Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Browservirus lässt sich nicht entfernen "DocTooTXTConvert" Add on Google chrome (https://www.trojaner-board.de/149859-browservirus-laesst-entfernen-doctootxtconvert-add-on-google-chrome.html)

ShockCity 16.02.2014 13:16
Browservirus lässt sich nicht entfernen "DocTooTXTConvert" Add on Google chrome
 
Morgen alle zusammen
Also, ich habe mir irgendeine art Browservirus eingefangen,Ich hab das das erstmal bemerkt als auf einmal extrem viele popups überall waren und alle mögliche werbung überall auftaucht.
Ich benutze Google Chrome und in meiner Add on liste ist das Add on "DocTooTXTConvert"
welches ich aber leider nicht entfernen kann weil es "Durch Unternehmensrichtlinie installiert" ist.
Habe schon versucht mit ner normalen Deinstallation mit ADWCleaner, mit Malewarebites und mit Revo Uninstaller, aber es bleibt drauf.
bin wirklich ahnungslos was ich tun soll jetzt.
Danke im vorraus.

Lg Tom.

schrauber 16.02.2014 17:03
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


ShockCity 16.02.2014 17:26

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by Shock (administrator) on SHOCK-PC on 16-02-2014 17:22:15
Running from C:\Users\Shock\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\Shock\AppData\Roaming\uTorrent\uTorrent.exe
(LOL Replay) C:\Program Files (x86)\LOLReplay\LOLRecorder.exe
(TeamSpeak Systems GmbH) C:\Users\Shock\Desktop\teamspeak3-server_win64\ts3server_win64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\No-IP\DUC40.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.199\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.71\deploy\LolClient.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Dotjosh Studios, LLC) C:\Program Files (x86)\Dotjosh Studios\DayZ Commander\Current\DayZCommander.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3813712 2014-02-04] (LogMeIn Inc.)
HKU\S-1-5-21-2319698854-3666031852-738157984-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2319698854-3666031852-738157984-1000\...\Run: [uTorrent] - C:\Users\Shock\AppData\Roaming\uTorrent\uTorrent.exe [904272 2013-11-27] (BitTorrent Inc.)
HKU\S-1-5-21-2319698854-3666031852-738157984-1000\...\MountPoints2: {fa5798e0-1559-11e3-b7fb-806e6f6e6963} - D:\SETUP.EXE
HKU\S-1-5-21-2319698854-3666031852-738157984-1000\...\MountPoints2: {fc1abdb7-576f-11e3-af1f-87a18e3c2dd5} - E:\Setup.exe
HKU\S-1-5-21-2319698854-3666031852-738157984-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1824000 2014-02-11] (Valve Corporation)
HKU\S-1-5-21-2319698854-3666031852-738157984-1001\...\MountPoints2: {fa5798e0-1559-11e3-b7fb-806e6f6e6963} - D:\setup.exe
Startup: C:\Users\Shock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ts3server_win64 - Verknüpfung.lnk
ShortcutTarget: ts3server_win64 - Verknüpfung.lnk -> C:\Users\Shock\Desktop\teamspeak3-server_win64\ts3server_win64.exe (TeamSpeak Systems GmbH)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9474E73984A9CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: No Name - {0105D10D-C9D7-BFA1-CBEC-C2C877446278} -  No File
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: greatsavINg - {A4EECBF4-E489-27CD-7CF5-52A33214A2CC} - C:\ProgramData\greatsavINg\HJj.x64.dll No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ProShoOppeR - {F820ACDD-8441-4511-A3A1-F2E1EDB98C9A} - C:\ProgramData\ProShoOppeR\Hdr7M3bmo.x64.dll No File
BHO-x32: DocTooTXTConvert - {0105D10D-C9D7-BFA1-CBEC-C2C877446278} - C:\ProgramData\DocTooTXTConvert\a9.dll No File
BHO-x32: greatsavINg - {A4EECBF4-E489-27CD-7CF5-52A33214A2CC} - C:\ProgramData\greatsavINg\HJj.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Shock\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-16]
CHR Extension: (Google Drive) - C:\Users\Shock\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16]
CHR Extension: (DocTooTXTConvert) - C:\Users\Shock\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbmnmemafolbkgjfefeidmmpidgoplp [2014-02-16]
CHR Extension: (YouTube) - C:\Users\Shock\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16]
CHR Extension: (Adblock Plus) - C:\Users\Shock\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-16]
CHR Extension: (Google-Suche) - C:\Users\Shock\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16]
CHR Extension: (Grooveshark Germany unlocker) - C:\Users\Shock\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejcnhmeicafddjdaeecddemnhnomiaai [2014-02-16]
CHR Extension: (Google Wallet) - C:\Users\Shock\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16]
CHR Extension: (Late Night) - C:\Users\Shock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm [2014-02-16]
CHR Extension: (Google Mail) - C:\Users\Shock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-05] ()
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-04] (LogMeIn, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [11264 2013-01-24] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4979992 2013-11-25] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
S2 70e6ca8c; "C:\Windows\system32\rundll32.exe" "c:\progra~2\optimi~1\OptProCrashSvc.dll",ServiceMain
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [X]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [X]
S3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [X]
S3 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [X]
S3 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-27] (Disc Soft Ltd)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-16 17:22 - 2014-02-16 17:22 - 00012391 _____ () C:\Users\Shock\Downloads\FRST.txt
2014-02-16 17:22 - 2014-02-16 17:22 - 00000000 ____D () C:\FRST
2014-02-16 17:21 - 2014-02-16 17:21 - 02152960 _____ (Farbar) C:\Users\Shock\Downloads\FRST64.exe
2014-02-16 12:59 - 2014-02-16 12:59 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-16 12:58 - 2014-02-16 17:03 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-16 12:58 - 2014-02-16 13:03 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-16 12:58 - 2014-02-16 12:58 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 12:58 - 2014-02-16 12:58 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 12:51 - 2014-02-16 12:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Shock\Downloads\revosetup95.exe
2014-02-16 12:51 - 2014-02-16 12:51 - 00001264 _____ () C:\Users\Shock\Desktop\Revo Uninstaller.lnk
2014-02-16 12:51 - 2014-02-16 12:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-02-15 18:47 - 2014-02-15 18:47 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-15 18:47 - 2014-02-15 18:47 - 00000000 ____D () C:\Users\Shock\AppData\Roaming\Malwarebytes
2014-02-15 18:47 - 2014-02-15 18:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-15 18:47 - 2014-02-15 18:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-15 18:47 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-15 18:46 - 2014-02-15 18:47 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Shock\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-15 18:42 - 2014-02-16 09:34 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-15 18:39 - 2014-02-15 18:40 - 00000000 ____D () C:\AdwCleaner
2014-02-15 18:39 - 2014-02-15 18:39 - 01166132 _____ () C:\Users\Shock\Downloads\adwcleaner.exe
2014-02-15 17:15 - 2014-02-15 19:43 - 00171836 _____ () C:\Windows\PFRO.log
2014-02-15 17:08 - 2014-02-15 17:08 - 00000000 ____D () C:\Program Files (x86)\surfkeepit
2014-02-15 17:07 - 2014-02-15 17:06 - 37767672 _____ (Google Inc.) C:\Users\Shock\Desktop\ChromeStandaloneSetup_32.0.1700.107.exe
2014-02-15 17:05 - 2014-02-15 17:06 - 37767672 _____ (Google Inc.) C:\Users\Shock\Downloads\ChromeStandaloneSetup_32.0.1700.107.exe
2014-02-15 17:04 - 2014-02-15 17:04 - 00085000 _____ () C:\Users\Shock\Desktop\bookmarks_15.02.14.html
2014-02-14 13:39 - 2014-02-14 13:39 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-02-14 13:39 - 2013-11-25 21:00 - 04979992 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2014-02-14 12:55 - 2014-02-14 13:29 - 00000000 ____D () C:\FLyff
2014-02-14 12:54 - 2014-02-14 12:54 - 00695128 _____ () C:\Users\Shock\Downloads\Flyff_DE.exe
2014-02-13 20:33 - 2014-02-13 20:33 - 00007334 _____ () C:\Users\Shock\Desktop\OpenDocument Text (neu).odt
2014-02-13 15:47 - 2014-02-13 15:48 - 00000000 ____D () C:\Users\Shock\Downloads\Call of Duty 4 - Modern Warfare
2014-02-12 07:10 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 07:10 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 07:09 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 07:09 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 07:09 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 07:09 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 07:09 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 07:09 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 07:09 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 07:09 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 07:09 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 07:09 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 07:09 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 07:09 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 07:09 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 07:09 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 07:09 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 07:09 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 07:09 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 07:09 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 07:09 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 07:09 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 07:09 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 07:09 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 07:09 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 07:09 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 07:09 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 07:09 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 07:09 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 07:09 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 07:09 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 07:09 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 07:09 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 07:09 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 07:09 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 07:09 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 07:09 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 07:09 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 07:09 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 07:09 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 07:09 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 06:59 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 06:59 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 06:59 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 06:59 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 06:59 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 06:59 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 06:59 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 06:59 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-09 17:18 - 2014-02-09 17:18 - 00000000 _____ () C:\Users\Shock\Desktop\Neues Textdokument.txt
2014-02-09 15:38 - 2014-02-12 12:58 - 00086758 _____ () C:\Users\Shock\Desktop\The Legend of Zelda - The Minish Cap (D, F, E)1.sgm
2014-02-09 10:07 - 2014-02-09 15:39 - 00078199 _____ () C:\Users\Shock\Desktop\The Legend of Zelda - The Minish Cap (D, F, E).sgm
2014-02-08 17:36 - 2014-02-16 13:00 - 00008192 _____ () C:\Users\Shock\Desktop\The Legend of Zelda - The Minish Cap (D, F, E).sav
2014-02-08 17:36 - 2014-02-16 13:00 - 00002117 _____ () C:\Users\Shock\Desktop\vba.ini
2014-02-08 17:36 - 2005-01-09 11:16 - 16777216 _____ () C:\Users\Shock\Desktop\The Legend of Zelda - The Minish Cap (D, F, E).gba
2014-02-08 17:32 - 2004-05-25 19:47 - 01757264 _____ (None) C:\Users\Shock\Desktop\VisualBoyAdvance.exe
2014-02-08 15:17 - 2014-02-08 15:17 - 00000460 _____ () C:\Users\Shock\Desktop\Codes DayZ Epoch.txt
2014-02-05 13:41 - 2014-02-05 13:41 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-04 06:53 - 2014-02-04 06:54 - 00000000 ____D () C:\Users\Shock\AppData\Local\WebPlayer
2014-02-01 00:41 - 2014-02-01 01:25 - 00000000 ____D () C:\Program Files (x86)\TERA
2014-02-01 00:00 - 2014-02-01 00:00 - 00002494 __RSH () C:\ProgramData\ntuser.pol
2014-02-01 00:00 - 2014-02-01 00:00 - 00000000 ____D () C:\Users\Shock\AppData\Local\Packages
2014-02-01 00:00 - 2014-02-01 00:00 - 00000000 ____D () C:\ProgramData\blbmnmemafolbkgjfefeidmmpidgoplp
2014-01-31 07:10 - 2014-01-31 07:10 - 00000696 _____ () C:\ProgramData\HirezPipeError.txt
2014-01-23 14:19 - 2014-01-23 14:19 - 00000000 ____D () C:\ProgramData\Vitalwerks
2014-01-23 13:54 - 2014-01-23 13:54 - 00000000 ____D () C:\Users\Shock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2014-01-23 13:54 - 2014-01-23 13:54 - 00000000 ____D () C:\Users\Shock\AppData\Local\Vitalwerks
2014-01-23 13:54 - 2014-01-23 13:54 - 00000000 ____D () C:\Program Files (x86)\No-IP
2014-01-22 13:23 - 2014-01-22 13:23 - 00000000 ____D () C:\Users\Shock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
2014-01-22 12:52 - 2014-02-16 16:06 - 00000000 ____D () C:\Users\Shock\Desktop\teamspeak3-server_win64
2014-01-20 17:36 - 2014-02-16 16:30 - 00007672 _____ () C:\Windows\setupact.log
2014-01-20 17:36 - 2014-02-08 17:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-19 19:29 - 2014-01-19 19:29 - 00005242 _____ () C:\Users\Shock\AppData\Local\recently-used.xbel

==================== One Month Modified Files and Folders =======

2014-02-16 17:22 - 2014-02-16 17:22 - 00012391 _____ () C:\Users\Shock\Downloads\FRST.txt
2014-02-16 17:22 - 2014-02-16 17:22 - 00000000 ____D () C:\FRST
2014-02-16 17:22 - 2013-10-05 13:21 - 00000000 ____D () C:\Users\Shock\AppData\Roaming\uTorrent
2014-02-16 17:22 - 2013-09-04 15:23 - 00000000 ____D () C:\Users\Shock\AppData\Local\PMB Files
2014-02-16 17:21 - 2014-02-16 17:21 - 02152960 _____ (Farbar) C:\Users\Shock\Downloads\FRST64.exe
2014-02-16 17:19 - 2013-09-04 13:06 - 01867689 _____ () C:\Windows\WindowsUpdate.log
2014-02-16 17:14 - 2013-09-06 21:53 - 00000000 ____D () C:\Users\Shock\AppData\Roaming\Skype
2014-02-16 17:03 - 2014-02-16 12:58 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-16 16:30 - 2014-01-20 17:36 - 00007672 _____ () C:\Windows\setupact.log
2014-02-16 16:29 - 2013-09-30 15:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-16 16:06 - 2014-01-22 12:52 - 00000000 ____D () C:\Users\Shock\Desktop\teamspeak3-server_win64
2014-02-16 13:03 - 2014-02-16 12:58 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-16 13:00 - 2014-02-08 17:36 - 00008192 _____ () C:\Users\Shock\Desktop\The Legend of Zelda - The Minish Cap (D, F, E).sav
2014-02-16 13:00 - 2014-02-08 17:36 - 00002117 _____ () C:\Users\Shock\Desktop\vba.ini
2014-02-16 12:59 - 2014-02-16 12:59 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-16 12:59 - 2013-09-04 15:18 - 00000000 ____D () C:\Users\Shock\AppData\Local\Google
2014-02-16 12:58 - 2014-02-16 12:58 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-16 12:58 - 2014-02-16 12:58 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 12:58 - 2013-09-04 15:18 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-16 12:51 - 2014-02-16 12:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Shock\Downloads\revosetup95.exe
2014-02-16 12:51 - 2014-02-16 12:51 - 00001264 _____ () C:\Users\Shock\Desktop\Revo Uninstaller.lnk
2014-02-16 12:51 - 2014-02-16 12:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-02-16 11:43 - 2013-09-04 16:42 - 00000000 ____D () C:\Users\Shock\AppData\Roaming\TS3Client
2014-02-16 09:34 - 2014-02-15 18:42 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-16 09:34 - 2013-10-12 18:15 - 00000000 ____D () C:\Users\Shock\AppData\Local\LogMeIn Hamachi
2014-02-16 09:31 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-16 09:31 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-16 09:23 - 2013-09-04 15:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-16 09:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-16 03:38 - 2013-09-05 16:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-15 19:43 - 2014-02-15 17:15 - 00171836 _____ () C:\Windows\PFRO.log
2014-02-15 19:43 - 2014-01-02 16:33 - 00000000 ____D () C:\ProgramData\WPM
2014-02-15 18:54 - 2013-12-21 12:53 - 00000000 ____D () C:\Users\Shock\AppData\Local\genienext
2014-02-15 18:47 - 2014-02-15 18:47 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-15 18:47 - 2014-02-15 18:47 - 00000000 ____D () C:\Users\Shock\AppData\Roaming\Malwarebytes
2014-02-15 18:47 - 2014-02-15 18:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-15 18:47 - 2014-02-15 18:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-15 18:47 - 2014-02-15 18:46 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Shock\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-15 18:40 - 2014-02-15 18:39 - 00000000 ____D () C:\AdwCleaner
2014-02-15 18:40 - 2013-09-04 13:15 - 00000995 _____ () C:\Users\Shock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-15 18:39 - 2014-02-15 18:39 - 01166132 _____ () C:\Users\Shock\Downloads\adwcleaner.exe
2014-02-15 17:08 - 2014-02-15 17:08 - 00000000 ____D () C:\Program Files (x86)\surfkeepit
2014-02-15 17:06 - 2014-02-15 17:07 - 37767672 _____ (Google Inc.) C:\Users\Shock\Desktop\ChromeStandaloneSetup_32.0.1700.107.exe
2014-02-15 17:06 - 2014-02-15 17:05 - 37767672 _____ (Google Inc.) C:\Users\Shock\Downloads\ChromeStandaloneSetup_32.0.1700.107.exe
2014-02-15 17:04 - 2014-02-15 17:04 - 00085000 _____ () C:\Users\Shock\Desktop\bookmarks_15.02.14.html
2014-02-15 15:36 - 2013-09-04 15:23 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-15 12:17 - 2013-09-05 18:41 - 00000000 ____D () C:\Users\Shock\AppData\Local\ArmA 2 OA
2014-02-14 13:39 - 2014-02-14 13:39 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-02-14 13:29 - 2014-02-14 12:55 - 00000000 ____D () C:\FLyff
2014-02-14 12:54 - 2014-02-14 12:54 - 00695128 _____ () C:\Users\Shock\Downloads\Flyff_DE.exe
2014-02-13 20:33 - 2014-02-13 20:33 - 00007334 _____ () C:\Users\Shock\Desktop\OpenDocument Text (neu).odt
2014-02-13 17:34 - 2013-09-04 16:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-13 15:58 - 2011-04-12 08:43 - 00696832 _____ () C:\Windows\system32\perfh007.dat
2014-02-13 15:58 - 2011-04-12 08:43 - 00148128 _____ () C:\Windows\system32\perfc007.dat
2014-02-13 15:58 - 2009-07-14 06:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-13 15:51 - 2013-09-05 17:01 - 00000000 ___RD () C:\Users\Shock\Desktop\Data
2014-02-13 15:48 - 2014-02-13 15:47 - 00000000 ____D () C:\Users\Shock\Downloads\Call of Duty 4 - Modern Warfare
2014-02-12 12:58 - 2014-02-09 15:38 - 00086758 _____ () C:\Users\Shock\Desktop\The Legend of Zelda - The Minish Cap (D, F, E)1.sgm
2014-02-12 07:18 - 2013-09-04 15:26 - 01590298 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-09 17:18 - 2014-02-09 17:18 - 00000000 _____ () C:\Users\Shock\Desktop\Neues Textdokument.txt
2014-02-09 15:39 - 2014-02-09 10:07 - 00078199 _____ () C:\Users\Shock\Desktop\The Legend of Zelda - The Minish Cap (D, F, E).sgm
2014-02-08 17:03 - 2014-01-20 17:36 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-08 15:17 - 2014-02-08 15:17 - 00000460 _____ () C:\Users\Shock\Desktop\Codes DayZ Epoch.txt
2014-02-06 13:16 - 2014-02-12 07:09 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 07:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 07:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 07:09 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 07:09 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 07:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 07:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 07:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 07:09 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 07:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 07:09 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 07:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 07:09 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 07:09 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 07:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 07:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 07:09 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 07:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 07:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 07:09 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 07:09 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 07:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 07:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 07:09 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 07:09 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 07:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 07:09 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 07:09 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 07:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 07:09 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 07:09 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 07:09 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 07:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 07:09 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 07:09 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 07:09 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 07:09 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 07:09 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 07:09 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 15:29 - 2013-09-30 15:17 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 15:29 - 2013-09-30 15:17 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 15:29 - 2013-09-30 15:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 13:41 - 2014-02-05 13:41 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-05 13:41 - 2013-09-04 13:14 - 00000000 ___RD () C:\Users\Shock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-04 06:54 - 2014-02-04 06:53 - 00000000 ____D () C:\Users\Shock\AppData\Local\WebPlayer
2014-02-01 01:25 - 2014-02-01 00:41 - 00000000 ____D () C:\Program Files (x86)\TERA
2014-02-01 00:00 - 2014-02-01 00:00 - 00002494 __RSH () C:\ProgramData\ntuser.pol
2014-02-01 00:00 - 2014-02-01 00:00 - 00000000 ____D () C:\Users\Shock\AppData\Local\Packages
2014-02-01 00:00 - 2014-02-01 00:00 - 00000000 ____D () C:\ProgramData\blbmnmemafolbkgjfefeidmmpidgoplp
2014-02-01 00:00 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-02-01 00:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-01-31 11:13 - 2014-01-02 23:20 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-01-31 11:13 - 2014-01-02 23:20 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-01-31 11:13 - 2013-09-04 15:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-31 07:10 - 2014-01-31 07:10 - 00000696 _____ () C:\ProgramData\HirezPipeError.txt
2014-01-31 06:46 - 2014-01-06 12:07 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2014-01-30 07:01 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-28 17:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-01-23 14:19 - 2014-01-23 14:19 - 00000000 ____D () C:\ProgramData\Vitalwerks
2014-01-23 13:54 - 2014-01-23 13:54 - 00000000 ____D () C:\Users\Shock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2014-01-23 13:54 - 2014-01-23 13:54 - 00000000 ____D () C:\Users\Shock\AppData\Local\Vitalwerks
2014-01-23 13:54 - 2014-01-23 13:54 - 00000000 ____D () C:\Program Files (x86)\No-IP
2014-01-22 13:23 - 2014-01-22 13:23 - 00000000 ____D () C:\Users\Shock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
2014-01-21 18:28 - 2014-01-15 18:31 - 00000000 ____D () C:\Program Files (x86)\LOLReplay
2014-01-20 11:45 - 2013-11-27 18:41 - 00000000 ____D () C:\Users\Shock\AppData\Roaming\DAEMON Tools Lite
2014-01-20 11:42 - 2013-11-28 13:56 - 00000000 ____D () C:\Windows\Minidump
2014-01-20 11:42 - 2013-09-04 14:02 - 00000000 ____D () C:\Windows\Panther
2014-01-19 23:10 - 2014-01-03 14:23 - 00000000 ____D () C:\Users\Shock\.gimp-2.8
2014-01-19 19:29 - 2014-01-19 19:29 - 00005242 _____ () C:\Users\Shock\AppData\Local\recently-used.xbel
2014-01-19 19:28 - 2014-01-03 14:30 - 00000000 ____D () C:\Users\Shock\AppData\Local\gtk-2.0
2014-01-19 00:59 - 2013-12-21 13:55 - 00000106 _____ () C:\Users\Shock\AppData\Roaming\WB.CFG

Some content of TEMP:
====================
C:\Users\Shock\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-15 17:56

==================== End Of Log ============================
--- --- ---


&

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by Shock at 2014-02-16 17:23:08
Running from C:\Users\Shock\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
Arma 2 (x32 Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (x32 Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (x32 Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (x32 Version:  - )
avast! Free Antivirus (x32 Version: 8.0.1497.0 - AVAST Software)
BattlEye for OA Uninstall (x32 Version:  - )
BattlEye Uninstall (x32 Version:  - )
BlueStacks App Player (x32 Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (x32 Version: 0.8.4.3036 - BlueStack Systems, Inc.)
CCleaner (Version: 4.06 - Piriform)
Cheat Engine 6.3 (x32 Version:  - Cheat Engine)
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
DayZ Commander (x32 Version: 0.92.91 - Dotjosh Studios)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (Version:  - Microsoft)
Dolphin (x32 Version: 4.0.2 - Dolphin Development Team)
DVDx 4.0 Open Edition (x32 Version: 4.0 (Open Edition) - labDV)
EW : Cossacks (x32 Version:  - )
Fraps (remove only) (x32 Version:  - )
Free YouTube to MP3 Converter version 3.12.13.925 (x32 Version: 3.12.13.925 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (x32 Version: 1.9.0 - Gameforge)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.10 (Version: 2.8.10 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Java 7 Update 40 (x32 Version: 7.0.400 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (Version: 2.0 - AppWork GmbH)
Just Cause 2 (x32 Version:  - )
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (x32 Version: 2.2.0.130 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.130 - LogMeIn, Inc.) Hidden
LOLReplay (x32 Version: 0.8.5.2 - www.leaguereplays.com)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed Underground 2 (x32 Version:  - )
NETGEAR WG111v3 wireless USB 2.0 adapter (x32 Version: 1.01.10 - NETGEAR)
NETGEAR WG111v3 wireless USB 2.0 adapter (x32 Version: 1.01.10 - NETGEAR) Hidden
No-IP DUC (x32 Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
NVIDIA 3D Vision Controller-Treiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7 (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9 - NVIDIA Corporation)
OpenOffice 4.0.0 (x32 Version: 4.00.9702 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
Path of Exile (x32 Version: 1.0.6.31045 - Grinding Gear Games)
PlanetSide 2 (x32 Version:  - Sony Online Entertainment)
Realtek Ethernet Controller Driver (x32 Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (x32 Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (x32 Version: 3.0.13 - TeamSpeak Systems GmbH)
TERA (x32 Version: 19.04.02.03.hf3 - Gameforge Productions GmbH)
TrueCrypt (x32 Version: 7.1a - TrueCrypt Foundation)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2752078) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760257) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817309) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817311) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817493) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817624) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817640) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827228) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827235) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2810016) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2825632) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2817625) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2767859) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2752097) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2825633) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2752018) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2817631) 64-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2827218) 64-Bit Edition (Version:  - Microsoft)
Vegas Pro 12.0 (64-bit) (Version: 12.0.670 - Sony)
VLC media player 2.1.0 (x32 Version: 2.1.0 - VideoLAN)
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-bit) (Version: 5.00.0 - win.rar GmbH)
YAWLE 0.5b (x32 Version:  - )
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

15-02-2014 17:03:34 Geplanter Prüfpunkt
16-02-2014 11:52:46 Revo Uninstaller's restore point - Google Chrome

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0AC9D08C-19B4-4C62-96C2-F4E9A0E0B5C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {1207079D-8845-479D-A299-8F1ED553E7B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {14016A02-9B17-44F5-8263-5648EA10BADE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.)
Task: {3722474C-99DA-46CA-B7D6-D0BA280D2B59} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {45AD2DD6-AD00-4338-BA07-5FD8C7B11AE2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {5D005FB4-C624-421C-8171-81812884F515} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {94A051AD-6985-4127-8BF2-773979EF464A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E65D20DD-054F-4EE6-A541-66A4CDD36C36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.)
Task: {FA27A315-5420-40F1-9ED0-273E2E6E7D4F} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Shock\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-13 06:02 - 2013-09-13 06:02 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-01-22 12:52 - 2014-01-02 08:25 - 00761856 _____ () C:\Users\Shock\Desktop\teamspeak3-server_win64\ts3db_sqlite3.dll
2013-01-24 19:12 - 2013-01-24 19:12 - 00270336 _____ () C:\Program Files (x86)\No-IP\DUC40.exe
2013-10-02 20:43 - 2014-02-05 07:01 - 05312352 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.199\deploy\LoLLauncher.exe
2013-10-09 10:09 - 2013-10-02 21:12 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.71\deploy\LolClient.exe
2013-09-04 15:23 - 2013-09-04 15:23 - 03089488 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2014-02-16 13:11 - 2014-02-16 11:01 - 02272256 _____ () C:\Program Files\AVAST Software\Avast\defs\14021600\algo.dll
2013-01-24 19:12 - 2013-01-24 19:12 - 00011264 _____ () C:\Program Files (x86)\No-IP\ducservice.exe
2013-01-24 07:34 - 2013-01-24 07:34 - 00067584 _____ () C:\Program Files (x86)\No-IP\ducapi.dll
2013-09-13 06:02 - 2013-09-13 06:02 - 08866472 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-12-11 05:22 - 2013-12-11 05:22 - 00378368 _____ () C:\Program Files (x86)\LOLReplay\LOLUtils.dll
2013-09-06 17:12 - 2013-09-06 17:12 - 00040448 _____ () C:\Program Files (x86)\LOLReplay\Compression.dll
2013-10-02 20:44 - 2014-02-05 07:02 - 00192864 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.199\deploy\RiotLauncher.dll
2013-11-07 09:10 - 2013-11-07 09:10 - 00052224 _____ () C:\Program Files (x86)\LOLReplay\Launcher.dll
2013-11-07 10:08 - 2013-11-07 10:08 - 00160768 _____ () C:\Program Files (x86)\LOLReplay\Air.dll
2013-10-23 13:15 - 2013-10-23 13:15 - 00230376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2013-10-23 13:15 - 2013-10-23 13:15 - 00237032 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2013-10-23 13:15 - 2013-10-23 13:15 - 00431080 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-10-23 13:15 - 2013-10-23 13:15 - 00555496 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-16 12:59 - 2014-02-02 00:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-16 12:59 - 2014-02-02 00:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-16 12:59 - 2014-02-02 00:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-16 12:59 - 2014-02-02 00:42 - 13616456 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
2014-02-16 13:20 - 2014-02-16 13:20 - 04591616 _____ () C:\Users\Shock\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll
2014-02-16 13:20 - 2014-02-16 13:20 - 00112128 _____ () C:\Users\Shock\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG111v3 Setup-Assistent.lnk => C:\Windows\pss\NETGEAR WG111v3 Setup-Assistent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Shock^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Warcraft Config.lnk => C:\Windows\pss\Warcraft Config.lnk.Startup
MSCONFIG\startupreg: 20131121 => C:\Program Files\AVAST Software\Avast\setup\emupdate\84e4e0fc-6019-431a-bff1-1d056db11044.exe /check
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Shock\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GoogleChromeAutoLaunch_872F47EBF4DAC278989480961F1E06FA => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: LiveSupport => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Shock\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Smart PC Cleaner => C:\Program Files (x86)\Smart PC Cleaner\SPCLauncher.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Shock\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/16/2014 09:33:23 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (02/16/2014 09:24:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/16/2014 03:39:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 07:45:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 06:43:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 05:17:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 04:11:41 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (02/14/2014 05:13:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2014 00:17:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2014 06:58:31 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418154


System errors:
=============
Error: (02/16/2014 09:23:43 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.

Error: (02/16/2014 03:38:30 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.

Error: (02/15/2014 07:44:13 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.

Error: (02/15/2014 06:43:22 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (02/15/2014 06:42:44 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.

Error: (02/14/2014 01:44:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/14/2014 01:44:52 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Modules Installer erreicht.

Error: (02/14/2014 01:44:52 PM) (Source: DCOM) (User: )
Description: 1053TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (02/14/2014 01:39:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nProtect GameGuard Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (02/14/2014 01:33:02 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.


Microsoft Office Sessions:
=========================
Error: (02/16/2014 09:33:23 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418154

Error: (02/16/2014 09:24:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/16/2014 03:39:38 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 07:45:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 06:43:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 05:17:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 04:11:41 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418154

Error: (02/14/2014 05:13:18 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2014 00:17:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2014 06:58:31 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418154


CodeIntegrity Errors:
===================================
  Date: 2013-09-04 14:46:06.669
  Description: Windows konnte die Abbildintegrität der Datei "\Device\CdRom0\NTGLM7X.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-04 14:46:06.638
  Description: Windows konnte die Abbildintegrität der Datei "\Device\CdRom0\NTGLM7X.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-04 14:46:04.501
  Description: Windows konnte die Abbildintegrität der Datei "\Device\CdRom0\Install\GMSIPCI.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-04 14:46:04.485
  Description: Windows konnte die Abbildintegrität der Datei "\Device\CdRom0\Install\GMSIPCI.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 8190.12 MB
Available physical RAM: 4803.93 MB
Total Pagefile: 16378.41 MB
Available Pagefile: 12586.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:10.67 GB) NTFS
Drive d: (SKYRIM_DE) (CDROM) (Total:4.91 GB) (Free:0 GB) UDF
Drive g: (SHOCKCITY) (Removable) (Total:29.85 GB) (Free:21.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: DA1DACE0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 30 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=30 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 17.02.2014 13:26
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:13 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131