Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Sicherheitswarnung zu meinem Internetzugang durch die Telekom

Sicherheitswarnung zu meinem Internetzugang durch die Telekom


Log-Analyse und Auswertung: Sicherheitswarnung zu meinem Internetzugang durch die Telekom

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 20.01.2015, 21:01   #1
Sumsum
 
Sicherheitswarnung zu meinem Internetzugang durch die Telekom - Standard

Sicherheitswarnung zu meinem Internetzugang durch die Telekom


So schlimm


BrowseStudio konnte ich nicht finden

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malware Protection, Starting, 
Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malware Protection, Started, 
Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malicious Website Protection, Starting, 
Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malicious Website Protection, Started, 
Update, 20.01.2015 19:57:25, SYSTEM, NICK, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, 
Update, 20.01.2015 19:57:26, SYSTEM, NICK, Manual, Rootkit Database, 2014.11.18.1, 2015.1.14.1, 
Update, 20.01.2015 19:58:10, SYSTEM, NICK, Manual, Malware Database, 2014.11.20.6, 2015.1.20.8, 
Protection, 20.01.2015 19:58:10, SYSTEM, NICK, Protection, Refresh, Starting, 
Protection, 20.01.2015 19:58:10, SYSTEM, NICK, Protection, Malicious Website Protection, Stopping, 
Protection, 20.01.2015 19:58:10, SYSTEM, NICK, Protection, Malicious Website Protection, Stopped, 
Protection, 20.01.2015 19:58:14, SYSTEM, NICK, Protection, Refresh, Success, 
Protection, 20.01.2015 19:58:14, SYSTEM, NICK, Protection, Malicious Website Protection, Starting, 
Protection, 20.01.2015 19:58:15, SYSTEM, NICK, Protection, Malicious Website Protection, Started, 
Detection, 20.01.2015 20:15:46, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.BrowseStudio.A, C:\Program Files (x86)\BrowseStudio\BrowseStudioUn.exe, Quarantine, [3b6d8f6ac3c6330388a788648b7639c7]
Detection, 20.01.2015 20:15:50, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:16:11, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:16:14, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:16:18, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:16:32, Nick, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:16:36, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:18:00, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantine, [792ff9005f2aad89077b0c497a89df21]
Detection, 20.01.2015 20:20:34, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SpeedBrowser.A, C:\Program Files (x86)\speed browser\Application\browser.exe, Quarantine Failed, 5, Zugriff verweigert  , [2088c534e2a746f0a43c6403c14228d8]
Detection, 20.01.2015 20:23:01, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [733549b0ef9a0b2b2d8f1e3be91a08f8]
Detection, 20.01.2015 20:23:31, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, Quarantine, [7d2b9f5a7e0be4523b81e3766e957789]
Protection, 20.01.2015 20:25:07, SYSTEM, NICK, Protection, Malware Protection, Starting, 
Protection, 20.01.2015 20:25:07, SYSTEM, NICK, Protection, Malware Protection, Started, 
Protection, 20.01.2015 20:25:07, SYSTEM, NICK, Protection, Malicious Website Protection, Starting, 
Protection, 20.01.2015 20:25:08, SYSTEM, NICK, Protection, Malicious Website Protection, Started, 
Detection, 20.01.2015 20:26:18, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, Quarantine, [8d1ba059f198fc3aedcf5009ac57cb35]
Detection, 20.01.2015 20:26:42, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, Quarantine, [6f39faffcebb48ee922a481140c33dc3]
Detection, 20.01.2015 20:26:42, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, Quarantine, [fdab6e8ba2e71a1cd2ea3a1f669d42be]
Detection, 20.01.2015 20:26:42, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, Quarantine, [7d2b33c60c7df83edce078e1a261df21]
Detection, 20.01.2015 20:28:19, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\msvcp110.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [6f39faffcebb48ee922a481140c33dc3]
Detection, 20.01.2015 20:28:19, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\msvcr110.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [fdab6e8ba2e71a1cd2ea3a1f669d42be]
Detection, 20.01.2015 20:28:20, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\windowssupportdll64.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [8d1ba059f198fc3aedcf5009ac57cb35]
Detection, 20.01.2015 20:28:20, SYSTEM, NICK, Protection, Malware Protection, File, PUP.Optional.SupTab.A, c:\program files (x86)\suptab\windowssupportdll32.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [7d2b33c60c7df83edce078e1a261df21]

(end)
Code:
ATTFilter
# AdwCleaner v4.108 - Bericht erstellt am 20/01/2015 um 20:42:06
# Aktualisiert 17/01/2015 von Xplode
# Database : 2015-01-18.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Nick - NICK
# Gestartet von : C:\Users\Nick\Downloads\AdwCleaner_4.108.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

[!] Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Infigo

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\MyBestOffersToday
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\RocketTabInstalled
Schlüssel Gelöscht : HKCU\Software\Search Extensions
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\StormWatchApp
Schlüssel Gelöscht : HKCU\Software\BrowseStudio
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\MyBestOffersToday
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\supWPM
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBrowser
Schlüssel Gelöscht : HKLM\SOFTWARE\mystartsearchSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\BrowseStudio
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZombieNews
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\speed browser
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v34.0.5 (x86 de)

[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.1betXNgUu0ry1KV3.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazo[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22DE%22%3A%7B%22ALL%22%3A%5B%22anastasiadate.com%22%2C%22option[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.crossrider.bic", "14a4e125e47398c82eba5714449bbc3c");
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.BirthDate", "1420632139");
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.adapters", "{\"de.iminent.com\":{\"CountryCode\":\"IT\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"14206321657618[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"urlhxxps\[...]
[1fes414j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");

*************************

AdwCleaner[R0].txt - [22738 octets] - [20/01/2015 20:34:38]
AdwCleaner[R1].txt - [7243 octets] - [20/01/2015 20:39:36]
AdwCleaner[S0].txt - [14499 octets] - [20/01/2015 20:38:31]
AdwCleaner[S1].txt - [5817 octets] - [20/01/2015 20:42:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5877 octets] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Nick on 20.01.2015 at 20:46:43,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4218249386-1005423115-940720447-1002\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Nick\AppData\Roaming\mozilla\firefox\profiles\1fes414j.default\prefs.js

user_pref("extensions.0NG6EAy41KJKq8PO.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnale
user_pref("extensions.ZGyzPlc8FlL8RbbK.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnale
user_pref("extensions.cNJOTCNSXDHbnXh9.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnale



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.01.2015 at 20:49:33,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Nick (administrator) on NICK on 20-01-2015 20:58:22
Running from C:\Users\Nick\Downloads
Loaded Profiles: UpdatusUser & Nick (Available profiles: UpdatusUser & Nick)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Pokki) C:\Users\Nick\AppData\Local\Pokki\Engine\HostAppService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [mbot_de_349] => [X]
HKLM-x32\...\Run: [rec_de_2] => [X]
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [RegDXVA1] => C:\Windows\system32\cmd.exe /c reg import "C:\Program Files (x86)\Acer\abPhoto\SwitchUserVideoKey.reg"
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\...\RunOnce: [SetAsDefault] => C:\Program Files (x86)\Acer\Acer Video Player\SwitchUserVideoKey.bat
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-4218249386-1005423115-940720447-1002\...\Run: [Infigo] => C:\Program Files (x86)\Infigo\Infigo.exe onrun
IFEO\ContentExplorer.exe: [Debugger] TaskList.exe
IFEO\internetenhancer.exe: [Debugger] TaskList.exe
IFEO\internetenhancerservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancer.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerApp.exe: [Debugger] TaskList.exe
IFEO\WajamInternetEnhancerAppservice.exe: [Debugger] TaskList.exe
IFEO\wajaminternetenhancerservice.exe: [Debugger] TaskList.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk
ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll (Acer Incorporated)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4218249386-1005423115-940720447-1002] => http=127.0.0.1:58526;https=127.0.0.1:58526
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4218249386-1005423115-940720447-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=WD8&Tid=000328B0&OHP=about%3Ablank&OSP=
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4218249386-1005423115-940720447-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: CinPlus-1.0cV15.12 -> {11111111-1111-1111-1111-110611321185} -> C:\Program Files (x86)\CinPlus-1.0cV15.12\CinPlus-1.0cV15.12-bho64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default
FF NewTab: 
FF SelectedSearchEngine: 
FF Keyword.URL: 
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Extension: Cinema-Plus-1.8c - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [2015-01-07]
FF Extension: 9b9d2aaaae264447a7a1633a32b19ddd - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{9b9d2aaa-ae26-4447-a7a1-633a32b19ddd} [2014-12-22]
FF Extension: Locale Switcher - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi [2014-11-27]
FF Extension: BrowseStudio 1.0.1 - C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\1fes414j.default\Extensions\{b4a69fee-d6ff-4bda-bdd9-f5dbbe57aa69}.xpi [2014-11-27]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
S2 FCUUjqwoLq; C:\ProgramData\OqQeGinkA\FCUUjqwoLq.exe [2726256 2014-12-16] () [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 0001121418376984mcinstcleanup; C:\Windows\TEMP\000112~1.EXE -cleanup -nolog [X]
S2 InfigoOperator; C:\Program Files (x86)\Infigo\InfigoOperator.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S1 wpnfd_1_10_0_1; system32\drivers\wpnfd_1_10_0_1.sys [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-20 20:49 - 2015-01-20 20:49 - 00002016 _____ () C:\Users\Nick\Desktop\JRT.txt
2015-01-20 20:46 - 2015-01-20 20:46 - 00000000 ____D () C:\Windows\ERUNT
2015-01-20 20:45 - 2015-01-20 20:45 - 00005981 _____ () C:\Users\Nick\Desktop\AdwCleaner[S1].txt
2015-01-20 20:34 - 2015-01-20 20:42 - 00000000 ____D () C:\AdwCleaner
2015-01-20 20:30 - 2015-01-20 20:30 - 00006148 _____ () C:\Users\Nick\Desktop\mbam.txt
2015-01-20 20:16 - 2015-01-20 20:16 - 00003112 _____ () C:\Windows\System32\Tasks\{5EE2478D-F235-4D61-88B7-D5096E360D17}
2015-01-20 19:57 - 2015-01-20 20:44 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-20 19:57 - 2015-01-20 19:57 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-20 19:57 - 2015-01-20 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-20 19:56 - 2015-01-20 19:57 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-20 19:56 - 2015-01-20 19:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-20 19:56 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-20 19:56 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-20 19:56 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-20 19:54 - 2015-01-20 19:55 - 01707939 _____ (Thisisu) C:\Users\Nick\Downloads\JRT.exe
2015-01-20 19:53 - 2015-01-20 19:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nick\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-20 19:53 - 2015-01-20 19:54 - 02186752 _____ () C:\Users\Nick\Downloads\AdwCleaner_4.108.exe
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\shopndorop
2015-01-20 19:09 - 2015-01-20 19:09 - 00000000 ____D () C:\Program Files (x86)\leisss2pay
2015-01-20 19:05 - 2015-01-20 19:05 - 00000000 ____D () C:\Program Files (x86)\FineDealSSoft
2015-01-20 19:04 - 2015-01-20 19:04 - 00000000 ____D () C:\Program Files (x86)\DissccountLocator
2015-01-20 19:02 - 2015-01-20 19:02 - 00000000 ____D () C:\Program Files (x86)\DeallsFiNdeRRPro
2015-01-20 18:56 - 2015-01-20 18:56 - 00001284 _____ () C:\Users\Nick\Desktop\Revo Uninstaller.lnk
2015-01-20 18:56 - 2015-01-20 18:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-20 18:55 - 2015-01-20 18:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nick\Downloads\revosetup95.exe
2015-01-19 22:20 - 2015-01-19 22:20 - 00000865 _____ () C:\Users\Nick\Desktop\Downloads - Verknüpfung.lnk
2015-01-19 22:17 - 2015-01-19 22:17 - 00009537 _____ () C:\Users\Nick\Downloads\Gmer.txt
2015-01-19 21:51 - 2015-01-19 21:51 - 00066046 _____ () C:\Users\Nick\Downloads\FRST.txt 1.txt
2015-01-19 21:51 - 2015-01-19 21:51 - 00040394 _____ () C:\Users\Nick\Downloads\Addition.txt 1.txt
2015-01-19 21:48 - 2015-01-19 21:49 - 00040394 _____ () C:\Users\Nick\Downloads\Addition.txt
2015-01-19 21:48 - 2015-01-19 21:48 - 00380416 _____ () C:\Users\Nick\Downloads\Gmer-19357.exe
2015-01-19 21:47 - 2015-01-20 20:58 - 00016855 _____ () C:\Users\Nick\Downloads\FRST.txt
2015-01-19 21:47 - 2015-01-19 21:52 - 00862496 _____ (CoinisRevShare) C:\Users\Nick\Downloads\adobe_flash_setup.exe
2015-01-19 21:46 - 2015-01-19 21:47 - 02126848 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe
2015-01-19 21:44 - 2015-01-19 21:45 - 00000470 _____ () C:\Users\Nick\Downloads\defogger_disable.log
2015-01-19 21:44 - 2015-01-19 21:44 - 00050477 _____ () C:\Users\Nick\Downloads\Defogger.exe
2015-01-19 21:35 - 2015-01-19 21:35 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-01-19 09:25 - 2015-01-19 09:25 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-01-19 09:25 - 2015-01-19 09:25 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-01-19 09:17 - 2015-01-19 09:17 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-01-18 06:54 - 2014-12-31 12:14 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-18 06:49 - 2015-01-18 06:49 - 00003754 _____ () C:\Windows\System32\Tasks\RunTool
2015-01-18 06:49 - 2015-01-18 06:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\3c77ea22-6f8d-4996-b236-dc6fe42eecea
2015-01-18 06:48 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-18 06:48 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-18 06:48 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-18 06:48 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-18 06:48 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-18 06:48 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-18 06:48 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-18 06:48 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-18 06:48 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-18 06:48 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-18 06:45 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-18 06:45 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-18 06:45 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-18 06:45 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-18 06:44 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-18 06:44 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-18 06:44 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-18 06:44 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 21:01 - 2015-01-20 20:58 - 00000000 ____D () C:\FRST
2015-01-16 21:00 - 2015-01-16 21:00 - 00000000 _____ () C:\Users\Nick\defogger_reenable
2015-01-16 14:36 - 2015-01-16 14:36 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-15 22:24 - 2015-01-15 22:24 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG
2015-01-15 22:23 - 2015-01-15 22:23 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg
2015-01-15 22:22 - 2015-01-15 22:24 - 00000000 ____D () C:\ProgramData\AVG
2015-01-15 15:03 - 2015-01-15 15:03 - 00000000 _____ () C:\autoexec.bat
2015-01-15 15:00 - 2015-01-15 15:01 - 00000000 ____D () C:\sh4ldr
2015-01-15 14:39 - 2015-01-15 14:39 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-15 14:06 - 2015-01-15 14:06 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\AVG2015
2015-01-15 14:05 - 2015-01-15 14:05 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\TuneUp Software
2015-01-15 14:04 - 2015-01-17 15:22 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-15 14:04 - 2015-01-15 14:04 - 00000000 ___HD () C:\$AVG
2015-01-15 14:03 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-01-15 14:02 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-15 14:02 - 2015-01-15 14:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Avg2015
2015-01-15 14:02 - 2015-01-15 14:02 - 00000000 ____D () C:\Users\Nick\AppData\Local\MFAData
2015-01-03 17:58 - 2015-01-03 17:58 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\WB Games
2015-01-03 17:38 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\WB Games
2015-01-03 17:11 - 2015-01-03 17:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Rovio
2015-01-03 17:10 - 2015-01-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
2015-01-03 17:10 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\Rovio
2015-01-03 17:10 - 2015-01-03 17:10 - 00001094 _____ () C:\Users\Public\Desktop\Bad Piggies.lnk
2014-12-24 20:24 - 2014-12-24 20:24 - 00001270 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-12-24 20:24 - 2014-12-24 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-12-24 19:42 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-12-24 18:25 - 2014-12-24 18:25 - 00000000 ____D () C:\Users\Nick\AppData\Local\Blizzard Entertainment
2014-12-24 18:24 - 2015-01-20 19:24 - 00000000 ____D () C:\Users\Nick\AppData\Local\Battle.net
2014-12-24 18:24 - 2015-01-17 19:44 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Battle.net
2014-12-24 18:24 - 2015-01-17 19:17 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-24 18:24 - 2014-12-24 18:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-20 20:56 - 2014-08-31 20:16 - 01793945 _____ () C:\Windows\WindowsUpdate.log
2015-01-20 20:53 - 2014-11-27 19:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-20 20:53 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-20 20:52 - 2014-11-27 18:55 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4218249386-1005423115-940720447-1002
2015-01-20 20:44 - 2014-11-27 18:57 - 00000000 ____D () C:\Users\Nick\OneDrive
2015-01-20 20:43 - 2013-08-22 15:46 - 00023043 _____ () C:\Windows\setupact.log
2015-01-20 20:43 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-20 20:42 - 2014-03-18 10:54 - 00041090 _____ () C:\Windows\PFRO.log
2015-01-20 20:39 - 2014-11-27 19:09 - 00000000 ____D () C:\Users\Nick\AppData\Local\CrashDumps
2015-01-20 20:18 - 2014-12-15 14:13 - 00001000 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA1d01868fb2dcc86.job
2015-01-20 19:52 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Pokki
2015-01-20 19:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-20 19:28 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-20 19:01 - 2014-11-27 18:59 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{21898380-5491-4791-BB9B-793C6C26EEF0}
2015-01-20 15:08 - 2014-11-27 20:08 - 00000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2015-01-20 14:53 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Skype
2015-01-19 21:36 - 2014-07-25 22:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-19 21:35 - 2014-07-25 22:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-01-19 21:34 - 2014-11-27 18:52 - 00002293 _____ () C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-01-19 21:33 - 2014-11-27 18:50 - 00000000 ____D () C:\Users\Nick\AppData\Local\clear.fi
2015-01-19 08:55 - 2014-11-30 15:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-18 16:13 - 2014-11-30 15:18 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-18 10:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-18 08:24 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-17 20:02 - 2013-08-22 14:25 - 00000226 _____ () C:\Windows\win.ini
2015-01-17 19:54 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick
2015-01-17 19:49 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-01-17 19:47 - 2014-08-31 19:30 - 00000000 ____D () C:\ProgramData\{EB5F5A55-037A-4E47-806B-2C8AA9374701}
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2015-01-17 19:47 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2015-01-17 19:44 - 2014-12-16 10:40 - 00000000 ____D () C:\ProgramData\OqQeGinkA
2015-01-17 19:44 - 2014-12-05 08:24 - 00000000 ___RD () C:\Windows\BrowserChoice
2015-01-17 19:44 - 2014-08-31 19:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-17 19:44 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Temp
2015-01-17 19:44 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\install_clap
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-01-17 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-17 19:44 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\mcafee.com
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-17 19:43 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-17 19:43 - 2013-08-22 16:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-01-17 19:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\registration
2015-01-17 19:24 - 2014-09-01 04:36 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-01-17 19:24 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\winrm
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Vss
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\vpnplugins
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\WindowsPowerShell
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-RS
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\spp
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Speech
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\networklist
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\MsDtc
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Licenses
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InstallShield
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SystemResources
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-17 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\System
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-01-17 19:24 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\slmgr
2015-01-17 19:23 - 2014-03-18 10:32 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Media.Shared
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sr-Latn-RS
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spp
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\spool
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Speech
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\networklist
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MUI
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\MsDtc
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-17 19:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Licenses
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\SMI
2015-01-17 19:23 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-17 19:22 - 2014-12-05 08:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-17 19:22 - 2014-11-27 18:50 - 00000000 ____D () C:\Windows\oem
2015-01-17 19:22 - 2014-09-01 04:29 - 00000000 ____D () C:\Windows\NAPP_Dism_Log
2015-01-17 19:22 - 2014-03-18 10:45 - 00000000 ____D () C:\Windows\SKB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ___SD () C:\Windows\system32\Configuration
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\InputMethod
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\IME
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\Com
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Speech
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\security
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\schemas
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Resources
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PLA
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Performance
2015-01-17 19:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\InputMethod
2015-01-17 19:22 - 2013-08-22 15:45 - 00000000 ____D () C:\Windows\Setup
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-17 19:22 - 2013-08-22 14:36 - 00000000 ____D () C:\Windows\servicing
2015-01-17 19:21 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\Mozilla
2015-01-17 19:21 - 2014-08-31 19:50 - 00000000 ____D () C:\Users\Public\CyberLink
2015-01-17 19:21 - 2014-07-25 22:28 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\IME
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Globalization
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Branding
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppCompat
2015-01-17 19:21 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\ADFS
2015-01-17 19:20 - 2014-11-30 08:12 - 00000000 ____D () C:\Users\Nick\AppData\Local\Skype
2015-01-17 19:20 - 2014-11-27 19:11 - 00000000 ____D () C:\Users\Nick\AppData\Local\Mozilla
2015-01-17 19:20 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\Packages
2015-01-17 19:19 - 2014-12-14 11:12 - 00000000 ____D () C:\ProgramData\Battle.net
2015-01-17 19:19 - 2014-11-30 18:18 - 00000000 ____D () C:\Users\Nick\AppData\Local\CyberLink
2015-01-17 19:19 - 2014-11-29 15:04 - 00000000 ____D () C:\ProgramData\Skype
2015-01-17 19:19 - 2014-11-27 19:36 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-17 19:19 - 2014-08-31 19:50 - 00000000 ____D () C:\ProgramData\CLSK
2015-01-17 19:19 - 2014-08-31 19:34 - 00000000 ____D () C:\Program Files\Realtek
2015-01-17 19:19 - 2014-08-31 19:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-17 19:19 - 2014-08-31 19:21 - 00000000 ____D () C:\ProgramData\Intel
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:27 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
2015-01-17 19:19 - 2014-07-25 22:23 - 00000000 ____D () C:\ProgramData\WildTangent
2015-01-17 19:19 - 2014-07-25 22:22 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-17 19:19 - 2014-07-25 22:21 - 00000000 ____D () C:\ProgramData\OEM
2015-01-17 19:19 - 2014-07-25 22:20 - 00000000 ____D () C:\ProgramData\acer
2015-01-17 19:19 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-17 19:19 - 2014-03-18 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-17 19:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-17 19:19 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-01-17 19:18 - 2014-11-29 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-17 19:18 - 2014-11-27 19:36 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-17 19:18 - 2014-11-27 18:50 - 00000000 ____D () C:\Program Files (x86)\OEM
2015-01-17 19:18 - 2014-08-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-17 19:18 - 2014-08-31 19:46 - 00000000 ____D () C:\Program Files (x86)\Spotify
2015-01-17 19:18 - 2014-08-31 19:30 - 00000000 ____D () C:\Program Files (x86)\Qualcomm Atheros
2015-01-17 19:18 - 2014-08-31 19:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-17 19:18 - 2014-08-31 19:19 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files\Intel
2015-01-17 19:18 - 2014-08-31 18:50 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-17 19:18 - 2014-07-25 22:28 - 00000000 ____D () C:\Program Files (x86)\Foxit PhantomPDF
2015-01-17 19:18 - 2014-07-25 22:26 - 00000000 ____D () C:\Program Files\Acer
2015-01-17 19:18 - 2014-07-25 22:24 - 00000000 ____D () C:\Program Files (x86)\WildGames
2015-01-17 19:18 - 2014-07-25 22:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-17 19:18 - 2014-07-25 22:21 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-17 19:18 - 2014-07-25 22:01 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-17 19:18 - 2014-07-25 22:00 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows NT
2015-01-17 19:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-17 19:17 - 2014-11-28 17:16 - 00000000 ____D () C:\Program Files (x86)\Brick-Force
2015-01-17 19:17 - 2014-07-25 22:57 - 00000000 ___HD () C:\OEM
2015-01-16 05:19 - 2014-07-25 22:58 - 00000000 ____D () C:\Windows\Panther
2015-01-15 17:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-15 14:13 - 2014-11-27 19:10 - 00000000 ____D () C:\Users\Public\OEM
2015-01-15 13:59 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\Administrator
2015-01-13 16:42 - 2014-11-28 17:08 - 00000000 ____D () C:\Users\Nick\AppData\Roaming\.minecraft
2015-01-06 01:08 - 2014-12-05 08:30 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-12-05 08:30 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-03 17:10 - 2014-11-27 18:49 - 00000000 ____D () C:\Users\Nick\AppData\Local\VirtualStore

==================== Files in the root of some directories =======
2014-12-15 14:08 - 2014-12-15 14:08 - 1545696 _____ () C:\Users\Nick\AppData\Roaming\EJSP.exe
2014-12-15 14:07 - 2014-12-15 14:07 - 2031584 _____ () C:\Users\Nick\AppData\Roaming\FYIKETTA.exe
2014-11-27 20:08 - 2015-01-20 15:08 - 0000193 _____ () C:\Users\Nick\AppData\Roaming\WB.CFG
2014-11-29 10:08 - 2014-12-17 10:08 - 0000001 _____ () C:\Users\Nick\AppData\Local\DSI.DAT
2014-11-29 10:08 - 2014-11-29 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup1444812342.exe
2014-12-02 14:08 - 2014-12-02 14:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4180595462.exe
2014-12-17 10:08 - 2014-12-17 10:08 - 0022528 _____ () C:\Users\Nick\AppData\Local\dsisetup4535986252.exe
2014-08-31 19:34 - 2014-08-31 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-06 09:34 - 2014-12-06 09:34 - 0000199 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.dll
C:\Users\Nick\AppData\Local\Temp\5213CEFB-E262-2310-0480-DCFB67E9E0DD.exe
C:\Users\Nick\AppData\Local\Temp\58A0271C-DAA9-E0B9-2984-AC25A29A9884.exe
C:\Users\Nick\AppData\Local\Temp\ICReinstall_adobe_flash_setup.exe
C:\Users\Nick\AppData\Local\Temp\ICReinstall_FirefoxSetup.exe
C:\Users\Nick\AppData\Local\Temp\oct8D03.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octE0DF.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octE4C5.tmp.exe
C:\Users\Nick\AppData\Local\Temp\octF576.tmp.exe
C:\Users\Nick\AppData\Local\Temp\optprosetup.exe
C:\Users\Nick\AppData\Local\Temp\Quarantine.exe
C:\Users\Nick\AppData\Local\Temp\res.dll
C:\Users\Nick\AppData\Local\Temp\rt-update.exe
C:\Users\Nick\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Nick\AppData\Local\Temp\sqlite3.dll
C:\Users\Nick\AppData\Local\Temp\sysad.exe
C:\Users\Nick\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Nick\AppData\Local\Temp\System.Data.SQLite3c77ea22-6f8d-4996-b236-dc6fe42eecea.dll
C:\Users\Nick\AppData\Local\Temp\updatecertmanager.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-03 20:14

==================== End Of Log ============================
--- --- ---




Gruß,
Anja

Antwort

Themen zu Sicherheitswarnung zu meinem Internetzugang durch die Telekom
adware, antivirus, avast, avg, browser, cpu, defender, device driver, entfernen, esgscanner.sys, explorer, flash player, google, home, iexplore.exe, livecomm.exe, monitor, onedrive, programm, scan, security, server, services.exe, software, svchost.exe, tablet, trackid, trojaner, virus, windows, windowsapps, winlogon.exe


« win 7 fährt normal hoch ,danach ändern sich die Ikons und habe keinen zugriff mehr bzw. ich kann nichts mehr öffnen ! | Windows 7 Pro - AKM mit Sperrebildschirm »


Ähnliche Themen: Sicherheitswarnung zu meinem Internetzugang durch die Telekom


  1. Telekom Brief " Wichtige Sicherheitswarnung zu Ihrem Internetzugang "
    Plagegeister aller Art und deren Bekämpfung - 24.10.2015 (15)
  2. Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert
    Log-Analyse und Auswertung - 20.04.2015 (27)
  3. Wichtige Sicherheitswarnung zu Ihrem Internetzugang /Telefonica
    Überwachung, Datenschutz und Spam - 21.02.2015 (5)
  4. Sicherheitswarnung Telekom Abuse Team
    Log-Analyse und Auswertung - 10.02.2015 (13)
  5. Sicherheitswarnung zum Internetzugang Abuse Team
    Plagegeister aller Art und deren Bekämpfung - 28.10.2014 (1)
  6. Sicherheitswarnung von der Telekom
    Plagegeister aller Art und deren Bekämpfung - 13.03.2014 (7)
  7. Sicherheitswarnung von der Telekom und nun ???
    Plagegeister aller Art und deren Bekämpfung - 15.09.2013 (21)
  8. Sicherheitswarnung von Telekom, 2 Rechner beschädigt?
    Plagegeister aller Art und deren Bekämpfung - 09.09.2013 (19)
  9. Windows 7; Brief Telekom: Sicherheitswarnung Internetzugang; 3 Trojaner ; mehrer Emails "Mail Delivery System" auch nach Passwordänderung
    Plagegeister aller Art und deren Bekämpfung - 04.09.2013 (28)
  10. Telekom-Brief bzgl. "Hacking", "Sicherheitswarnung zu Ihrem Internetzugang"
    Log-Analyse und Auswertung - 01.07.2013 (13)
  11. Sicherheitswarnung Telekom 2
    Log-Analyse und Auswertung - 22.02.2013 (24)
  12. Telekom - Sicherheitswarnung Internetzugang Massen-E-Mails
    Plagegeister aller Art und deren Bekämpfung - 18.02.2013 (50)
  13. Sicherheitswarnung der Telekom wegen Hacking
    Log-Analyse und Auswertung - 05.02.2013 (53)
  14. Erneute sicherheitswarnung zu ihrem internetzugang von telekom
    Log-Analyse und Auswertung - 29.11.2012 (15)
  15. Mail vom Telekom Abuse-Team / Wichtige Sicherheitswarnung zu ihrem Internetzugang
    Log-Analyse und Auswertung - 22.11.2012 (3)
  16. Brief von Telekom / "Sicherheitswarnung zu Ihrem Internetzugang" / "TR/Crypt.ULPM.Gen"
    Log-Analyse und Auswertung - 25.10.2012 (37)
  17. [Abuse-ID:72018271] Wichtige Sicherheitswarnung zu Ihrem Internetzugang; Zugangsnummer: 32xxxxxxxxxxx
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Sicherheitswarnung zu meinem Internetzugang durch die Telekom - So schlimm BrowseStudio konnte ich nicht finden Code: Alles auswählen Aufklappen ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, Malware Protection, Starting, Protection, 20.01.2015 19:57:21, SYSTEM, NICK, Protection, - Sicherheitswarnung zu meinem Internetzugang durch die Telekom...
Archiv
Du betrachtest: Sicherheitswarnung zu meinem Internetzugang durch die Telekom auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131