ 3 Inselparadies.lnk
2013-12-02 17:49 - 2013-01-01 19:09 - 00000000 ____D C:\Users\Liz\Documents\Electronic Arts
2013-12-02 17:42 - 2013-03-31 13:47 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-12-02 17:15 - 2013-03-31 13:46 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-01 22:12 - 2013-12-01 21:14 - 179881574 _____ (Acresso Software Inc.) C:\Users\Liz\Downloads\worldtool (1).exe
2013-12-01 21:31 - 2013-03-31 13:46 - 00000000 ____D C:\ProgramData\Origin
2013-12-01 20:49 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-11-30 00:16 - 2013-04-29 22:33 - 00000000 ____D C:\Users\Liz\AppData\Roaming\vlc
2013-11-29 18:31 - 2013-11-29 18:31 - 00000795 _____ C:\Users\Liz\Desktop\123.lnk
2013-11-28 02:08 - 2013-05-12 15:36 - 00004094 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-28 02:08 - 2013-05-12 15:36 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-27 01:56 - 2012-12-29 00:35 - 00000000 ____D C:\Users\Liz\AppData\Local\Packages
2013-11-26 17:37 - 2012-08-03 03:21 - 00123614 _____ C:\Windows\PFRO.log
2013-11-25 18:21 - 2013-11-25 18:21 - 02347384 _____ (ESET) C:\Users\Liz\Downloads\esetsmartinstaller_enu.exe
2013-11-25 18:19 - 2013-03-31 12:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-25 18:09 - 2013-11-25 18:09 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-25 18:09 - 2013-11-25 18:09 - 00000000 ____D C:\Users\Liz\AppData\Roaming\Malwarebytes
2013-11-25 18:09 - 2013-11-25 18:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-25 18:08 - 2013-11-25 18:08 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Liz\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-25 18:06 - 2013-11-25 18:03 - 00000000 ____D C:\Users\Liz\Desktop\mbar
2013-11-25 18:06 - 2013-11-17 22:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-23 13:42 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2013-11-19 18:41 - 2013-11-19 18:41 - 00000339 _____ C:\Users\Liz\Desktop\Fixlist.txt
2013-11-18 18:10 - 2013-11-18 18:10 - 00000806 _____ C:\Users\Liz\Desktop\JRT.txt
2013-11-18 18:05 - 2013-11-18 18:05 - 01034531 _____ (Thisisu) C:\Users\Liz\Downloads\JRT.exe
2013-11-18 18:05 - 2013-11-18 18:05 - 00000000 ____D C:\Windows\ERUNT
2013-11-18 18:02 - 2013-11-18 18:02 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-11-18 18:01 - 2013-11-18 17:59 - 00000000 ____D C:\AdwCleaner
2013-11-18 17:58 - 2013-11-18 17:57 - 01085542 _____ C:\Users\Liz\Downloads\adwcleaner.exe
2013-11-17 23:21 - 2013-11-17 22:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-17 22:28 - 2013-11-17 22:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-17 22:24 - 2013-11-17 22:24 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Liz\Downloads\mbar-1.07.0.1007.exe
2013-11-17 20:12 - 2013-11-17 20:11 - 00227096 _____ C:\Users\Liz\Downloads\avira_registry_cleaner_de.exe
2013-11-17 17:14 - 2012-08-03 03:28 - 00000000 ____D C:\ProgramData\McAfee
2013-11-17 17:11 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-11-16 23:34 - 2013-11-16 23:34 - 00377856 _____ C:\Users\Liz\Downloads\gmer_2.1.19163.exe
2013-11-16 23:29 - 2013-11-16 23:29 - 00000000 ____D C:\FRST
2013-11-16 23:24 - 2013-11-16 23:23 - 00000468 _____ C:\Users\Liz\Downloads\defogger_disable.log
2013-11-16 23:23 - 2013-11-16 23:23 - 00000168 _____ C:\Users\Liz\defogger_reenable
2013-11-16 23:23 - 2013-03-31 00:07 - 00000000 ____D C:\Users\Liz
2013-11-16 23:22 - 2013-11-16 23:22 - 00050477 _____ C:\Users\Liz\Downloads\Defogger.exe
2013-11-16 21:15 - 2013-09-07 16:31 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-16 03:26 - 2013-09-03 10:52 - 00000000 ___HD C:\Users\Liz\AppData\Roaming\Yciswbn
2013-11-16 03:26 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-11-15 20:30 - 2013-11-15 20:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 19:39 - 2013-11-15 19:39 - 126764512 _____ C:\Users\Liz\Downloads\avira_free1401_antivirus_de.exe
2013-11-15 19:17 - 2013-11-15 19:16 - 02209056 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-14 19:07 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-11-14 05:20 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2013-11-14 05:19 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2013-11-13 17:52 - 2013-07-25 16:48 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 17:50 - 2013-04-01 00:57 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-05 23:58 - 2013-11-14 18:40 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-05 23:58 - 2013-11-14 18:40 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-28 16:54

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-12-2013
Ran by Liz at 2013-12-05 14:25:19
Running from C:\Users\Liz\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.1910)
 clear.fi SDK- Movie 2 (x32 Version: 2.1.1910)
µTorrent (x32 Version: 3.3.0.29677)
Acer Backup Manager (x32 Version: 4.0.0.0053)
Acer Device Fast-lane (Version: 1.00.3003)
Acer Instant Update Service (Version: 1.00.3012)
Acer Power Management (Version: 7.00.3003)
Acer Recovery Management (Version: 6.00.3006)
AcerCloud (x32 Version: 2.01.3112)
AcerCloud Docs (x32 Version: 1.00.3103)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Anchor Service CS3 (x32 Version: 1.0)
Adobe Asset Services CS3 (x32 Version: 3)
Adobe Bridge CS3 (x32 Version: 2)
Adobe Bridge Start Meeting (x32 Version: 1.0)
Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0)
Adobe Camera Raw 4.0 (x32 Version: 4.0)
Adobe CMaps (x32 Version: 1.0)
Adobe Color - Photoshop Specific (x32 Version: 1.0)
Adobe Color Common Settings (x32 Version: 1.0)
Adobe Color EU Recommended Settings (x32 Version: 1.0)
Adobe Color JA Extra Settings (x32 Version: 1.0)
Adobe Color NA Extra Settings (x32 Version: 1.0)
Adobe Creative Suite 3 Design Premium (x32 Version: 1.0)
Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen (x32 Version: 1.0)
Adobe Default Language CS3 (x32 Version: 1.0)
Adobe Device Central CS3 (x32 Version: 1.0)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0)
Adobe Extension Manager CS3 (x32 Version: 1.8)
Adobe Flash CS3 (x32 Version: 9.0)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Flash Player 9 ActiveX (x32 Version: 9.0.45.0)
Adobe Flash Video Encoder (x32 Version: 2.0)
Adobe Fonts All (x32 Version: 1.0)
Adobe Help Viewer CS3 (x32 Version: 1)
Adobe Illustrator CS3 (x32 Version: 13.0)
Adobe InDesign CS3 (x32 Version: 5.0)
Adobe InDesign CS3 Icon Handler (x32 Version: 5.0)
Adobe Linguistics CS3 (x32 Version: 3.0.0)
Adobe MotionPicture Color Files (x32 Version: 1.0)
Adobe PDF Library Files (x32 Version: 8.0)
Adobe Photoshop CS3 (x32 Version: 10)
Adobe Setup (x32 Version: 1.0)
Adobe SING CS3 (x32 Version: 0.1)
Adobe Stock Photos CS3 (x32 Version: 1.5)
Adobe Type Support (x32 Version: 1.0)
Adobe Update Manager CS3 (x32 Version: 5.1.0)
Adobe Version Cue CS3 Client (x32 Version: 3)
Adobe WAS CS3 (x32 Version: 1.0)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)
Adobe XMP Panels CS3 (x32 Version: 1.0)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
AHV content for Acrobat and Flash (x32 Version: 1)
Akamai NetSession Interface (HKCU)
Aloha TriPeaks (x32 Version: 2.2.0.98)
ArchiCAD 16 GER (Version: 16.0)
Backup Manager v4 (x32 Version: 4.0.0.0053)
Bejeweled 3 (x32 Version: 2.2.0.98)
Broadcom Card Reader Driver Installer (Version: 15.4.4.2)
Capture NX 2 (x32 Version: 2.2.6)
clear.fi Media (x32 Version: 2.01.3107)
clear.fi Photo (x32 Version: 2.01.3107)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98)
Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta (x32 Version: 1.19.6)
Die Sims™ 3 (x32 Version: 1.63.5)
Die Sims™ 3 Einfach tierisch (x32 Version: 10.0.96)
Die Sims™ 3 Inselparadies (x32 Version: 19.0.101)
Die Sims™ 3 Late Night (x32 Version: 6.0.81)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87)
Dolby Home Theater v4 (x32 Version: 7.2.8000.13)
Don't Starve (x32)
Dropbox (HKCU Version: 2.0.22)
eBay Worldwide (x32 Version: 2.3.0630)
ETDWare PS/2-X64 11.6.4.001_WHQL (Version: 11.6.4.001)
Final Drive: Nitro (x32 Version: 2.2.0.95)
Free YouTube to MP3 Converter version 3.12.2.426 (x32 Version: 3.12.2.426)
Full Tilt Poker.Eu (x32 Version: 4.63.2.WIN.FullTilt.EU)
Google Chrome (x32 Version: 31.0.1650.57)
Google Earth (x32 Version: 7.0.1.8244)
Google Update Helper (x32 Version: 1.3.22.3)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110)
Identity Card (x32 Version: 2.00.3002)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Island Tribe (x32 Version: 2.2.0.98)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Launch Manager (x32 Version: 7.0.2)
Live Updater (x32 Version: 2.00.3002)
Magic Academy (x32 Version: 2.2.0.98)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MyWinLocker (Version: 4.0.14.35)
MyWinLocker 4 (x32 Version: 4.0.14.35)
MyWinLocker Suite (x32 Version: 4.0.14.24)
Nikon Message Center 2 (x32 Version: 2.0.1)
Norton Online Backup (x32 Version: 2.2.3.45)
Norton Online Backup ARA (x32 Version: 4.1.0.10)
NTI Media Maker 9 (x32 Version: 9.0.2.9008)
NVIDIA Grafiktreiber 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX (x32 Version: 9.12.0613)
NVIDIA PhysX-Systemsoftware 9.12.0613 (Version: 9.12.0613)
NVIDIA Systemsteuerung 306.97 (Version: 306.97)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Office Addin (x32 Version: 2.01.3102)
Office Addin 2003 (x32 Version: 2.01.3102)
Origin (x32 Version: 9.1.15.109)
Outlast (x32)
PDF Settings (x32 Version: 1.0)
Penguins! (x32 Version: 2.2.0.98)
Picture Control Utility (x32 Version: 1.2.1)
Pixillion Image Converter (x32 Version: 2.59)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Polar Bowler (x32 Version: 2.2.0.97)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.204)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.05)
QuickTime (x32 Version: 7.62.14.0)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657)
RollerCoaster Tycoon Deluxe (x32)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
SimCity 4 Deluxe (x32 Version: 1.0.0.0)
SimCity™ (x32 Version: 1.0.0.0)
Spotify (x32 Version: 0.8.4.99.ga249b5f1)
Steam (x32 Version: 1.0.0.0)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update Installer for WildTangent Games App (x32)
Vectorworks 2011 Hilfe (x32 Version: 1.1)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
VLC media player 2.0.6 (x32 Version: 2.0.6)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.3)
Zuma's Revenge (x32 Version: 2.2.0.98)

==================== Restore Points  =========================

23-11-2013 13:03:29 Geplanter Prüfpunkt
29-11-2013 19:47:23 Installiert The Sims 3
01-12-2013 19:48:47 Entfernt The Sims 3 Create A World
02-12-2013 20:30:46 Entfernt The Sims 3 Create A World

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {06211A73-3626-405B-8575-AD0B9CE62CE2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {0BD2953D-6C19-453E-B579-1F0762ED2BCA} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {30CB288C-6BF9-42BE-AE51-0CFA6103CBE5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {3B00A1D6-9FBE-4ABB-B7C3-67B974B75E0E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {4087AAB1-0FF5-4240-8F47-9970626879D7} - \Plus-HD-2.6-codedownloader No Task File
Task: {41D7949E-B659-4F93-833A-5E01E5F838B9} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {45E7DD2C-1BD6-4670-8531-D8A9952FB3AC} - \Plus-HD-2.6-firefoxinstaller No Task File
Task: {655330C2-1E44-4658-A87E-289F6537925E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-12] (Google Inc.)
Task: {72446700-3ABB-4C4D-A736-D0455F96F6BE} - \Plus-HD-2.6-chromeinstaller No Task File
Task: {77D50B6F-D6BB-47B7-AFAA-9C53184C514F} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {817BE997-D64D-477A-A972-9E337EB0EBB2} - \Plus-HD-2.6-enabler No Task File
Task: {94EA158F-FA27-41BB-AF2C-9CBF20927675} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {9ED32C6B-1544-4B98-9098-99B228E2955E} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-07-13] ()
Task: {A59EC215-70A5-44FD-820E-F99ECC7D97A1} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-07-13] ()
Task: {B1372C14-7D99-435A-8399-C1C907798244} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-12] (Google Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D16D52EE-C3B4-41F7-AF57-DB50B376AF65} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {F2EFDA3B-77D3-4367-8979-E1635E993D72} - \Plus-HD-2.6-updater No Task File
Task: {FD5869C3-622D-447F-966D-D1203F1AB49C} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PmmUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-06-22 02:12 - 2012-06-22 02:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-08-10 09:54 - 2012-08-08 16:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-19 04:26 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-11-15 00:11 - 2013-11-14 12:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-15 00:11 - 2013-11-14 12:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-15 00:11 - 2013-11-14 12:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-15 00:11 - 2013-11-14 12:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-15 00:11 - 2013-11-14 12:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-11-15 00:11 - 2013-11-14 12:29 - 13582800 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2013 00:43:52 PM) (Source: MsiInstaller) (User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (12/05/2013 00:43:33 PM) (Source: MsiInstaller) (User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (12/05/2013 02:11:55 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (12/04/2013 04:12:29 PM) (Source: MsiInstaller) (User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (12/04/2013 04:12:06 PM) (Source: MsiInstaller) (User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (12/03/2013 00:46:50 PM) (Source: MsiInstaller) (User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (12/03/2013 00:46:21 PM) (Source: MsiInstaller) (User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (12/03/2013 10:10:41 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (12/03/2013 10:10:41 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (12/03/2013 10:10:41 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.


System errors:
=============
Error: (11/17/2013 11:21:11 PM) (Source: mbamchameleon) (User: )
Description: C0000022

Error: (11/17/2013 11:21:11 PM) (Source: mbamchameleon) (User: )
Description: C0000022

Error: (11/17/2013 11:13:30 PM) (Source: mbamchameleon) (User: )
Description: C0000034

Error: (11/17/2013 11:13:30 PM) (Source: mbamchameleon) (User: )
Description: C0000034

Error: (11/17/2013 11:07:06 PM) (Source: mbamchameleon) (User: )
Description: C0000034

Error: (11/17/2013 11:07:06 PM) (Source: mbamchameleon) (User: )
Description: C0000034

Error: (11/17/2013 05:02:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde nicht richtig gestartet.

Error: (11/17/2013 05:01:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5

Error: (11/17/2013 05:01:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avgntflt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5

Error: (11/16/2013 11:19:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================
Error: (12/05/2013 00:43:52 PM) (Source: MsiInstaller)(User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/05/2013 00:43:33 PM) (Source: MsiInstaller)(User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/05/2013 02:11:55 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (12/04/2013 04:12:29 PM) (Source: MsiInstaller)(User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/04/2013 04:12:06 PM) (Source: MsiInstaller)(User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/03/2013 00:46:50 PM) (Source: MsiInstaller)(User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/03/2013 00:46:21 PM) (Source: MsiInstaller)(User: Humberto)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Liz\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/03/2013 10:10:41 AM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (12/03/2013 10:10:41 AM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4

Error: (12/03/2013 10:10:41 AM) (Source: SideBySide)(User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4


==================== Memory info ===========================

Percentage of memory in use: 24%
Total physical RAM: 8007.27 MB
Available physical RAM: 6059.36 MB
Total Pagefile: 9223.27 MB
Available Pagefile: 6990.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:912.19 GB) (Free:761.1 GB) NTFS
Drive f: (MUSIK) (Removable) (Total:3.73 GB) (Free:3.71 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 4E25EA70)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================

cosinus 05.12.2013 14:36
adwCleaner und JRT bitte neu runterladen und nochmal ausführen. Erst adwCleaner, dann JRT.

Humberto 05.12.2013 15:28
adwcleaner
Code:
# AdwCleaner v3.014 - Bericht erstellt am 05/12/2013 um 15:16:29
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Liz - HUMBERTO
# Gestartet von : C:\Users\Liz\Downloads\adwcleaner (1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl
Datei Gelöscht : C:\Windows\System32\Tasks\NCH Software

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Liz\AppData\Roaming\Mozilla\Firefox\Profiles\sr73dd2h.default\prefs.js ]


-\\ Google Chrome v31.0.1650.57

[ Datei : C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [24715 octets] - [18/11/2013 17:59:33]
AdwCleaner[R1].txt - [1250 octets] - [05/12/2013 15:07:34]
AdwCleaner[S0].txt - [24313 octets] - [18/11/2013 18:01:12]
AdwCleaner[S1].txt - [1173 octets] - [05/12/2013 15:16:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1233 octets] ##########
JRT
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 x64
Ran by Liz on 05.12.2013 at 15:22:43,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.12.2013 at 15:25:43,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus 05.12.2013 16:50
Frisches FRST-Log bitte

Humberto 02.01.2014 18:20
sooo, sry hat wieder n bisschen gedauert, hoffe du ist es noch nicht leid...hab den adw cleaner und jrt nochmal drüber laufen lassen.


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2014 01
Ran by Liz (administrator) on HUMBERTO on 02-01-2014 18:17:34
Running from C:\Users\Liz\AppData\Local\Microsoft\Windows\INetCache\IE\5GBRUPA9
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Akamai Technologies, Inc.) C:\Users\Liz\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Liz\AppData\Local\Akamai\netsession_win.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-07-31] ()
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2009-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-12-01] (Electronic Arts)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Liz\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-08-19] ()
HKU\Administrator\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Startup: C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Liz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {45EE1CAB-3DC8-425D-87FE-B8909E6D470E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {45EE1CAB-3DC8-425D-87FE-B8909E6D470E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {45EE1CAB-3DC8-425D-87FE-B8909E6D470E} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Liz\AppData\Roaming\Mozilla\Firefox\Profiles\sr73dd2h.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in - C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_32 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: BrowseSmart - C:\Users\Liz\AppData\Roaming\Mozilla\Firefox\Profiles\sr73dd2h.default\Extensions\firefox@browsesmart.net.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Extension: (AdBlock) - C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Google Wallet) - C:\Users\Liz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1
CHR HKLM-x32\...\Chrome\Extension: [ippenodjaoidmkkfdlmdhofiebnpjddb] - C:\Program Files (x86)\BrowseSmart\ippenodjaoidmkkfdlmdhofiebnpjddb.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-19] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-07-31] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-06-10] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-09-27] (DT Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-06-10] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-19] (Dritek System Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-02 18:14 - 2014-01-02 18:14 - 00000678 _____ C:\Users\Liz\Desktop\JRT.txt
2014-01-02 18:10 - 2014-01-01 10:31 - 01036305 _____ (Thisisu) C:\Users\Liz\Desktop\JRT_NEW.exe
2014-01-02 18:05 - 2014-01-02 18:05 - 00000000 _____ C:\ProgramData\PKP_DLbx.DAT
2014-01-02 18:02 - 2014-01-02 18:02 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-02 18:00 - 2014-01-02 18:00 - 01233962 _____ C:\Users\Liz\Downloads\adwcleaner.exe
2013-12-26 00:51 - 2013-12-26 00:51 - 00001712 _____ C:\Users\Liz\Downloads\fd0a148a0893f2c8f6a7aad2010c5ac1.dlc
2013-12-26 00:48 - 2013-12-26 00:48 - 00011076 _____ C:\Users\Liz\Downloads\Das.ist.das.Ende.2013.German.DL.720p.BluRay.x264-LeetHD-ysdnxxmd64z.dlc
2013-12-26 00:29 - 2014-01-02 18:08 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-12-26 00:22 - 2013-12-26 00:22 - 00081488 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\Liz\Downloads\WebInstaller.exe
2013-12-15 22:32 - 2013-12-20 14:40 - 00000000 ____D C:\Users\Liz\Desktop\Atoll
2013-12-15 00:48 - 2013-10-10 17:23 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-12-15 00:47 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-12-15 00:47 - 2013-10-23 12:21 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-12-15 00:47 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-12-15 00:47 - 2013-10-22 09:18 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-12-15 00:47 - 2013-10-22 08:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-12-15 00:47 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-12-15 00:47 - 2013-10-22 06:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-12-15 00:47 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2013-12-15 00:47 - 2013-10-22 05:02 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-12-15 00:47 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-12-15 00:47 - 2013-10-22 04:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-12-15 00:47 - 2013-10-22 03:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2013-12-15 00:47 - 2013-10-22 03:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-12-15 00:47 - 2013-10-22 03:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-12-15 00:47 - 2013-10-22 03:07 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-12-15 00:47 - 2013-10-22 02:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-12-15 00:47 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-12-15 00:47 - 2013-10-19 09:51 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-12-15 00:47 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-12-15 00:47 - 2013-10-19 05:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-12-15 00:47 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2013-12-15 00:47 - 2013-10-19 04:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-12-15 00:47 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-12-15 00:47 - 2013-10-17 16:42 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-12-15 00:47 - 2013-10-17 16:42 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-12-15 00:47 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-12-15 00:47 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-12-15 00:47 - 2013-10-16 10:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-12-15 00:47 - 2013-10-13 04:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-12-15 00:47 - 2013-10-13 03:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-12-15 00:47 - 2013-10-10 17:44 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-12-15 00:47 - 2013-10-10 17:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-12-15 00:47 - 2013-10-10 17:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-12-15 00:47 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-12-15 00:47 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-12-15 00:47 - 2013-10-10 12:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-12-15 00:47 - 2013-10-09 06:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-12-15 00:47 - 2013-10-08 11:28 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-12-15 00:47 - 2013-10-08 11:13 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-12-15 00:47 - 2013-10-08 07:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-12-15 00:47 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2013-12-15 00:47 - 2013-10-08 06:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-12-15 00:47 - 2013-10-08 06:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-12-15 00:47 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2013-12-15 00:47 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-12-15 00:47 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-12-15 00:47 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2013-12-15 00:47 - 2013-10-07 08:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-12-15 00:47 - 2013-10-07 03:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-12-15 00:47 - 2013-10-05 16:25 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-12-15 00:47 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-12-15 00:47 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2013-12-15 00:47 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-12-15 00:47 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-12-15 00:47 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-12-15 00:47 - 2013-10-05 10:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-12-15 00:47 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-12-15 00:47 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-12-15 00:47 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2013-12-15 00:47 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2013-12-15 00:47 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-12-15 00:47 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-12-15 00:47 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-12-15 00:47 - 2013-10-05 08:39 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-12-15 00:47 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-12-15 00:47 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-12-15 00:47 - 2013-10-04 09:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-12-15 00:47 - 2013-09-19 06:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-12-15 00:47 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-12-15 00:47 - 2013-09-17 10:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-12-15 00:47 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-12-15 00:47 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-12-15 00:47 - 2013-09-17 05:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-12-15 00:47 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-12-15 00:47 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-12-15 00:47 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2013-12-15 00:47 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2013-12-15 00:47 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-12-15 00:47 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-12-15 00:47 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-12-15 00:47 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2013-12-15 00:47 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-12-15 00:47 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-12-15 00:47 - 2013-09-12 09:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-12-15 00:47 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2013-12-15 00:47 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-12-15 00:47 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2013-12-15 00:47 - 2013-09-12 08:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-12-15 00:47 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2013-12-15 00:47 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-12-15 00:47 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2013-12-15 00:47 - 2013-09-10 06:26 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-12-15 00:47 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-12-15 00:47 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2013-12-15 00:44 - 2013-11-11 03:48 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-15 00:44 - 2013-11-08 05:28 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-15 00:44 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-15 00:44 - 2013-11-08 04:41 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-15 00:44 - 2013-11-04 18:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-15 00:44 - 2013-11-04 12:50 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-15 00:44 - 2013-11-04 11:32 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-15 00:44 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-15 00:44 - 2013-10-31 01:58 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-15 00:44 - 2013-10-31 01:42 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-15 00:44 - 2013-10-10 12:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-12-15 00:44 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2013-12-15 00:43 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-15 00:43 - 2013-11-12 00:40 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-15 00:43 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-15 00:43 - 2013-11-12 00:24 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-15 00:43 - 2013-11-09 12:55 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-15 00:43 - 2013-11-09 07:37 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-15 00:43 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-15 00:43 - 2013-11-08 11:26 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-15 00:43 - 2013-11-08 05:43 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-15 00:43 - 2013-11-08 05:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-15 00:43 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-15 00:43 - 2013-11-08 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-15 00:43 - 2013-11-08 04:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-15 00:43 - 2013-11-05 15:19 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-15 00:43 - 2013-11-05 15:03 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-15 00:43 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-15 00:43 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-15 00:43 - 2013-11-05 14:32 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-15 00:43 - 2013-11-04 18:13 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-15 00:43 - 2013-11-04 14:07 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-15 00:43 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-15 00:43 - 2013-11-01 12:39 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-15 00:43 - 2013-11-01 07:08 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-15 00:43 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-15 00:43 - 2013-10-31 01:33 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-15 00:43 - 2013-10-31 01:33 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-15 00:43 - 2013-10-31 01:33 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-15 00:43 - 2013-10-31 01:33 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-15 00:43 - 2013-10-26 02:54 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-15 00:43 - 2013-10-24 10:31 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-15 00:43 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-15 00:43 - 2013-10-17 12:21 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-15 00:43 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-15 00:43 - 2013-10-05 15:21 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-15 00:43 - 2013-10-05 15:21 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-15 00:43 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-15 00:43 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-15 00:40 - 2013-11-05 21:21 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-12-15 00:40 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-12-15 00:40 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-12-15 00:40 - 2013-11-05 17:11 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-12-15 00:38 - 2013-10-10 12:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-12-15 00:38 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2013-12-15 00:38 - 2013-10-10 11:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-12-15 00:38 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2013-12-14 21:01 - 2013-12-16 21:22 - 00000000 ____D C:\Users\Liz\Desktop\welt
2013-12-14 20:53 - 2013-12-14 20:53 - 00000000 ____D C:\Users\Liz\Desktop\Sunlit Tides
2013-12-14 20:50 - 2013-12-14 20:50 - 00474518 _____ C:\Users\Liz\Downloads\s3pe_13-1106-2244.exe
2013-12-14 20:46 - 2013-12-14 20:46 - 00013998 _____ C:\Users\Liz\Downloads\MTS_simsample_1318942_SunlitTides.zip
2013-12-13 22:30 - 2013-12-13 22:35 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-12-13 16:22 - 2013-10-03 10:16 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-12-13 16:22 - 2013-10-03 10:02 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-12-13 16:22 - 2013-10-02 12:00 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-12-13 16:22 - 2013-10-02 10:47 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-12-13 16:22 - 2013-10-01 04:42 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-12-13 16:22 - 2013-10-01 04:36 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-12-13 16:21 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-13 16:21 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-13 16:21 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-13 16:21 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-13 16:21 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-13 16:21 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-13 16:21 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-13 16:21 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-13 16:21 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-13 16:21 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-13 16:21 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-13 16:21 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-13 16:21 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-13 16:21 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-13 16:21 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-13 16:21 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-13 16:21 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-13 16:21 - 2013-11-23 05:34 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-13 16:21 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-13 16:21 - 2013-11-23 04:32 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-13 16:21 - 2013-11-23 04:10 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-13 16:21 - 2013-10-23 12:01 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-12-13 16:21 - 2013-10-23 09:59 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-12-13 16:21 - 2013-10-19 09:53 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-13 16:21 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-13 16:21 - 2013-10-19 06:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-12-13 16:21 - 2013-10-15 09:54 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-13 16:21 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-13 16:21 - 2013-10-13 03:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-12-13 16:21 - 2013-10-12 22:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-12-13 16:21 - 2013-10-12 22:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-12-13 16:21 - 2013-10-05 15:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-12-13 16:21 - 2013-10-05 09:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-12-13 16:20 - 2013-11-09 07:34 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-13 16:20 - 2013-11-09 07:34 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-13 16:20 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-13 16:20 - 2013-11-08 08:21 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-13 16:20 - 2013-10-16 16:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-12-13 16:20 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-12-13 16:20 - 2013-10-11 14:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-12-13 16:20 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-12-12 15:39 - 2013-12-12 15:40 - 00000000 ____D C:\Users\Liz\Desktop\s3pefiles
2013-12-12 15:25 - 2013-12-14 20:51 - 00000000 ____D C:\Program Files\s3pe
2013-12-12 15:24 - 2013-12-12 15:24 - 00464899 _____ C:\Users\Liz\Downloads\s3pe_13-0316-1933.exe
2013-12-12 14:55 - 2013-12-12 16:29 - 00000000 ____D C:\Users\Liz\Desktop\test
2013-12-12 14:54 - 2013-12-12 14:54 - 00000000 ____D C:\Users\Liz\AppData\Roaming\Peter L Jones
2013-12-12 14:53 - 2013-12-12 14:53 - 00404198 _____ C:\Users\Liz\Downloads\s3oc_13-1029-1343.exe
2013-12-12 14:53 - 2013-12-12 14:53 - 00000000 ____D C:\Program Files\s3oc
2013-12-12 13:36 - 2013-12-13 19:23 - 00000000 ____D C:\Users\Liz\AppData\Roaming\Spotify
2013-12-12 13:36 - 2013-12-13 16:56 - 00000000 ____D C:\Users\Liz\AppData\Local\Spotify
2013-12-11 23:56 - 2013-12-11 23:56 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2013-12-11 23:56 - 2013-12-11 23:56 - 00000000 ____D C:\WINDOWS\system32\NV
2013-12-11 22:16 - 2014-01-02 18:04 - 00000000 __RDO C:\Users\Liz\SkyDrive
2013-12-11 22:13 - 2014-01-02 18:01 - 00001007 _____ C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-11 22:12 - 2013-12-11 22:12 - 00000020 ___SH C:\Users\Liz\ntuser.ini
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-11 22:00 - 2014-01-02 18:08 - 01315510 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-11 22:00 - 2013-12-11 22:00 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-11 21:52 - 2013-12-11 21:52 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-11 21:40 - 2013-12-11 21:40 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-11 21:38 - 2013-12-16 03:32 - 00000000 ____D C:\Users\Liz
2013-12-11 21:38 - 2013-12-11 22:00 - 00040008 _____ C:\WINDOWS\diagwrn.xml
2013-12-11 21:38 - 2013-12-11 22:00 - 00040008 _____ C:\WINDOWS\diagerr.xml
2013-12-11 21:38 - 2013-12-11 21:50 - 00000000 ____D C:\Users\Administrator
2013-12-11 21:38 - 2013-12-11 21:40 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-11 21:38 - 2013-12-11 21:40 - 00000000 ___RD C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-11 21:38 - 2013-12-11 21:39 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Vorlagen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Startmenü
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Netzwerkumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Lokale Einstellungen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Eigene Dateien
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Druckumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Documents\Eigene Musik
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Documents\Eigene Bilder
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\AppData\Local\Verlauf
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\AppData\Local\Anwendungsdaten
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Anwendungsdaten
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2013-12-11 21:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-11 21:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-11 21:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-11 21:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-11 21:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-11 21:38 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-11 21:38 - 2013-08-22 16:36 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-11 21:38 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-11 21:38 - 2013-08-22 16:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-11 21:33 - 2013-12-11 21:33 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-12-11 21:33 - 2013-12-11 21:33 - 00000000 ____D C:\Program Files\Realtek
2013-12-11 21:33 - 2013-12-11 21:33 - 00000000 ____D C:\Program Files\Elantech
2013-12-11 21:33 - 2013-10-03 23:43 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2013-12-11 21:33 - 2013-10-03 23:43 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2013-12-11 21:32 - 2013-08-29 23:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-12-11 21:32 - 2013-08-29 23:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-12-11 21:32 - 2013-08-29 23:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-12-11 21:32 - 2013-08-29 23:43 - 01042208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2013-12-11 21:32 - 2013-08-29 23:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-12-11 21:32 - 2013-08-29 23:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-12-11 21:32 - 2013-08-29 23:43 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2013-12-11 21:32 - 2013-08-29 23:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-12-11 21:32 - 2013-08-29 21:28 - 03349466 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-12-11 21:31 - 2013-12-11 22:37 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-11 21:31 - 2013-12-11 21:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-11 21:31 - 2013-12-11 21:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-11 21:30 - 2013-12-11 21:30 - 00000000 __SHD C:\Recovery
2013-12-11 21:29 - 2013-12-11 22:13 - 00000000 ___DC C:\WINDOWS\Panther
2013-12-11 21:26 - 2013-12-11 21:26 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-11 21:24 - 2013-12-11 21:24 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-11 21:24 - 2013-12-11 21:24 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-11 21:24 - 2013-12-11 21:24 - 00000000 ____D C:\Program Files\MSBuild
2013-12-11 21:24 - 2013-12-11 21:24 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-11 21:24 - 2013-12-11 21:24 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-11 21:24 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-12-11 21:24 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-11 21:24 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-12-11 21:24 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-12-11 21:24 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-11 21:24 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-12-11 21:03 - 2013-12-11 22:00 - 00006578 _____ C:\WINDOWS\comsetup.log
2013-12-09 15:28 - 2013-12-09 15:28 - 00036070 _____ C:\Users\Liz\Desktop\234.xspf
2013-12-05 15:20 - 2013-12-05 15:22 - 01034531 _____ (Thisisu) C:\Users\Liz\Downloads\JRT (1).exe
2013-12-05 15:05 - 2013-12-05 15:06 - 01110034 _____ C:\Users\Liz\Downloads\adwcleaner (1).exe
2013-12-05 14:25 - 2013-12-05 14:25 - 00022629 _____ C:\Users\Liz\Downloads\Addition.txt
2013-12-05 14:17 - 2013-12-05 14:22 - 01959766 _____ (Farbar) C:\Users\Liz\Downloads\FRST64.exe

==================== One Month Modified Files and Folders =======

2014-01-02 18:17 - 2013-03-31 10:19 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3686124292-570556794-449095975-1002
2014-01-02 18:16 - 2013-11-16 23:32 - 00000000 ____D C:\Users\Liz\Desktop\Neuer Ordner
2014-01-02 18:14 - 2014-01-02 18:14 - 00000678 _____ C:\Users\Liz\Desktop\JRT.txt
2014-01-02 18:13 - 2013-05-12 15:36 - 00001122 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-02 18:08 - 2013-12-26 00:29 - 00000000 ____D C:\Program Files (x86)\JDownloader
2014-01-02 18:08 - 2013-12-11 22:00 - 01315510 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-02 18:08 - 2013-10-05 16:29 - 00000000 ____D C:\Program Files (x86)\Nikon
2014-01-02 18:08 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-02 18:08 - 2013-09-30 04:56 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-02 18:08 - 2013-09-30 04:56 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-02 18:08 - 2012-08-03 03:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-02 18:05 - 2014-01-02 18:05 - 00000000 _____ C:\ProgramData\PKP_DLbx.DAT
2014-01-02 18:04 - 2013-12-11 22:16 - 00000000 __RDO C:\Users\Liz\SkyDrive
2014-01-02 18:04 - 2013-05-12 15:36 - 00001118 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-02 18:02 - 2014-01-02 18:02 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-02 18:02 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-02 18:01 - 2013-12-11 22:13 - 00001007 _____ C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-02 18:01 - 2013-11-18 17:59 - 00000000 ____D C:\AdwCleaner
2014-01-02 18:01 - 2013-08-22 14:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2014-01-02 18:00 - 2014-01-02 18:00 - 01233962 _____ C:\Users\Liz\Downloads\adwcleaner.exe
2014-01-02 18:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-02 17:48 - 2013-05-22 02:35 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-02 16:47 - 2013-04-07 18:55 - 00000000 ____D C:\Users\Liz\AppData\Local\Akamai
2014-01-02 07:38 - 2013-04-29 22:33 - 00000000 ____D C:\Users\Liz\AppData\Roaming\vlc
2014-01-02 02:24 - 2013-08-22 15:46 - 00366678 _____ C:\WINDOWS\setupact.log
2014-01-01 10:31 - 2014-01-02 18:10 - 01036305 _____ (Thisisu) C:\Users\Liz\Desktop\JRT_NEW.exe
2013-12-29 01:36 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-27 05:02 - 2013-09-29 20:04 - 00001152 _____ C:\WINDOWS\PFRO.log
2013-12-26 00:51 - 2013-12-26 00:51 - 00001712 _____ C:\Users\Liz\Downloads\fd0a148a0893f2c8f6a7aad2010c5ac1.dlc
2013-12-26 00:48 - 2013-12-26 00:48 - 00011076 _____ C:\Users\Liz\Downloads\Das.ist.das.Ende.2013.German.DL.720p.BluRay.x264-LeetHD-ysdnxxmd64z.dlc
2013-12-26 00:22 - 2013-12-26 00:22 - 00081488 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\Liz\Downloads\WebInstaller.exe
2013-12-20 19:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-12-20 14:40 - 2013-12-15 22:32 - 00000000 ____D C:\Users\Liz\Desktop\Atoll
2013-12-18 19:37 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-18 19:03 - 2013-03-31 10:13 - 00000000 ___RD C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-18 19:03 - 2013-03-31 10:13 - 00000000 ___RD C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-18 09:59 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-18 09:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-18 09:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2013-12-18 09:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-12-18 09:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-18 09:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-18 09:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-18 08:56 - 2013-07-25 16:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-18 08:56 - 2013-04-01 00:57 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-16 21:22 - 2013-12-14 21:01 - 00000000 ____D C:\Users\Liz\Desktop\welt
2013-12-16 03:32 - 2013-12-11 21:38 - 00000000 ____D C:\Users\Liz
2013-12-15 21:38 - 2013-11-29 18:31 - 00000843 _____ C:\Users\Liz\Desktop\123.lnk
2013-12-14 20:53 - 2013-12-14 20:53 - 00000000 ____D C:\Users\Liz\Desktop\Sunlit Tides
2013-12-14 20:51 - 2013-12-12 15:25 - 00000000 ____D C:\Program Files\s3pe
2013-12-14 20:50 - 2013-12-14 20:50 - 00474518 _____ C:\Users\Liz\Downloads\s3pe_13-1106-2244.exe
2013-12-14 20:46 - 2013-12-14 20:46 - 00013998 _____ C:\Users\Liz\Downloads\MTS_simsample_1318942_SunlitTides.zip
2013-12-14 20:14 - 2013-03-31 13:46 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-14 18:29 - 2013-08-22 15:44 - 02263136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-13 22:35 - 2013-12-13 22:30 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-12-13 22:35 - 2012-12-29 00:35 - 00000000 ____D C:\Users\Liz\AppData\Local\Packages
2013-12-13 19:23 - 2013-12-12 13:36 - 00000000 ____D C:\Users\Liz\AppData\Roaming\Spotify
2013-12-13 16:56 - 2013-12-12 13:36 - 00000000 ____D C:\Users\Liz\AppData\Local\Spotify
2013-12-12 16:29 - 2013-12-12 14:55 - 00000000 ____D C:\Users\Liz\Desktop\test
2013-12-12 15:40 - 2013-12-12 15:39 - 00000000 ____D C:\Users\Liz\Desktop\s3pefiles
2013-12-12 15:24 - 2013-12-12 15:24 - 00464899 _____ C:\Users\Liz\Downloads\s3pe_13-0316-1933.exe
2013-12-12 14:54 - 2013-12-12 14:54 - 00000000 ____D C:\Users\Liz\AppData\Roaming\Peter L Jones
2013-12-12 14:53 - 2013-12-12 14:53 - 00404198 _____ C:\Users\Liz\Downloads\s3oc_13-1029-1343.exe
2013-12-12 14:53 - 2013-12-12 14:53 - 00000000 ____D C:\Program Files\s3oc
2013-12-11 23:56 - 2013-12-11 23:56 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2013-12-11 23:56 - 2013-12-11 23:56 - 00000000 ____D C:\WINDOWS\system32\NV
2013-12-11 23:56 - 2012-08-19 04:22 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-11 22:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-12-11 22:37 - 2013-12-11 21:31 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-11 22:20 - 2012-08-19 04:26 - 00000000 ____D C:\Program Files\Intel
2013-12-11 22:14 - 2013-03-31 10:13 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-12-11 22:13 - 2013-12-11 21:29 - 00000000 ___DC C:\WINDOWS\Panther
2013-12-11 22:12 - 2013-12-11 22:12 - 00000020 ___SH C:\Users\Liz\ntuser.ini
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-11 22:01 - 2013-12-11 22:01 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-11 22:01 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2013-12-11 22:01 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-12-11 22:00 - 2013-12-11 22:00 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-11 22:00 - 2013-12-11 21:38 - 00040008 _____ C:\WINDOWS\diagwrn.xml
2013-12-11 22:00 - 2013-12-11 21:38 - 00040008 _____ C:\WINDOWS\diagerr.xml
2013-12-11 22:00 - 2013-12-11 21:03 - 00006578 _____ C:\WINDOWS\comsetup.log
2013-12-11 22:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2013-12-11 21:53 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media
2013-12-11 21:52 - 2013-12-11 21:52 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-11 21:52 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-11 21:50 - 2013-12-11 21:38 - 00000000 ____D C:\Users\Administrator
2013-12-11 21:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-12-11 21:47 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-12-11 21:47 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-12-11 21:47 - 2013-04-02 18:57 - 00000000 ____D C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-11 21:44 - 2013-12-11 21:44 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-11 21:44 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-12-11 21:44 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-12-11 21:44 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-12-11 21:44 - 2013-09-27 15:12 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2013-12-11 21:44 - 2013-08-22 16:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2013-12-11 21:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-12-11 21:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-12-11 21:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-12-11 21:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-12-11 21:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-12-11 21:44 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-12-11 21:44 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-12-11 21:44 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2013-12-11 21:43 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-12-11 21:43 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME
2013-12-11 21:43 - 2012-08-03 03:24 - 00000000 ____D C:\ProgramData\PRICache
2013-12-11 21:42 - 2013-12-11 21:31 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-11 21:42 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-12-11 21:42 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-12-11 21:42 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-11 21:40 - 2013-12-11 21:40 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-11 21:40 - 2013-12-11 21:38 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-11 21:40 - 2013-12-11 21:38 - 00000000 ___RD C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-11 21:40 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-12-11 21:39 - 2013-12-11 21:38 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-11 21:39 - 2012-08-03 03:23 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-11 21:39 - 2012-08-03 03:23 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-11 21:39 - 2012-08-03 03:23 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Vorlagen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Startmenü
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Netzwerkumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Lokale Einstellungen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Eigene Dateien
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Druckumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Documents\Eigene Musik
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Documents\Eigene Bilder
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\AppData\Local\Verlauf
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\AppData\Local\Anwendungsdaten
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Liz\Anwendungsdaten
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2013-12-11 21:38 - 2013-12-11 21:38 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2013-12-11 21:33 - 2013-12-11 21:33 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-12-11 21:33 - 2013-12-11 21:33 - 00000000 ____D C:\Program Files\Realtek
2013-12-11 21:33 - 2013-12-11 21:33 - 00000000 ____D C:\Program Files\Elantech
2013-12-11 21:33 - 2013-08-22 15:46 - 00000084 _____ C:\WINDOWS\setuperr.log
2013-12-11 21:31 - 2013-12-11 21:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-12-11 21:30 - 2013-12-11 21:30 - 00000000 __SHD C:\Recovery
2013-12-11 21:28 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-12-11 21:26 - 2013-12-11 21:26 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-11 21:24 - 2013-12-11 21:24 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-12-11 21:24 - 2013-12-11 21:24 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-11 21:24 - 2013-12-11 21:24 - 00000000 ____D C:\Program Files\MSBuild
2013-12-11 21:24 - 2013-12-11 21:24 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-11 21:24 - 2013-12-11 21:24 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-11 21:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-12-11 21:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-12-11 21:14 - 2013-03-31 00:09 - 01559225 _____ C:\WINDOWS\WindowsUpdate (1).log
2013-12-11 20:39 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-10 19:48 - 2013-05-22 02:35 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-12-09 15:49 - 2013-03-31 13:47 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-12-09 15:28 - 2013-12-09 15:28 - 00036070 _____ C:\Users\Liz\Desktop\234.xspf
2013-12-07 06:07 - 2013-04-08 08:40 - 00000000 ____D C:\Users\Liz\AppData\Local\CrashDumps
2013-12-05 15:22 - 2013-12-05 15:20 - 01034531 _____ (Thisisu) C:\Users\Liz\Downloads\JRT (1).exe
2013-12-05 15:06 - 2013-12-05 15:05 - 01110034 _____ C:\Users\Liz\Downloads\adwcleaner (1).exe
2013-12-05 14:25 - 2013-12-05 14:25 - 00022629 _____ C:\Users\Liz\Downloads\Addition.txt
2013-12-05 14:25 - 2013-11-18 19:16 - 00033799 _____ C:\Users\Liz\Downloads\FRST.txt
2013-12-05 14:22 - 2013-12-05 14:17 - 01959766 _____ (Farbar) C:\Users\Liz\Downloads\FRST64.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
C:\ProgramData\PKP_DLbx.DAT


Some content of TEMP:
====================
C:\Users\Liz\AppData\Local\Temp\i4jdel0.exe
C:\Users\Liz\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-02 17:01

==================== End Of Log ============================
--- --- ---

cosinus 03.01.2014 11:42
FRST starten, Haken setzen bei additions.txt und nochmal scannen lassen, neues additions-Log posten


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:12 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2026, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21