Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 7: Browser leiten automatisch auf Werbeseiten um!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.12.2013, 16:56   #1
IMuse
 
Windows 7: Browser leiten automatisch auf Werbeseiten um! - Frage

Windows 7: Browser leiten automatisch auf Werbeseiten um!



Hallo liebe Community,
bevor ich mein Problem schildere möchte ich einmal meinen Respekt ausschenken für die Arbeit, die ihr leistet! Habe mich etwas im Forum umgesehen und bin echt erstaunt.

Nun zu meinem Problem: Seit heute morgen werde ich sowohl von Chrome als auch von Mozilla Firefox ständig automatisch auf andere Seiten umgeleitet, die vor allem Werbung für unseriöse Seiten enthalten.
Seitdem habe ich folgende Schritte unternommen:
1. Meine gesamten Chroniken, Caches etc. gelöscht
2. Meine Add-Ons gecheckt, nichts gefunden.
3. Avira Free Antivirus Scandurchlauf gestartet, der hat ebenfalls nichts entdeckt.
4. Popupblocker installiert. Auch wenn es eigentlich keine Popups sind, sondern die besuchte Website einfach umgeleitet wird, dachte ich es wäre einen versuch wert, da die Seiten stark an Popups erinnern. Seitdem wird meistens nach der Umleitung ein Fehler angezeigt. Ich vermute mal, dass der Popupblocker die Seite einfach sperrt, was mir jedoch nicht besonders weiterhilft...
5. PandaCloud Antivir heruntergeladen und PC gescannt. Der hat sogar zwei Trojaner gefunden und entfernt, hier der Bericht (ich habe die Cookiebenachrichtigungen mal rausgenommen):
Zitat:
Ereignis Datum/Zeit Status Weitere Details
Scan 02.12.2013 15:33 Beendet Scanvorgang läuft: Gesamten Arbeitsplatz

Synchronisierung 02.12.2013 15:22 Synchronisiert Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Adware erkannt Adware/WebCake 02.12.2013 15:17 Gelöscht Speicherort: C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe

Trojaner erkannt Trj/Deldir.A 02.12.2013 15:05 Gelöscht Speicherort: C:\Windows\system32\OEM\CLEANUP_MLP.CMD

Trojaner erkannt Trj/Deldir.A 02.12.2013 15:05 Gelöscht Speicherort: C:\Windows\system32\OEM\CLEANUP.CMD
Scan 02.12.2013 15:04 Gestartet Scanvorgang läuft: Gesamten Arbeitsplatz
Jedoch blieb das Problem weiterhin bestehen...

6. Spybot Search & Destroy heruntergeladen, Scan gestartet. Der hat folgendes ausgespuckt (womit ich leider nichts anfangen konnte :/):
Zitat:
Search results from Spybot - Search & Destroy

02.12.2013 16:18:36
Scan took 00:22:07.
36 items found.

WebCake.BHO: [SBI $3F53FBE0] Class ID (Registry Key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

WebCake.BHO: [SBI $5B966508] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\WebCakeUpdaterService

WebCake.BHO: [SBI $5B966508] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\WebCakeUpdaterService

WebCake.BHO: [SBI $B5928459] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WebCakeUpdaterService

WebCake.BHO: [SBI $B5928459] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WebCakeUpdaterService

WebCake.BHO: [SBI $2698E3E6] Program directory (Directory, nothing done)
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\
Directory.subfile=C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat
Directory.subfile.size=56364
Directory.subfile.md5=5BF46292168DD59F3CF1E661B4DDC7F9
Directory.subfile.filedate=1374000401
Directory.subfile.filedatetext=2013-07-16 19:46:41
Directory.subfile=C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico
Directory.subfile.size=4846
Directory.subfile.md5=60E3EF9326E8C3F574A2C7B5A31FD895
Directory.subfile.filedate=1258611124
Directory.subfile.filedatetext=2009-11-19 07:12:03
Directory.subfile=C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll
Directory.subfile.size=531968
Directory.subfile.md5=E1416C9C40FD81557795D4195FB48E8D
Directory.subfile.filedate=1368563125
Directory.subfile.filedatetext=2013-05-14 21:25:25
Directory.subfile=C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll
Directory.subfile.size=273408
Directory.subfile.md5=4C05D85B6C1E2E9AEF5784F0A43B5C3A
Directory.subfile.filedate=1368563125
Directory.subfile.filedatetext=2013-05-14 21:25:24

WebCake.BHO: [SBI $885FF297] Library (File, nothing done)
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll
Properties.size=531968
Properties.md5=E1416C9C40FD81557795D4195FB48E8D
Properties.filedate=1368563125
Properties.filedatetext=2013-05-14 21:25:25

WebCake.BHO: [SBI $0A5B161A] Library (File, nothing done)
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll
Properties.size=273408
Properties.md5=4C05D85B6C1E2E9AEF5784F0A43B5C3A
Properties.filedate=1368563125
Properties.filedatetext=2013-05-14 21:25:24

WebCake.BHO: [SBI $1107F102] Data (File, nothing done)
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat
Properties.size=56364
Properties.md5=5BF46292168DD59F3CF1E661B4DDC7F9
Properties.filedate=1374000401
Properties.filedatetext=2013-07-16 19:46:41

WebCake.BHO: [SBI $370B837B] Picture (File, nothing done)
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico
Properties.size=4846
Properties.md5=60E3EF9326E8C3F574A2C7B5A31FD895
Properties.filedate=1258611124
Properties.filedatetext=2009-11-19 07:12:03

iCrossRider: [SBI $5AF10FA5] Settings (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\AppDataLow\Software\Crossrider

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\Turkelton\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\828QGZYE\cdn1.static.pornhub.phncdn.com\flash\player2013.swf\ph_opts.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $F1129B32] Open with list - .CPL extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CPL\OpenWithList

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3199510047-1611388233-1899664583-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
7. Ich habe dieses Forum entdeckt und einen Beitrag über ein Ähnliches Problem gelesen. Da in den Forumshinweisen jedoch darauf hingewiesen wird, nichts auf eigene Faust zu unternehmen, habe ich die Schritte zunächst nicht unternommen, auf die dort verwiesen wurde...

8. Malwarebytes installiert und Scan gestartet. Folgender Bericht kam heraus:
Zitat:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.02.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Turkelton :: TURKSULTRAACER [Administrator]

Schutz: Aktiviert

02.12.2013 17:00:53
mbam-log-2013-12-02 (17-00-53).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 211078
Laufzeit: 2 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE (Security.Hijack) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe|Debugger (Security.Hijack) -> Daten: "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Turkelton\Downloads\Setup (1).exe (PUP.Optional.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Turkelton\Downloads\Setup.exe (PUP.Optional.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Ich hoffe mein Beitrag ist nicht zu lang... Falls das der Fall ist, tut es mir leid, bin ja schließlich neu hier und habe gelesen, dass ich alle Berichte reinschreiben soll, die ich habe.

Ich bedanke mich schon einmal ganz lieb für die Hilfe!

Alt 02.12.2013, 17:14   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Browser leiten automatisch auf Werbeseiten um! - Standard

Windows 7: Browser leiten automatisch auf Werbeseiten um!



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 02.12.2013, 17:34   #3
IMuse
 
Windows 7: Browser leiten automatisch auf Werbeseiten um! - Standard

Windows 7: Browser leiten automatisch auf Werbeseiten um!



Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2013
Ran by Turkelton at 2013-12-02 18:28:51
Running from C:\Users\Turkelton\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Panda Cloud Antivirus (Enabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Panda Cloud Antivirus (Enabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Cloud Antivirus Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

clear.fi SDK - MVP 2 (x32 Version: 2.0.1505)
clear.fi SDK- Movie 2 (x32 Version: 2.0.1502)
Acer Backup Manager (x32 Version: 3.0.0.100)
Acer Crystal Eye Webcam (x32 Version: 1.5.2823.00)
Acer ePower Management (x32 Version: 6.00.3010)
Acer eRecovery Management (x32 Version: 5.00.3508)
Acer Instant Update Service (Version: 1.00.3004)
Acer Registration (x32 Version: 1.04.3506)
Acer Theft Shield (Version: 1.00.3004)
Acer Updater (x32 Version: 1.02.3501)
Acer VCM (x32 Version: 4.05.3501)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Bluetooth Suite (64) (Version: 7.4.0.130)
Avira Free Antivirus (x32 Version: 14.0.1.749)
Avira SearchFree Toolbar (x32 Version: 12.6.0.1900)
AVS Media Player 4.2.1.103 (x32 Version: 4.2.1.103)
Backup Manager V3 (x32 Version: 3.0.0.100)
clear.fi Media (x32 Version: 2.00.3004)
clear.fi Photo (x32 Version: 2.00.3004)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230)
D3DX10 (x32 Version: 15.4.2368.0902)
Dolby Home Theater v4 (x32 Version: 7.2.7000.7)
ETDWare PS/2-X64 10.6.12.4_WHQL (Version: 10.6.12.4)
Evernote v. 4.5.2 (x32 Version: 4.5.2.5866)
Fooz Kids (x32 Version: 3.1.2)
Fooz Kids Platform (x32 Version: 2.1)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Freemake Video Downloader (x32 Version: 3.5.3)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 31.0.1650.57)
Google Update Helper (x32 Version: 1.3.21.165)
Helium (x32 Version: 1.0.0)
Identity Card (x32 Version: 1.00.3501)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 8.0.4.1441)
Intel(R) OpenCL CPU Runtime (x32)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2712)
Intel(R) Rapid Start Technology (x32 Version: 1.0.0.1022)
Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.225)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
IO Door Notification (x32 Version: 1.00.3003)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Launch Manager (x32 Version: 5.1.16)
LG United Mobile Drivers (x32 Version: 3.7.1.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (x32 Version: 4.0.14.27)
MyWinLocker Suite (x32 Version: 4.0.14.19)
newsXpresso (x32 Version: 1.0.0.40)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
Panda Cloud Antivirus (Version: 6.06.00.0000)
Panda Cloud Antivirus (x32 Version: 02.03.00.0000)
Panda Security Toolbar (x32 Version: 4.1.0.5)
PDF Architect (x32 Version: 1.1.83.9982)
PDF24 Creator 5.7.0 (x32)
PixelPlanet PdfPrinter 7 (64bit) (Version: 7.0.60)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
PokerStars.net (x32)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 10.07)
QuickTime (x32 Version: 7.74.80.86)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6617)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.28104)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Skype™ 5.10 (x32 Version: 5.10.116)
Sleep Memory Optimizer (x32 Version: 1.00.3004)
Smart Timer (x32 Version: 1.00.3004)
Spotify (HKCU Version: 0.9.6.72.ge389c074)
Spybot - Search & Destroy (x32 Version: 2.2.25)
TrueCrypt (x32 Version: 7.1a)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.169)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.169)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
VLC media player 2.0.7 (Version: 2.0.7)
Welcome Center (x32 Version: 1.02.3507)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points =========================

26-11-2013 09:18:38 Windows Update
29-11-2013 09:23:37 Windows Update
02-12-2013 14:13:10 TuneUp Utilities 2014 wird installiert
02-12-2013 14:30:24 Windows Live Essentials
02-12-2013 14:30:35 WLSetup

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05661AC0-2471-4556-B60A-CC787F025BDE} - \Smart Timer Task Scheduler No Task File
Task: {0B87EE17-F04A-4031-903C-FAE885AC2CFA} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {2E4C817D-BE79-4DF7-B5B4-FEC235F8EF57} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {31304F56-BE2E-4BC7-94D8-3BD243F433EF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {36654A83-E314-40F6-BEFC-2DA1D7163ED1} - \UALU notificatin No Task File
Task: {443D794F-170D-4B10-A1AA-4BE02CB7864B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-02] (Google Inc.)
Task: {5EC5810E-D3C6-4256-AB91-546E48F4EA71} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {81FCC9BB-97AA-49DE-BC18-E9C6C41EAA13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-02] (Google Inc.)
Task: {861EBA71-A542-4FC3-BCC8-D6357772B72F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {BCCE0A3B-D8C9-4326-8640-C79DEC458ACE} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {CC248356-438A-4197-8EC8-A5348C90F744} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-14] (Adobe Systems Incorporated)
Task: {DB624BFE-7CC5-475E-8035-CE0D8E0D262F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-04-19 19:31 - 2012-04-19 19:31 - 00213608 _____ () C:\Program Files\Acer\Acer Theft Shield\CommPtl.dll
2012-04-19 19:31 - 2012-04-19 19:31 - 00197736 _____ () C:\Program Files\Acer\Acer Theft Shield\LogMgr2.dll
2012-04-19 19:31 - 2012-04-19 19:31 - 00114280 _____ () C:\Program Files\Acer\Acer Theft Shield\SysCtrl.dll
2012-04-19 19:31 - 2012-04-19 19:31 - 00141416 _____ () C:\Program Files\Acer\Acer Theft Shield\WHNCtrl.dll
2012-05-11 02:31 - 2012-03-27 01:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-10 22:06 - 2013-09-10 22:05 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\SQLite3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 22:22 - 2012-01-05 22:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2013-12-02 15:45 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-02 15:45 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-02 15:45 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-02 15:45 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-02 15:45 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-12-02 15:38 - 2013-11-13 04:39 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-08-14 19:19 - 2013-08-14 19:19 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\67f2d87ba056e1075fce76a8c50bb57e\IsdiInterop.ni.dll
2012-05-11 01:41 - 2012-02-02 00:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-07 23:14 - 2012-03-06 23:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-11-14 00:49 - 2013-11-14 00:49 - 16237448 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/02/2013 06:26:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2013 04:32:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2013 02:33:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2013 03:03:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2013 10:21:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2013 11:18:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/25/2013 10:48:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/23/2013 04:23:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/23/2013 11:28:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 11:56:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/02/2013 06:26:02 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (12/02/2013 04:32:14 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (12/02/2013 03:17:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TuneUp Designerweiterung" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1083

Error: (12/01/2013 10:38:31 PM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.1.51 mit dem Computer mit der
Netzwerkhardwareadresse 00-1D-92-6D-FD-A5 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (12/01/2013 02:33:15 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (12/01/2013 02:33:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/01/2013 02:33:10 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎01.‎12.‎2013 um 02:32:10 unerwartet heruntergefahren.

Error: (11/30/2013 03:03:04 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (11/30/2013 03:03:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (11/30/2013 03:02:59 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎30.‎11.‎2013 um 15:02:08 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (12/02/2013 06:26:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2013 04:32:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2013 02:33:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2013 03:03:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2013 10:21:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/28/2013 11:18:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/25/2013 10:48:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/23/2013 04:23:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/23/2013 11:28:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2013 11:56:25 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 58%
Total physical RAM: 3934.31 MB
Available physical RAM: 1652.2 MB
Total Pagefile: 7866.8 MB
Available Pagefile: 5084.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:95.15 GB) (Free:27.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: F1F2690F)
Partition 1: (Not Active) - (Size=8 GB) - (Type=84)
Partition 2: (Not Active) - (Size=16 GB) - (Type=27)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=95 GB) - (Type=OF Extended)

==================== End Of Log ============================




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by Turkelton (administrator) on TURKSULTRAACER on 02-12-2013 18:28:15
Running from C:\Users\Turkelton\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Sleep Memory Optimizer\FFSService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe
(Atheros) C:\Program Files (x86)\Acer\WDAgent\Ath_WlanAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\IO Door Notification\IODoorNotification.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Secure Applicayion] - C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe [259688 2012-04-19] ()
HKLM\...\Run: [InstantUpdate] - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2818352 2012-04-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1022592 2012-05-07] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [801920 2012-05-07] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
MountPoints2: {0ae18ce2-fc46-11e2-b0be-e006e63fef5e} - D:\LGAutoRun.exe
MountPoints2: {9070913d-eb0b-11e2-b492-e006e63fef5e} - D:\laucher.exe
HKLM-x32\...\Run: [IO Door Notification] - C:\Program Files (x86)\Acer\IO Door Notification\IODoorNotification.exe [2097256 2012-04-12] (Acer Incorporated)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1108048 2012-04-25] (Dritek System Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PSUAMain] - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32736 2013-10-19] (Panda Security, S.L.)
HKLM-x32\...\Run: [Panda Security URL Filtering] - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe [235072 2013-09-26] (Visicom Media Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
IFEO\freemakevideodownloader.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\pdf architect.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=cr
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Turkelton\AppData\Roaming\Mozilla\Firefox\Profiles\swh5fjge.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Turkelton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Panda Security Toolbar - C:\Users\Turkelton\AppData\Roaming\Mozilla\Firefox\Profiles\swh5fjge.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
FF Extension: Adblock Plus - C:\Users\Turkelton\AppData\Roaming\Mozilla\Firefox\Profiles\swh5fjge.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Turkelton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\25.62088_1
CHR Extension: (Google Docs) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Panda Security New Tab) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fknfdieimobmimhdkfkheeejenmdjhoe\0.12_0
CHR Extension: (https://login.yahoo.com/config/mail?&.src=ym&) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbmmfadoegjncdbkohghgkhaefngodpj\2013.10.2.1437_0
CHR Extension: (Google Wallet) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-28] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 FFSOpzSvc; C:\Program Files\Sleep Memory Optimizer\FFSService.exe [141192 2011-09-17] (Acer Incorporated)
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-07-31] (Ellora Assets Corp.)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [192856 2012-02-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140768 2013-10-03] (Panda Security, S.L.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [37344 2013-10-19] (Panda Security, S.L.)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2099512 2013-10-30] (TuneUp Software)
R2 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [235624 2012-04-19] ()
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Acer\WDAgent\Ath_WlanAgent.exe [77824 2012-05-03] (Atheros)

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-03-07] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-03-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-03-06] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-02-22] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [91368 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [122088 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109288 2013-05-29] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95464 2013-05-29] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69864 2013-05-29] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [119016 2013-05-29] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [305896 2013-05-29] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [118504 2013-05-29] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [246504 2013-05-29] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106216 2013-05-29] (Panda Security, S.L.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [169192 2013-10-17] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [122600 2013-10-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [206056 2013-10-11] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124648 2013-10-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [137960 2013-10-11] (Panda Security, S.L.)
S3 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [105704 2013-10-11] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [58808 2013-04-29] (Panda Security, S.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-02 18:28 - 2013-12-02 18:28 - 00023711 _____ C:\Users\Turkelton\Downloads\FRST.txt
2013-12-02 18:26 - 2013-12-02 18:26 - 00000000 ___RD C:\Users\Turkelton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-02 18:26 - 2013-12-02 18:26 - 00000000 ____D C:\Users\Turkelton\Desktop\berichte
2013-12-02 18:19 - 2013-12-02 18:19 - 00000000 ____D C:\FRST
2013-12-02 18:18 - 2013-12-02 18:18 - 01959184 _____ (Farbar) C:\Users\Turkelton\Downloads\FRST64.exe
2013-12-02 18:18 - 2013-12-02 18:18 - 01092187 _____ (Farbar) C:\Users\Turkelton\Downloads\FRST.exe
2013-12-02 16:48 - 2013-12-02 16:48 - 00001077 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\Malwarebytes
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-02 16:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-02 16:47 - 2013-12-02 16:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Turkelton\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-02 16:32 - 2013-04-29 08:17 - 00058808 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2013-12-02 16:23 - 2013-12-02 16:23 - 00000444 _____ C:\Windows\wininit.ini
2013-12-02 15:46 - 2013-12-02 15:46 - 00001347 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-02 15:46 - 2013-12-02 15:46 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-12-02 15:45 - 2013-12-02 16:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-02 15:45 - 2013-12-02 15:54 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-02 15:45 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-12-02 15:44 - 2013-12-02 15:44 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\Turkelton\Downloads\spybot-2.2.exe
2013-12-02 15:38 - 2013-12-02 15:38 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-02 15:38 - 2013-12-02 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-02 15:38 - 2013-12-02 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-02 15:37 - 2013-12-02 15:37 - 00283184 _____ (Mozilla) C:\Users\Turkelton\Downloads\Firefox Setup Stub 25.0.1.exe
2013-12-02 15:23 - 2013-12-02 15:23 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-12-02 15:17 - 2013-10-30 10:45 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-12-02 15:17 - 2013-10-30 10:45 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-12-02 15:13 - 2013-12-02 15:18 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-02 15:13 - 2013-12-02 15:17 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2013-12-02 15:13 - 2013-12-02 15:13 - 00002177 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-02 15:13 - 2013-12-02 15:13 - 00002157 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-02 15:13 - 2013-12-02 15:13 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\TuneUp Software
2013-12-02 15:13 - 2013-10-30 10:45 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-12-02 15:13 - 2013-10-30 10:45 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-12-02 15:13 - 2013-10-30 10:45 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-12-02 15:12 - 2013-12-02 15:23 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-02 15:12 - 2013-12-02 15:12 - 32522152 _____ (TuneUp Software) C:\Users\Turkelton\Downloads\TuneUpUtilities2014_de-DE_b1000.143.exe
2013-12-02 15:02 - 2013-12-02 15:02 - 00002203 _____ C:\Users\Turkelton\Desktop\Panda Cloud Antivirus.lnk
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\Panda Security
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Users\Turkelton\AppData\Local\panda4_1dn
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\ProgramData\Panda Security URL Filtering
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Program Files (x86)\pandasecuritytb
2013-12-02 15:01 - 2013-12-02 15:01 - 00000000 ____D C:\ProgramData\Panda Security
2013-12-02 15:01 - 2013-12-02 15:01 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-12-02 14:57 - 2013-12-02 14:57 - 00845944 _____ C:\Users\Turkelton\Downloads\PandaCloud23Antivirus.exe
2013-12-02 14:40 - 2013-12-02 14:45 - 00014577 _____ C:\Users\Turkelton\Downloads\hijackthis.log
2013-12-02 14:40 - 2013-12-02 14:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Turkelton\Downloads\HiJackThis204.exe
2013-11-23 23:53 - 2013-11-25 16:00 - 106036908 _____ C:\Windows\SysWOW64\灈@
2013-11-20 10:14 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-20 10:11 - 2013-11-20 10:15 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-20 10:11 - 2013-11-20 10:11 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-20 10:11 - 2013-11-20 10:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-20 10:11 - 2013-11-20 10:11 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-20 10:11 - 2013-11-20 10:11 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-20 10:11 - 2013-11-20 10:11 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-20 10:11 - 2013-11-20 10:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-20 10:11 - 2013-11-20 10:11 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-20 10:11 - 2013-11-20 10:11 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-20 10:11 - 2013-11-20 10:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-20 10:11 - 2013-11-20 10:11 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-20 10:11 - 2013-11-20 10:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-14 14:57 - 2013-11-18 22:20 - 104986035 _____ C:\Windows\SysWOW64\Შᤤ…
2013-11-13 14:58 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 14:58 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 14:58 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 14:58 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 14:58 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 14:58 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 14:58 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 14:58 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 14:58 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 14:58 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 14:58 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 14:58 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 14:58 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 14:58 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 14:58 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 14:58 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 14:58 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 14:58 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 14:58 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 14:58 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 14:58 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 14:58 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 14:58 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 14:58 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 14:58 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 14:58 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 14:58 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 14:58 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 14:58 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 14:58 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 11:23 - 2013-11-13 17:23 - 104105331 _____ C:\Windows\SysWOW64\诐৊¤
2013-11-10 17:31 - 2013-11-12 21:14 - 103974937 _____ C:\Windows\SysWOW64\鲍줡Ž
2013-11-07 19:19 - 2013-11-10 11:32 - 103467942 _____ C:\Windows\SysWOW64\퓏꿳ˆ
2013-11-04 12:01 - 2013-11-04 12:01 - 00017160 _____ C:\Users\Turkelton\Downloads\D838C63360BBBB8690177E3B1852B28366A94991.torrent

==================== One Month Modified Files and Folders =======

2013-12-02 18:28 - 2013-12-02 18:28 - 00023711 _____ C:\Users\Turkelton\Downloads\FRST.txt
2013-12-02 18:27 - 2013-07-12 17:22 - 00000000 ___RD C:\Users\Turkelton\Desktop\Uni
2013-12-02 18:26 - 2013-12-02 18:26 - 00000000 ___RD C:\Users\Turkelton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-02 18:26 - 2013-12-02 18:26 - 00000000 ____D C:\Users\Turkelton\Desktop\berichte
2013-12-02 18:26 - 2013-07-12 17:20 - 00000000 ___RD C:\Users\Turkelton\Desktop\Murat
2013-12-02 18:25 - 2012-06-07 23:14 - 01411469 _____ C:\Windows\WindowsUpdate.log
2013-12-02 18:25 - 2010-11-21 04:47 - 00020278 _____ C:\Windows\PFRO.log
2013-12-02 18:25 - 2009-07-14 06:08 - 00032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-02 18:25 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-02 18:25 - 2009-07-14 05:51 - 00068396 _____ C:\Windows\setupact.log
2013-12-02 18:19 - 2013-12-02 18:19 - 00000000 ____D C:\FRST
2013-12-02 18:18 - 2013-12-02 18:18 - 01959184 _____ (Farbar) C:\Users\Turkelton\Downloads\FRST64.exe
2013-12-02 18:18 - 2013-12-02 18:18 - 01092187 _____ (Farbar) C:\Users\Turkelton\Downloads\FRST.exe
2013-12-02 17:54 - 2013-08-12 00:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-02 16:48 - 2013-12-02 16:48 - 00001077 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\Malwarebytes
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-02 16:47 - 2013-12-02 16:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Turkelton\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-02 16:39 - 2012-06-08 06:40 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-12-02 16:39 - 2012-06-08 06:40 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-12-02 16:39 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-02 16:39 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-02 16:39 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-02 16:32 - 2013-09-02 16:54 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-02 16:32 - 2013-09-02 16:54 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-02 16:31 - 2013-09-02 16:54 - 00004124 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-02 16:31 - 2013-09-02 16:54 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-02 16:31 - 2009-07-14 05:45 - 00354048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-02 16:23 - 2013-12-02 16:23 - 00000444 _____ C:\Windows\wininit.ini
2013-12-02 16:23 - 2013-12-02 15:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-02 15:54 - 2013-12-02 15:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-02 15:46 - 2013-12-02 15:46 - 00001347 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-02 15:46 - 2013-12-02 15:46 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-12-02 15:44 - 2013-12-02 15:44 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\Turkelton\Downloads\spybot-2.2.exe
2013-12-02 15:38 - 2013-12-02 15:38 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-02 15:38 - 2013-12-02 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-02 15:38 - 2013-12-02 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-02 15:37 - 2013-12-02 15:37 - 00283184 _____ (Mozilla) C:\Users\Turkelton\Downloads\Firefox Setup Stub 25.0.1.exe
2013-12-02 15:31 - 2012-05-11 01:50 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-12-02 15:23 - 2013-12-02 15:23 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-12-02 15:23 - 2013-12-02 15:12 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-02 15:23 - 2013-07-17 18:44 - 00000000 ____D C:\Users\Turkelton\AppData\Local\Downloaded Installations
2013-12-02 15:18 - 2013-12-02 15:13 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-02 15:17 - 2013-12-02 15:13 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2013-12-02 15:13 - 2013-12-02 15:13 - 00002177 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-02 15:13 - 2013-12-02 15:13 - 00002157 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-02 15:13 - 2013-12-02 15:13 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\TuneUp Software
2013-12-02 15:12 - 2013-12-02 15:12 - 32522152 _____ (TuneUp Software) C:\Users\Turkelton\Downloads\TuneUpUtilities2014_de-DE_b1000.143.exe
2013-12-02 15:02 - 2013-12-02 15:02 - 00002203 _____ C:\Users\Turkelton\Desktop\Panda Cloud Antivirus.lnk
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\Panda Security
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Users\Turkelton\AppData\Local\panda4_1dn
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\ProgramData\Panda Security URL Filtering
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Program Files (x86)\pandasecuritytb
2013-12-02 15:02 - 2013-07-12 14:24 - 00066432 _____ C:\Users\Turkelton\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-02 15:01 - 2013-12-02 15:01 - 00000000 ____D C:\ProgramData\Panda Security
2013-12-02 15:01 - 2013-12-02 15:01 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-12-02 14:57 - 2013-12-02 14:57 - 00845944 _____ C:\Users\Turkelton\Downloads\PandaCloud23Antivirus.exe
2013-12-02 14:45 - 2013-12-02 14:40 - 00014577 _____ C:\Users\Turkelton\Downloads\hijackthis.log
2013-12-02 14:40 - 2013-12-02 14:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Turkelton\Downloads\HiJackThis204.exe
2013-12-02 14:40 - 2013-07-12 14:25 - 00000000 ____D C:\Users\Turkelton\AppData\Local\VirtualStore
2013-12-02 12:52 - 2013-07-17 23:13 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\Spotify
2013-11-30 18:49 - 2013-09-04 15:33 - 00225280 ___SH C:\Users\Turkelton\Desktop\Thumbs.db
2013-11-30 16:39 - 2013-07-17 23:13 - 00000000 ____D C:\Users\Turkelton\AppData\Local\Spotify
2013-11-28 23:17 - 2013-08-06 16:53 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\vlc
2013-11-28 23:15 - 2013-09-11 09:57 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-28 23:15 - 2013-09-10 22:06 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-28 23:15 - 2013-09-10 22:06 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-28 23:15 - 2013-09-10 22:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-27 20:24 - 2013-10-01 23:48 - 00000000 ____D C:\Users\Turkelton\AppData\Local\PokerStars.NET
2013-11-27 20:24 - 2013-10-01 23:48 - 00000000 ____D C:\Program Files (x86)\PokerStars.NET
2013-11-26 20:38 - 2013-07-12 14:30 - 00000000 ____D C:\Users\Turkelton\Documents\Bluetooth Folder
2013-11-25 16:00 - 2013-11-23 23:53 - 106036908 _____ C:\Windows\SysWOW64\灈@
2013-11-20 23:52 - 2013-07-12 14:26 - 00001429 _____ C:\Users\Turkelton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-20 23:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-20 10:15 - 2013-11-20 10:11 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-20 10:11 - 2013-11-20 10:11 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-20 10:11 - 2013-11-20 10:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-20 10:11 - 2013-11-20 10:11 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-20 10:11 - 2013-11-20 10:11 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-20 10:11 - 2013-11-20 10:11 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-20 10:11 - 2013-11-20 10:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-20 10:11 - 2013-11-20 10:11 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-20 10:11 - 2013-11-20 10:11 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-20 10:11 - 2013-11-20 10:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-20 10:11 - 2013-11-20 10:11 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-20 10:11 - 2013-11-20 10:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-18 22:20 - 2013-11-14 14:57 - 104986035 _____ C:\Windows\SysWOW64\Შᤤ…
2013-11-15 13:16 - 2013-09-02 16:54 - 00002139 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-14 08:49 - 2013-09-06 11:56 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 08:48 - 2013-09-06 11:56 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 00:49 - 2013-08-12 00:44 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-14 00:49 - 2013-07-12 17:49 - 00000000 ____D C:\Users\Turkelton\AppData\Local\Adobe
2013-11-14 00:49 - 2012-05-11 02:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 00:49 - 2012-05-11 02:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-13 17:23 - 2013-11-13 11:23 - 104105331 _____ C:\Windows\SysWOW64\诐৊¤
2013-11-13 11:23 - 2013-07-12 14:22 - 00000000 ____D C:\Users\Turkelton
2013-11-12 21:14 - 2013-11-10 17:31 - 103974937 _____ C:\Windows\SysWOW64\鲍줡Ž
2013-11-11 05:50 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 11:32 - 2013-11-07 19:19 - 103467942 _____ C:\Windows\SysWOW64\퓏꿳ˆ
2013-11-04 12:01 - 2013-11-04 12:01 - 00017160 _____ C:\Users\Turkelton\Downloads\D838C63360BBBB8690177E3B1852B28366A94991.torrent

Some content of TEMP:
====================
C:\Users\Turkelton\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-01 14:56

==================== End Of Log ============================
         
--- --- ---


Hoffe ich habe alles richtig gemacht
__________________

Alt 03.12.2013, 09:38   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Browser leiten automatisch auf Werbeseiten um! - Standard

Windows 7: Browser leiten automatisch auf Werbeseiten um!



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.12.2013, 12:17   #5
IMuse
 
Windows 7: Browser leiten automatisch auf Werbeseiten um! - Standard

Windows 7: Browser leiten automatisch auf Werbeseiten um!



Code:
ATTFilter
# AdwCleaner v3.014 - Bericht erstellt am 03/12/2013 um 12:47:55
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Turkelton - TURKSULTRAACER
# Gestartet von : C:\Users\Turkelton\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\Toolbar Cleaner

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\LyricsContainer
Schlüssel Gelöscht : HKLM\Software\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Turkelton\AppData\Roaming\Mozilla\Firefox\Profiles\swh5fjge.default\prefs.js ]


-\\ Google Chrome v31.0.1650.57

[ Datei : C:\Users\Turkelton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2377 octets] - [03/12/2013 12:47:03]
AdwCleaner[S0].txt - [2298 octets] - [03/12/2013 12:47:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2358 octets] ##########
         

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Turkelton on 03.12.2013 at 12:57:56,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Empty Folder] C:\Users\Turkelton\appdata\local\{0682E791-2F3F-4167-8187-85AFC42F7249}
Successfully deleted: [Empty Folder] C:\Users\Turkelton\appdata\local\{5070D786-5F67-4C58-8919-75636FECD9C1}
Successfully deleted: [Empty Folder] C:\Users\Turkelton\appdata\local\{EC9C164D-D325-4771-A991-57858639F400}



~~~ FireFox

Emptied folder: C:\Users\Turkelton\AppData\Roaming\mozilla\firefox\profiles\swh5fjge.default\minidumps [20 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Turkelton\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2013 at 13:06:29,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013
Ran by Turkelton (administrator) on TURKSULTRAACER on 03-12-2013 13:15:32
Running from C:\Users\Turkelton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AR2EJ6YN
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Sleep Memory Optimizer\FFSService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Atheros) C:\Program Files (x86)\Acer\WDAgent\Ath_WlanAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\IO Door Notification\IODoorNotification.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [InstantUpdate] - C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe [124520 2012-04-07] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2818352 2012-04-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1022592 2012-05-07] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [801920 2012-05-07] (Atheros Commnucations)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
MountPoints2: {0ae18ce2-fc46-11e2-b0be-e006e63fef5e} - D:\LGAutoRun.exe
MountPoints2: {9070913d-eb0b-11e2-b492-e006e63fef5e} - D:\laucher.exe
HKLM-x32\...\Run: [IO Door Notification] - C:\Program Files (x86)\Acer\IO Door Notification\IODoorNotification.exe [2097256 2012-04-12] (Acer Incorporated)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1108048 2012-04-25] (Dritek System Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PSUAMain] - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32736 2013-10-19] (Panda Security, S.L.)
HKLM-x32\...\Run: [Panda Security URL Filtering] - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe [235072 2013-09-26] (Visicom Media Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
IFEO\freemakevideodownloader.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\pdf architect.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=cr
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Turkelton\AppData\Roaming\Mozilla\Firefox\Profiles\swh5fjge.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Turkelton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Panda Security Toolbar - C:\Users\Turkelton\AppData\Roaming\Mozilla\Firefox\Profiles\swh5fjge.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
FF Extension: Adblock Plus - C:\Users\Turkelton\AppData\Roaming\Mozilla\Firefox\Profiles\swh5fjge.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome: 
=======
CHR RestoreOnStartup: "hxxp://google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Turkelton\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Panda Security New Tab) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fknfdieimobmimhdkfkheeejenmdjhoe\0.12_0
CHR Extension: (https://login.yahoo.com/config/mail?&.src=ym&) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbmmfadoegjncdbkohghgkhaefngodpj\2013.10.2.1437_0
CHR Extension: (Google Wallet) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\TURKEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-28] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-11-25] (Acer Incorporated)
R2 FFSOpzSvc; C:\Program Files\Sleep Memory Optimizer\FFSService.exe [141192 2011-09-17] (Acer Incorporated)
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-07-31] (Ellora Assets Corp.)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [192856 2012-02-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140768 2013-10-03] (Panda Security, S.L.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [37344 2013-10-19] (Panda Security, S.L.)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2099512 2013-10-30] (TuneUp Software)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Acer\WDAgent\Ath_WlanAgent.exe [77824 2012-05-03] (Atheros)

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-03-07] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-03-06] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-03-06] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-02-22] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [91368 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [122088 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109288 2013-05-29] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95464 2013-05-29] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69864 2013-05-29] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [119016 2013-05-29] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [305896 2013-05-29] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [118504 2013-05-29] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [246504 2013-05-29] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106216 2013-05-29] (Panda Security, S.L.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [169192 2013-10-17] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [122600 2013-10-11] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [206056 2013-10-11] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124648 2013-10-11] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [137960 2013-10-11] (Panda Security, S.L.)
S3 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [105704 2013-10-11] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [58808 2013-04-29] (Panda Security, S.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-03 13:06 - 2013-12-03 13:06 - 00001538 _____ C:\Users\Turkelton\Desktop\JRT.txt
2013-12-03 12:57 - 2013-12-03 12:57 - 00000000 ____D C:\Windows\ERUNT
2013-12-03 12:56 - 2013-12-03 12:56 - 01034531 _____ (Thisisu) C:\Users\Turkelton\Downloads\JRT_6.0.8.exe
2013-12-03 12:50 - 2013-12-03 12:50 - 00002442 _____ C:\Users\Turkelton\Desktop\AdwCleaner[S0].txt
2013-12-03 12:49 - 2013-12-03 12:49 - 00000000 ___RD C:\Users\Turkelton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-03 12:49 - 2013-04-29 08:17 - 00058808 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2013-12-03 12:46 - 2013-12-03 12:46 - 00012920 _____ C:\Users\Turkelton\Desktop\Kündigung O2.odt
2013-12-03 12:26 - 2013-12-03 12:48 - 00000000 ____D C:\AdwCleaner
2013-12-03 12:26 - 2013-12-03 12:26 - 01110034 _____ C:\Users\Turkelton\Downloads\adwcleaner.exe
2013-12-02 22:53 - 2013-12-02 22:57 - 00000522 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-02 22:47 - 2013-12-02 22:47 - 00003336 _____ C:\Windows\System32\Tasks\AcerCloud
2013-12-02 22:47 - 2013-12-02 22:47 - 00001060 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2013-12-02 22:47 - 2013-12-02 22:47 - 00000000 ____D C:\Users\Turkelton\PicStream
2013-12-02 22:47 - 2013-12-02 22:47 - 00000000 ____D C:\Users\Turkelton\AppData\Local\ClearfiPhoto
2013-12-02 22:46 - 2013-12-02 22:47 - 00000000 ____D C:\AcerCloud
2013-12-02 22:46 - 2013-12-02 22:46 - 00000000 ____D C:\Users\Turkelton\AppData\Local\AcerCloud
2013-12-02 22:45 - 2013-12-02 22:47 - 00000000 ____D C:\Users\Turkelton\AppData\Local\clear.fi
2013-12-02 22:45 - 2013-12-02 22:47 - 00000000 ____D C:\Users\Turkelton\AppData\Local\Acer
2013-12-02 22:45 - 2013-12-02 22:45 - 00000000 ____D C:\Windows\System32\Tasks\Theft Shield
2013-12-02 22:44 - 2013-12-02 22:44 - 00000880 _____ C:\Users\Public\Desktop\Acer Theft Shield.lnk
2013-12-02 18:28 - 2013-12-02 18:29 - 00067271 _____ C:\Users\Turkelton\Downloads\FRST.txt
2013-12-02 18:28 - 2013-12-02 18:29 - 00023481 _____ C:\Users\Turkelton\Downloads\Addition.txt
2013-12-02 18:26 - 2013-12-02 18:26 - 00000000 ____D C:\Users\Turkelton\Desktop\berichte
2013-12-02 18:19 - 2013-12-02 18:19 - 00000000 ____D C:\FRST
2013-12-02 18:18 - 2013-12-02 18:18 - 01092187 _____ (Farbar) C:\Users\Turkelton\Downloads\FRST.exe
2013-12-02 16:48 - 2013-12-02 16:48 - 00001077 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\Malwarebytes
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-02 16:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-02 16:47 - 2013-12-02 16:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Turkelton\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-02 16:23 - 2013-12-02 16:23 - 00000444 _____ C:\Windows\wininit.ini
2013-12-02 15:46 - 2013-12-02 15:46 - 00001347 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-02 15:46 - 2013-12-02 15:46 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-12-02 15:45 - 2013-12-02 16:23 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-02 15:45 - 2013-12-02 15:54 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-02 15:45 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2013-12-02 15:44 - 2013-12-02 15:44 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\Turkelton\Downloads\spybot-2.2.exe
2013-12-02 15:38 - 2013-12-02 15:38 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-02 15:38 - 2013-12-02 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-02 15:38 - 2013-12-02 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-02 15:37 - 2013-12-02 15:37 - 00283184 _____ (Mozilla) C:\Users\Turkelton\Downloads\Firefox Setup Stub 25.0.1.exe
2013-12-02 15:23 - 2013-12-02 15:23 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-12-02 15:17 - 2013-10-30 10:45 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-12-02 15:17 - 2013-10-30 10:45 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2013-12-02 15:13 - 2013-12-02 15:18 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-02 15:13 - 2013-12-02 15:17 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2013-12-02 15:13 - 2013-12-02 15:13 - 00002177 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-02 15:13 - 2013-12-02 15:13 - 00002157 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-02 15:13 - 2013-12-02 15:13 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\TuneUp Software
2013-12-02 15:13 - 2013-10-30 10:45 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-12-02 15:13 - 2013-10-30 10:45 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-12-02 15:13 - 2013-10-30 10:45 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-12-02 15:12 - 2013-12-02 15:23 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-02 15:12 - 2013-12-02 15:12 - 32522152 _____ (TuneUp Software) C:\Users\Turkelton\Downloads\TuneUpUtilities2014_de-DE_b1000.143.exe
2013-12-02 15:02 - 2013-12-02 15:02 - 00002203 _____ C:\Users\Turkelton\Desktop\Panda Cloud Antivirus.lnk
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\Panda Security
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Users\Turkelton\AppData\Local\panda4_1dn
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\ProgramData\Panda Security URL Filtering
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Program Files (x86)\pandasecuritytb
2013-12-02 15:01 - 2013-12-02 15:01 - 00000000 ____D C:\ProgramData\Panda Security
2013-12-02 15:01 - 2013-12-02 15:01 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-12-02 14:57 - 2013-12-02 14:57 - 00845944 _____ C:\Users\Turkelton\Downloads\PandaCloud23Antivirus.exe
2013-12-02 14:40 - 2013-12-02 14:45 - 00014577 _____ C:\Users\Turkelton\Downloads\hijackthis.log
2013-12-02 14:40 - 2013-12-02 14:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Turkelton\Downloads\HiJackThis204.exe
2013-11-23 23:53 - 2013-11-25 16:00 - 106036908 _____ C:\Windows\SysWOW64\灈@
2013-11-20 10:14 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-20 10:11 - 2013-11-20 10:15 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-20 10:11 - 2013-11-20 10:11 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-20 10:11 - 2013-11-20 10:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-20 10:11 - 2013-11-20 10:11 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-20 10:11 - 2013-11-20 10:11 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-20 10:11 - 2013-11-20 10:11 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-20 10:11 - 2013-11-20 10:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-20 10:11 - 2013-11-20 10:11 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-20 10:11 - 2013-11-20 10:11 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-20 10:11 - 2013-11-20 10:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-20 10:11 - 2013-11-20 10:11 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-20 10:11 - 2013-11-20 10:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-14 14:57 - 2013-11-18 22:20 - 104986035 _____ C:\Windows\SysWOW64\Შᤤ…
2013-11-13 14:58 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 14:58 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 14:58 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 14:58 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 14:58 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 14:58 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 14:58 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 14:58 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 14:58 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 14:58 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 14:58 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 14:58 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 14:58 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 14:58 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 14:58 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 14:58 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 14:58 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 14:58 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 14:58 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 14:58 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 14:58 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 14:58 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 14:58 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 14:58 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 14:58 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 14:58 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 14:58 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 14:58 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 14:58 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 14:58 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 11:23 - 2013-11-13 17:23 - 104105331 _____ C:\Windows\SysWOW64\诐৊¤
2013-11-10 17:31 - 2013-11-12 21:14 - 103974937 _____ C:\Windows\SysWOW64\鲍줡Ž
2013-11-07 19:19 - 2013-11-10 11:32 - 103467942 _____ C:\Windows\SysWOW64\퓏꿳ˆ
2013-11-04 12:01 - 2013-11-04 12:01 - 00017160 _____ C:\Users\Turkelton\Downloads\D838C63360BBBB8690177E3B1852B28366A94991.torrent

==================== One Month Modified Files and Folders =======

2013-12-03 13:06 - 2013-12-03 13:06 - 00001538 _____ C:\Users\Turkelton\Desktop\JRT.txt
2013-12-03 12:57 - 2013-12-03 12:57 - 00000000 ____D C:\Windows\ERUNT
2013-12-03 12:56 - 2013-12-03 12:56 - 01034531 _____ (Thisisu) C:\Users\Turkelton\Downloads\JRT_6.0.8.exe
2013-12-03 12:56 - 2012-06-08 06:40 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-12-03 12:56 - 2012-06-08 06:40 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-12-03 12:56 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-03 12:56 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 12:56 - 2009-07-14 05:45 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 12:55 - 2013-08-08 19:07 - 00000000 ____D C:\Users\Turkelton\AppData\Local\CrashDumps
2013-12-03 12:54 - 2013-08-12 00:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-03 12:50 - 2013-12-03 12:50 - 00002442 _____ C:\Users\Turkelton\Desktop\AdwCleaner[S0].txt
2013-12-03 12:49 - 2013-12-03 12:49 - 00000000 ___RD C:\Users\Turkelton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-03 12:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 12:49 - 2009-07-14 05:51 - 00068564 _____ C:\Windows\setupact.log
2013-12-03 12:48 - 2013-12-03 12:26 - 00000000 ____D C:\AdwCleaner
2013-12-03 12:48 - 2012-06-07 23:14 - 01466220 _____ C:\Windows\WindowsUpdate.log
2013-12-03 12:46 - 2013-12-03 12:46 - 00012920 _____ C:\Users\Turkelton\Desktop\Kündigung O2.odt
2013-12-03 12:46 - 2013-09-04 15:33 - 00231936 ___SH C:\Users\Turkelton\Desktop\Thumbs.db
2013-12-03 12:26 - 2013-12-03 12:26 - 01110034 _____ C:\Users\Turkelton\Downloads\adwcleaner.exe
2013-12-03 11:56 - 2013-09-10 22:06 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-02 22:57 - 2013-12-02 22:53 - 00000522 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-12-02 22:47 - 2013-12-02 22:47 - 00003336 _____ C:\Windows\System32\Tasks\AcerCloud
2013-12-02 22:47 - 2013-12-02 22:47 - 00001060 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2013-12-02 22:47 - 2013-12-02 22:47 - 00000000 ____D C:\Users\Turkelton\PicStream
2013-12-02 22:47 - 2013-12-02 22:47 - 00000000 ____D C:\Users\Turkelton\AppData\Local\ClearfiPhoto
2013-12-02 22:47 - 2013-12-02 22:46 - 00000000 ____D C:\AcerCloud
2013-12-02 22:47 - 2013-12-02 22:45 - 00000000 ____D C:\Users\Turkelton\AppData\Local\clear.fi
2013-12-02 22:47 - 2013-12-02 22:45 - 00000000 ____D C:\Users\Turkelton\AppData\Local\Acer
2013-12-02 22:47 - 2013-07-12 14:22 - 00000000 ____D C:\Users\Turkelton
2013-12-02 22:47 - 2012-05-11 02:31 - 00000000 ___HD C:\OEM
2013-12-02 22:47 - 2012-05-11 01:48 - 00000000 ____D C:\ProgramData\Acer
2013-12-02 22:47 - 2012-05-11 01:48 - 00000000 ____D C:\Program Files (x86)\Acer
2013-12-02 22:46 - 2013-12-02 22:46 - 00000000 ____D C:\Users\Turkelton\AppData\Local\AcerCloud
2013-12-02 22:45 - 2013-12-02 22:45 - 00000000 ____D C:\Windows\System32\Tasks\Theft Shield
2013-12-02 22:45 - 2012-05-11 01:48 - 00000000 ____D C:\ProgramData\OEM
2013-12-02 22:44 - 2013-12-02 22:44 - 00000880 _____ C:\Users\Public\Desktop\Acer Theft Shield.lnk
2013-12-02 22:44 - 2012-05-11 01:48 - 00000000 ____D C:\Program Files\Acer
2013-12-02 18:29 - 2013-12-02 18:28 - 00067271 _____ C:\Users\Turkelton\Downloads\FRST.txt
2013-12-02 18:29 - 2013-12-02 18:28 - 00023481 _____ C:\Users\Turkelton\Downloads\Addition.txt
2013-12-02 18:27 - 2013-07-12 17:22 - 00000000 ___RD C:\Users\Turkelton\Desktop\Uni
2013-12-02 18:26 - 2013-12-02 18:26 - 00000000 ____D C:\Users\Turkelton\Desktop\berichte
2013-12-02 18:26 - 2013-07-12 17:20 - 00000000 ___RD C:\Users\Turkelton\Desktop\Murat
2013-12-02 18:25 - 2010-11-21 04:47 - 00020278 _____ C:\Windows\PFRO.log
2013-12-02 18:25 - 2009-07-14 06:08 - 00032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-02 18:19 - 2013-12-02 18:19 - 00000000 ____D C:\FRST
2013-12-02 18:18 - 2013-12-02 18:18 - 01092187 _____ (Farbar) C:\Users\Turkelton\Downloads\FRST.exe
2013-12-02 16:48 - 2013-12-02 16:48 - 00001077 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\Malwarebytes
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-02 16:48 - 2013-12-02 16:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-02 16:47 - 2013-12-02 16:47 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Turkelton\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-02 16:32 - 2013-09-02 16:54 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-02 16:32 - 2013-09-02 16:54 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-02 16:31 - 2013-09-02 16:54 - 00004124 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-02 16:31 - 2013-09-02 16:54 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-02 16:31 - 2009-07-14 05:45 - 00354048 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-02 16:23 - 2013-12-02 16:23 - 00000444 _____ C:\Windows\wininit.ini
2013-12-02 16:23 - 2013-12-02 15:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-02 15:54 - 2013-12-02 15:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-02 15:46 - 2013-12-02 15:46 - 00001347 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-02 15:46 - 2013-12-02 15:46 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2013-12-02 15:44 - 2013-12-02 15:44 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\Turkelton\Downloads\spybot-2.2.exe
2013-12-02 15:38 - 2013-12-02 15:38 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-02 15:38 - 2013-12-02 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-02 15:38 - 2013-12-02 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-02 15:37 - 2013-12-02 15:37 - 00283184 _____ (Mozilla) C:\Users\Turkelton\Downloads\Firefox Setup Stub 25.0.1.exe
2013-12-02 15:31 - 2012-05-11 01:50 - 00000000 ____D C:\Program Files (x86)\Windows Live
2013-12-02 15:23 - 2013-12-02 15:23 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-12-02 15:23 - 2013-12-02 15:12 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-02 15:23 - 2013-07-17 18:44 - 00000000 ____D C:\Users\Turkelton\AppData\Local\Downloaded Installations
2013-12-02 15:18 - 2013-12-02 15:13 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-02 15:17 - 2013-12-02 15:13 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2013-12-02 15:13 - 2013-12-02 15:13 - 00002177 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-12-02 15:13 - 2013-12-02 15:13 - 00002157 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2013-12-02 15:13 - 2013-12-02 15:13 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\TuneUp Software
2013-12-02 15:12 - 2013-12-02 15:12 - 32522152 _____ (TuneUp Software) C:\Users\Turkelton\Downloads\TuneUpUtilities2014_de-DE_b1000.143.exe
2013-12-02 15:02 - 2013-12-02 15:02 - 00002203 _____ C:\Users\Turkelton\Desktop\Panda Cloud Antivirus.lnk
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\Panda Security
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Users\Turkelton\AppData\Local\panda4_1dn
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\ProgramData\Panda Security URL Filtering
2013-12-02 15:02 - 2013-12-02 15:02 - 00000000 ____D C:\Program Files (x86)\pandasecuritytb
2013-12-02 15:02 - 2013-07-12 14:24 - 00066432 _____ C:\Users\Turkelton\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-02 15:01 - 2013-12-02 15:01 - 00000000 ____D C:\ProgramData\Panda Security
2013-12-02 15:01 - 2013-12-02 15:01 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-12-02 14:57 - 2013-12-02 14:57 - 00845944 _____ C:\Users\Turkelton\Downloads\PandaCloud23Antivirus.exe
2013-12-02 14:45 - 2013-12-02 14:40 - 00014577 _____ C:\Users\Turkelton\Downloads\hijackthis.log
2013-12-02 14:40 - 2013-12-02 14:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Turkelton\Downloads\HiJackThis204.exe
2013-12-02 14:40 - 2013-07-12 14:25 - 00000000 ____D C:\Users\Turkelton\AppData\Local\VirtualStore
2013-12-02 12:52 - 2013-07-17 23:13 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\Spotify
2013-11-30 16:39 - 2013-07-17 23:13 - 00000000 ____D C:\Users\Turkelton\AppData\Local\Spotify
2013-11-28 23:17 - 2013-08-06 16:53 - 00000000 ____D C:\Users\Turkelton\AppData\Roaming\vlc
2013-11-28 23:15 - 2013-09-11 09:57 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-28 23:15 - 2013-09-10 22:06 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-28 23:15 - 2013-09-10 22:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-27 20:24 - 2013-10-01 23:48 - 00000000 ____D C:\Users\Turkelton\AppData\Local\PokerStars.NET
2013-11-27 20:24 - 2013-10-01 23:48 - 00000000 ____D C:\Program Files (x86)\PokerStars.NET
2013-11-26 20:38 - 2013-07-12 14:30 - 00000000 ____D C:\Users\Turkelton\Documents\Bluetooth Folder
2013-11-25 16:00 - 2013-11-23 23:53 - 106036908 _____ C:\Windows\SysWOW64\灈@
2013-11-20 23:52 - 2013-07-12 14:26 - 00001429 _____ C:\Users\Turkelton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-20 23:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-20 10:15 - 2013-11-20 10:11 - 00010277 _____ C:\Windows\IE11_main.log
2013-11-20 10:11 - 2013-11-20 10:11 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-20 10:11 - 2013-11-20 10:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-20 10:11 - 2013-11-20 10:11 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-20 10:11 - 2013-11-20 10:11 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-20 10:11 - 2013-11-20 10:11 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-20 10:11 - 2013-11-20 10:11 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-20 10:11 - 2013-11-20 10:11 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-20 10:11 - 2013-11-20 10:11 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-20 10:11 - 2013-11-20 10:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-20 10:11 - 2013-11-20 10:11 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-20 10:11 - 2013-11-20 10:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-20 10:11 - 2013-11-20 10:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-20 10:11 - 2013-11-20 10:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-18 22:20 - 2013-11-14 14:57 - 104986035 _____ C:\Windows\SysWOW64\Შᤤ…
2013-11-15 13:16 - 2013-09-02 16:54 - 00002139 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-14 08:49 - 2013-09-06 11:56 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 08:48 - 2013-09-06 11:56 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 00:49 - 2013-08-12 00:44 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-14 00:49 - 2013-07-12 17:49 - 00000000 ____D C:\Users\Turkelton\AppData\Local\Adobe
2013-11-14 00:49 - 2012-05-11 02:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-14 00:49 - 2012-05-11 02:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-13 17:23 - 2013-11-13 11:23 - 104105331 _____ C:\Windows\SysWOW64\诐৊¤
2013-11-12 21:14 - 2013-11-10 17:31 - 103974937 _____ C:\Windows\SysWOW64\鲍줡Ž
2013-11-11 05:50 - 2010-11-21 04:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-10 11:32 - 2013-11-07 19:19 - 103467942 _____ C:\Windows\SysWOW64\퓏꿳ˆ
2013-11-04 12:01 - 2013-11-04 12:01 - 00017160 _____ C:\Users\Turkelton\Downloads\D838C63360BBBB8690177E3B1852B28366A94991.torrent

Some content of TEMP:
====================
C:\Users\Turkelton\AppData\Local\Temp\avgnt.exe
C:\Users\Turkelton\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-01 14:56

==================== End Of Log ============================
         
--- --- ---


Alt 04.12.2013, 09:25   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Browser leiten automatisch auf Werbeseiten um! - Standard

Windows 7: Browser leiten automatisch auf Werbeseiten um!




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Windows 7: Browser leiten automatisch auf Werbeseiten um!

Alt 04.12.2013, 12:49   #7
IMuse
 
Windows 7: Browser leiten automatisch auf Werbeseiten um! - Standard

Windows 7: Browser leiten automatisch auf Werbeseiten um!



Hallo, tut mir Leid ich war etwas beschäftigt und konnte daher nicht antworten aber das Problem scheint schon behoben zu sein bevor ich ESET und Security Check durchgeführt habe. Soll ich das trotzdem noch machen? Oder kann ich jetzt sicher sein, dass das Problem behoben ist?

Vielen Dank für die Hilfe schonmal!!!

Alt 05.12.2013, 07:48   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Browser leiten automatisch auf Werbeseiten um! - Standard

Windows 7: Browser leiten automatisch auf Werbeseiten um!



Ja bitte, als Kontrolle auf Reste
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7: Browser leiten automatisch auf Werbeseiten um!
.com, administrator, antivirus, appdatalow, applaus, automatische weiterleitung, browser, browser leitet um, firefox, flash player, malwarebytes, microsoft, mozilla, popups, problem, pup.optional.domaiq, pup.optional.webcake.a, registry key, schutz, security.hijack, system, tarma, trj/deldir.a, trojaner, unseriöse seiten, user agent, windows



Ähnliche Themen: Windows 7: Browser leiten automatisch auf Werbeseiten um!


  1. Windows 8.1: Browser öffnet selbstständig Werbeseiten
    Plagegeister aller Art und deren Bekämpfung - 07.06.2015 (7)
  2. Windows 7 : Webseiten leiten auf Werbeseiten um albumsuper.info und weitere und öffnen Umfragen
    Log-Analyse und Auswertung - 20.05.2015 (13)
  3. Windows 8 64Bit Google Treffer leiten nach Klick auf Erotik Werbeseiten um
    Plagegeister aller Art und deren Bekämpfung - 15.02.2015 (11)
  4. Windows 8: Weiterleitung auf Werbeseiten + "Ad by Browser Extension"
    Log-Analyse und Auswertung - 25.11.2014 (10)
  5. Windows 8.1: Seltsamer Tab öffnet sich im Browser automatisch während Videospiel
    Plagegeister aller Art und deren Bekämpfung - 04.08.2014 (3)
  6. Windows Vista: Browser leiten best. Seiten um, mbam macht kein update
    Log-Analyse und Auswertung - 08.04.2014 (17)
  7. Google links leiten falsch um .... (Werbeseiten, Pornoseiten....etc.)
    Log-Analyse und Auswertung - 19.10.2012 (7)
  8. Google Suchergebnisse leiten ständig auf Werbeseiten etc. um
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (7)
  9. Alle Browser leiten oft ungefragt auf verschiedene Webseiten weiter.
    Plagegeister aller Art und deren Bekämpfung - 20.08.2012 (2)
  10. Googlelinks leiten auf Werbeseiten weiter (Rocketnews,etc.) Avira findet nichts!
    Plagegeister aller Art und deren Bekämpfung - 30.04.2012 (11)
  11. Google Links leiten auf Werbeseiten um
    Plagegeister aller Art und deren Bekämpfung - 11.01.2012 (6)
  12. Firefox u. Internet Explorer leiten mich bei Google Suchergebnissen auf andere Werbeseiten!
    Log-Analyse und Auswertung - 02.08.2011 (3)
  13. Browser stürzen ab, leiten auf unbekannte Seiten um
    Log-Analyse und Auswertung - 09.07.2010 (10)
  14. Firefox und andere i-Browser Leiten mich um
    Plagegeister aller Art und deren Bekämpfung - 05.02.2010 (61)
  15. Google Ergebnisse leiten um auf Werbeseiten (z.B. hochu-spat)
    Plagegeister aller Art und deren Bekämpfung - 31.12.2009 (6)
  16. Browser öffnet ungewollt automatisch Werbeseiten
    Log-Analyse und Auswertung - 26.05.2007 (1)
  17. IE-Werbeseiten öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 07.08.2006 (6)

Zum Thema Windows 7: Browser leiten automatisch auf Werbeseiten um! - Hallo liebe Community, bevor ich mein Problem schildere möchte ich einmal meinen Respekt ausschenken für die Arbeit, die ihr leistet! Habe mich etwas im Forum umgesehen und bin echt erstaunt. - Windows 7: Browser leiten automatisch auf Werbeseiten um!...
Archiv
Du betrachtest: Windows 7: Browser leiten automatisch auf Werbeseiten um! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.