Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Paypal Website nicht erreichbar ungültiges Sicherheitszertifikat (SSL-Fehler) (https://www.trojaner-board.de/157405-paypal-website-erreichbar-ungueltiges-sicherheitszertifikat-ssl-fehler.html)

danielhock05 09.08.2014 15:04
Paypal Website nicht erreichbar ungültiges Sicherheitszertifikat (SSL-Fehler)
 
Hallo,

wie oben beschrieben komme ich einfach nicht auf die Website von Paypal.:schrei:

Folgende Meldung:

(SSL-Fehler)
Verbindung zur echten Website unter www.paypal.com kann nicht hergestellt werden

www.paypal.com hat Chrome zur Blockierung fehlerhafter Zertifikate aufgefordert. Das Zertifikat, das Chrome während dieses Verbindungsversuchs erhalten hat, weist jedoch einen Fehler auf.
Fehlertyp: HSTS failure
Empfänger: www.paypal.co.uk
Aussteller: VeriSign Class 3 Extended Validation SSL CA
Hashes des öffentlichen Schlüssels: sha1/+63jzeUZLheZnNO79uDRbSPWtsg= sha256/0XScwpRjljFwANvQ/BXuJXiIAYlJKU4ImBnL9p0uuqk= sha1/rkrX+bOA4RKTMrtS3loJDFIbM9A= sha256/OTV6OSADZrQuFMItaBc+5XvItK1Ljeify/yvIthNjvM= sha1/sYEIGhmkwJQf+uiVKMEkyZs0rMc= sha256/JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg=


Die Uhrzeit und Datums meines Pc´s sind korrekt.

Danke schon mal im vorraus für die Unterstützung und bis dann :applaus:

schrauber 09.08.2014 15:08
Hi,

Anderer Browser geht?


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


danielhock05 09.08.2014 15:23
FRST Logfile:
[CODE]Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-08-2014
Ran by Danyo (administrator) on DANYO-PC on 09-08-2014 16:16:13
Running from C:\Users\Danyo\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4906\Battle.net.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Wow-64.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Utils\WowBrowserProxy.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-04] (Microsoft Corporation)
HKU\S-1-5-21-2181869850-3658179415-3964823066-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2181869850-3658179415-3964823066-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1753280 2014-07-16] (Valve Corporation)
HKU\S-1-5-21-2181869850-3658179415-3964823066-1001\...\Run: [Spotify] => C:\Users\Danyo\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-18] (Spotify Ltd)
HKU\S-1-5-21-2181869850-3658179415-3964823066-1001\...\Run: [Spotify Web Helper] => C:\Users\Danyo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-18] (Spotify Ltd)
HKU\S-1-5-21-2181869850-3658179415-3964823066-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-07-27] (Electronic Arts)
HKU\S-1-5-21-2181869850-3658179415-3964823066-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Danyo\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2181869850-3658179415-3964823066-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2181869850-3658179415-3964823066-1001\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [4656464 2014-04-09] (Steganos Software GmbH)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Danyo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Danyo\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB2673CA8A736CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3326313&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPB40106D2-18C3-4E57-97B5-410908A97495&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Expat Shield Class -> {3706EE7C-3CAD-445D-8A43-03EBC3B75908} -> C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Windows\SysWOW64\PrxerNsp.dll [56424] ()
Winsock: Catalog9 01 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 02 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 03 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 04 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 15 C:\Windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog5-x64 08 %SystemRoot%\system32\PrxerNsp.dll [57448] ()
Winsock: Catalog9-x64 01 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 15 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 83.169.185.97 83.169.185.33

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @kaneva.com/KanevaPatch -> C:\Program Files (x86)\Kaneva\npkanevapatch.dll (Kaneva, LLC.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Danyo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-15]

Chrome:
=======
CHR DefaultSearchKeyword: conduit.search
CHR DefaultNewTabURL:
CHR Extension: (avast! Online Security) - C:\Users\Danyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-12]
CHR Extension: (Google Wallet) - C:\Users\Danyo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-07-18] (Hi-Rez Studios) [File not signed]
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [318304 2014-04-09] (Steganos Software GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-30] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
U0 oqrnk; C:\Windows\System32\drivers\fnnd.sys [79064 2014-08-09] (Malwarebytes Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-09 16:13 - 2014-08-09 16:14 - 00026948 _____ () C:\Users\Danyo\Desktop\Addition.txt
2014-08-09 16:12 - 2014-08-09 16:16 - 00014438 _____ () C:\Users\Danyo\Desktop\FRST.txt
2014-08-09 16:12 - 2014-08-09 16:16 - 00000000 ____D () C:\FRST
2014-08-09 16:12 - 2014-08-09 16:12 - 02094080 _____ (Farbar) C:\Users\Danyo\Desktop\FRST64.exe
2014-08-09 12:21 - 2014-08-09 12:21 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\.mono
2014-08-09 10:46 - 2014-08-09 10:46 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\fnnd.sys
2014-08-06 18:55 - 2014-08-06 18:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-06 18:55 - 2014-08-06 18:55 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-04 14:44 - 2014-08-04 14:44 - 03830776 _____ (Initex ) C:\Users\Danyo\Downloads\ProxifierSetup.exe
2014-08-04 14:44 - 2014-08-04 14:44 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Proxifier
2014-08-04 14:44 - 2014-08-04 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxifier
2014-08-04 14:44 - 2014-08-04 14:44 - 00000000 ____D () C:\Program Files (x86)\Proxifier
2014-08-04 14:44 - 2012-11-22 18:57 - 00103016 _____ (Initex) C:\Windows\system32\ProxifierShellExt.dll
2014-08-04 14:44 - 2012-11-22 18:57 - 00091240 _____ (Initex) C:\Windows\SysWOW64\ProxifierShellExt.dll
2014-08-04 14:44 - 2012-11-22 18:57 - 00076392 _____ (Initex) C:\Windows\system32\PrxerDrv.dll
2014-08-04 14:44 - 2012-11-22 18:57 - 00070248 _____ (Initex) C:\Windows\SysWOW64\PrxerDrv.dll
2014-08-04 14:44 - 2012-11-22 18:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
2014-08-04 14:44 - 2012-11-22 18:57 - 00056424 _____ () C:\Windows\SysWOW64\PrxerNsp.dll
2014-08-04 14:44 - 1997-06-06 15:52 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
2014-08-03 17:50 - 2014-08-03 17:55 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\JonDo
2014-08-03 17:22 - 2014-08-03 17:22 - 02756416 _____ (Steganos Software GmbH) C:\Users\Danyo\Downloads\okayfreedomintdl.exe
2014-08-03 17:15 - 2014-08-03 17:15 - 00003364 _____ () C:\Windows\System32\Tasks\TunnelBear
2014-08-03 17:14 - 2014-08-03 17:14 - 00000000 ____D () C:\Users\Danyo\AppData\Local\IsolatedStorage
2014-08-03 17:14 - 2014-08-03 17:14 - 00000000 ____D () C:\Users\Danyo\AppData\Local\HockeyCrashes
2014-08-03 17:01 - 2004-03-09 01:00 - 00224016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TABCTL32.OCX
2014-08-03 17:01 - 2002-02-22 05:50 - 00203976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2014-08-03 17:01 - 1998-07-06 01:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TABCTDE.DLL
2014-08-03 17:01 - 1998-07-06 01:00 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSKDE.DLL
2014-08-03 17:00 - 2014-08-03 17:00 - 00000000 ____D () C:\Users\Danyo\AppData\Local\Temp44caf785404680b9726698a6f57da341
2014-08-03 17:00 - 2014-08-03 17:00 - 00000000 ____D () C:\Program Files (x86)\Tyrann-Studios
2014-08-03 17:00 - 2004-03-09 01:00 - 00132880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2014-08-03 17:00 - 2004-03-09 01:00 - 00124688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWINSCK.OCX
2014-08-03 17:00 - 1998-07-06 01:00 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RCHTXDE.DLL
2014-08-03 17:00 - 1998-07-06 01:00 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCIDE.DLL
2014-08-03 17:00 - 1998-07-06 01:00 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCCLPDE.DLL
2014-08-03 17:00 - 1998-06-24 01:00 - 00232248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDATLST.OCX
2014-08-03 17:00 - 1998-06-24 01:00 - 00198456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCI32.OCX
2014-08-03 17:00 - 1998-06-24 01:00 - 00166200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMASK32.OCX
2014-08-03 17:00 - 1998-06-24 01:00 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-08-03 17:00 - 1998-06-24 01:00 - 00118064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSADODC.OCX
2014-08-03 17:00 - 1998-06-24 01:00 - 00082744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PICCLP32.OCX
2014-08-03 16:57 - 2014-08-03 16:57 - 01763272 _____ () C:\Users\Danyo\Downloads\openvpn-install-2.3.3-i001-x86_64.exe
2014-08-03 13:13 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-03 13:13 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-03 13:13 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-03 13:13 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-03 13:13 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-03 13:13 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-03 13:13 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-03 13:13 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-03 13:13 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-03 13:13 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-03 13:13 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-03 13:13 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-03 13:13 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-03 13:13 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-02 10:29 - 2014-08-02 10:30 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Steganos VPN
2014-08-02 10:29 - 2014-08-02 10:29 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\extensions
2014-08-02 10:28 - 2014-08-05 18:36 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Steganos
2014-08-02 10:28 - 2014-08-03 17:35 - 00000000 ____D () C:\Program Files (x86)\OkayFreedom
2014-08-02 10:28 - 2014-08-02 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2014-07-22 16:48 - 2014-08-09 10:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 16:48 - 2014-07-22 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 16:48 - 2014-07-22 16:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 16:48 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-22 16:48 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-21 17:52 - 2014-07-21 21:25 - 412824363 _____ () C:\Users\Danyo\Downloads\300_v0.2.287.zip
2014-07-20 21:59 - 2014-07-20 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-19 17:51 - 2014-07-19 17:51 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Awesomium
2014-07-19 17:50 - 2014-07-19 17:51 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-07-19 17:50 - 2014-07-19 17:50 - 00002037 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2014-07-19 17:50 - 2014-07-19 17:50 - 00002028 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-07-19 17:50 - 2014-07-19 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-07-19 17:50 - 2014-07-19 17:50 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-07-19 12:10 - 2014-07-19 12:10 - 00431395 _____ () C:\Users\Danyo\Downloads\Mila.rar
2014-07-18 13:20 - 2014-07-27 18:47 - 00000000 ____D () C:\Users\Danyo\Documents\FIFA World
2014-07-18 13:19 - 2014-07-18 13:19 - 00001189 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-07-18 13:19 - 2014-07-18 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-07-16 16:58 - 2014-07-16 16:58 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-11 19:23 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-11 19:23 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-11 19:23 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-11 19:23 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-11 19:23 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-11 19:23 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-11 19:23 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-11 19:23 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-11 19:23 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-11 19:23 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-11 19:23 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-11 19:23 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-11 19:23 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-11 19:23 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-11 19:23 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-11 19:23 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-11 19:23 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-11 19:23 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-11 19:23 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-11 19:23 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-11 19:23 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-11 19:23 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-11 19:23 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-11 19:23 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-11 19:23 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-11 19:23 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-11 19:23 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-11 19:23 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-11 19:23 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-11 19:23 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-11 19:23 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-11 19:23 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-11 19:23 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-11 19:23 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-11 19:23 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-11 19:23 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-11 19:23 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-11 19:23 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-11 19:23 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-11 19:23 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-11 19:23 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-11 19:23 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-11 19:23 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-11 19:23 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-11 19:23 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-11 19:23 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-11 19:23 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-11 19:23 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-11 19:23 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-11 19:23 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-11 19:23 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-11 19:23 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-11 19:23 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-11 19:23 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-11 19:23 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-11 19:23 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-11 19:23 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-11 19:23 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-11 19:23 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-11 19:23 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-11 19:23 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-11 19:23 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-11 19:23 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-11 19:23 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-11 19:23 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-11 19:23 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-11 19:23 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-11 19:23 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-11 19:23 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-11 19:23 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-11 19:23 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-11 19:23 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-11 19:23 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-11 19:23 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-11 19:23 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-11 19:23 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-11 19:23 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-11 19:23 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-11 19:21 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-11 19:21 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-11 19:21 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-09 16:16 - 2014-08-09 16:12 - 00014438 _____ () C:\Users\Danyo\Desktop\FRST.txt
2014-08-09 16:16 - 2014-08-09 16:12 - 00000000 ____D () C:\FRST
2014-08-09 16:16 - 2014-03-01 14:14 - 00000000 ____D () C:\Users\Danyo\AppData\Local\Battle.net
2014-08-09 16:16 - 2014-03-01 13:15 - 00000000 ____D () C:\Users\Danyo\AppData\Local\PMB Files
2014-08-09 16:14 - 2014-08-09 16:13 - 00026948 _____ () C:\Users\Danyo\Desktop\Addition.txt
2014-08-09 16:13 - 2014-03-01 13:14 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Skype
2014-08-09 16:12 - 2014-08-09 16:12 - 02094080 _____ (Farbar) C:\Users\Danyo\Desktop\FRST64.exe
2014-08-09 16:10 - 2014-03-15 14:05 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-09 15:57 - 2014-05-12 16:14 - 00000000 ____D () C:\Users\Danyo\AppData\Local\Akamai
2014-08-09 12:46 - 2014-03-01 14:13 - 00000000 ____D () C:\Users\Danyo\Desktop\My Place
2014-08-09 12:15 - 2014-03-01 13:01 - 01843641 _____ () C:\Windows\WindowsUpdate.log
2014-08-09 10:46 - 2014-08-09 10:46 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\fnnd.sys
2014-08-09 10:24 - 2014-07-22 16:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-09 09:48 - 2014-03-04 18:47 - 00000000 ____D () C:\Users\Danyo\AppData\Local\Adobe
2014-08-09 09:45 - 2009-07-14 06:45 - 00014944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-09 09:45 - 2009-07-14 06:45 - 00014944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-09 09:39 - 2014-03-13 20:54 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Spotify
2014-08-09 09:39 - 2014-03-01 14:27 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-09 09:38 - 2014-03-15 14:05 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-09 09:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-09 09:38 - 2009-07-14 06:51 - 00070434 _____ () C:\Windows\setupact.log
2014-08-08 18:10 - 2014-03-15 13:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-07 20:54 - 2014-03-01 13:06 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-07 17:28 - 2014-03-01 14:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-07 17:21 - 2014-03-04 11:49 - 00101084 _____ () C:\Windows\PFRO.log
2014-08-06 20:16 - 2014-04-04 17:58 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-06 19:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-06 18:56 - 2014-03-15 13:39 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-06 18:56 - 2014-03-15 13:39 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-06 18:55 - 2014-08-06 18:55 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-06 18:55 - 2014-08-06 18:55 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-06 18:55 - 2014-03-15 13:39 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-06 18:55 - 2014-03-15 13:39 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-06 18:55 - 2014-03-15 13:39 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-06 18:55 - 2014-03-15 13:39 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-06 18:55 - 2014-03-15 13:39 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-06 18:55 - 2014-03-15 13:39 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-06 18:55 - 2014-03-15 13:39 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-05 18:36 - 2014-08-02 10:28 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Steganos
2014-08-05 17:01 - 2014-04-28 21:14 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-04 15:38 - 2014-04-28 21:14 - 00000000 ____D () C:\ProgramData\Origin
2014-08-04 14:44 - 2014-08-04 14:44 - 03830776 _____ (Initex ) C:\Users\Danyo\Downloads\ProxifierSetup.exe
2014-08-04 14:44 - 2014-08-04 14:44 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Proxifier
2014-08-04 14:44 - 2014-08-04 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxifier
2014-08-04 14:44 - 2014-08-04 14:44 - 00000000 ____D () C:\Program Files (x86)\Proxifier
2014-08-03 18:54 - 2014-03-01 13:15 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-03 18:04 - 2014-03-01 13:02 - 00000000 ____D () C:\Users\Danyo\AppData\Local\VirtualStore
2014-08-03 17:55 - 2014-08-03 17:50 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\JonDo
2014-08-03 17:44 - 2014-05-12 09:59 - 00000000 ____D () C:\Users\Danyo\AppData\Local\FirestormOS_x64
2014-08-03 17:36 - 2014-03-01 13:01 - 00000000 ____D () C:\Users\Danyo
2014-08-03 17:35 - 2014-08-02 10:28 - 00000000 ____D () C:\Program Files (x86)\OkayFreedom
2014-08-03 17:22 - 2014-08-03 17:22 - 02756416 _____ (Steganos Software GmbH) C:\Users\Danyo\Downloads\okayfreedomintdl.exe
2014-08-03 17:15 - 2014-08-03 17:15 - 00003364 _____ () C:\Windows\System32\Tasks\TunnelBear
2014-08-03 17:14 - 2014-08-03 17:14 - 00000000 ____D () C:\Users\Danyo\AppData\Local\IsolatedStorage
2014-08-03 17:14 - 2014-08-03 17:14 - 00000000 ____D () C:\Users\Danyo\AppData\Local\HockeyCrashes
2014-08-03 17:00 - 2014-08-03 17:00 - 00000000 ____D () C:\Users\Danyo\AppData\Local\Temp44caf785404680b9726698a6f57da341
2014-08-03 17:00 - 2014-08-03 17:00 - 00000000 ____D () C:\Program Files (x86)\Tyrann-Studios
2014-08-03 16:57 - 2014-08-03 16:57 - 01763272 _____ () C:\Users\Danyo\Downloads\openvpn-install-2.3.3-i001-x86_64.exe
2014-08-02 10:35 - 2014-05-12 09:59 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Firestorm_x64
2014-08-02 10:30 - 2014-08-02 10:29 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Steganos VPN
2014-08-02 10:29 - 2014-08-02 10:29 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\extensions
2014-08-02 10:29 - 2014-08-02 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2014-08-02 07:55 - 2014-03-01 15:40 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-07-29 20:06 - 2014-03-13 20:55 - 00000000 ____D () C:\Users\Danyo\AppData\Local\Spotify
2014-07-27 18:47 - 2014-07-18 13:20 - 00000000 ____D () C:\Users\Danyo\Documents\FIFA World
2014-07-27 11:35 - 2014-05-30 16:35 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-27 11:35 - 2014-05-30 16:33 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-26 20:17 - 2014-03-01 14:16 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-07-22 17:47 - 2014-04-08 22:37 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Systweak
2014-07-22 16:48 - 2014-07-22 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 16:48 - 2014-07-22 16:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 16:48 - 2014-03-16 19:52 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-22 16:48 - 2014-03-16 19:52 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Malwarebytes
2014-07-22 16:48 - 2014-03-16 19:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 16:48 - 2014-03-16 19:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-21 21:25 - 2014-07-21 17:52 - 412824363 _____ () C:\Users\Danyo\Downloads\300_v0.2.287.zip
2014-07-20 22:03 - 2014-03-17 20:21 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Apple Computer
2014-07-20 22:00 - 2014-03-17 20:21 - 00000000 ____D () C:\Users\Danyo\AppData\Local\Apple Computer
2014-07-20 21:59 - 2014-07-20 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-07-20 21:59 - 2014-03-17 20:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-19 19:48 - 2014-03-16 12:18 - 00319764 _____ () C:\Windows\DirectX.log
2014-07-19 19:48 - 2014-03-01 14:28 - 00404640 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-19 17:51 - 2014-07-19 17:51 - 00000000 ____D () C:\Users\Danyo\AppData\Roaming\Awesomium
2014-07-19 17:51 - 2014-07-19 17:50 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-07-19 17:50 - 2014-07-19 17:50 - 00002037 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2014-07-19 17:50 - 2014-07-19 17:50 - 00002028 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-07-19 17:50 - 2014-07-19 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-07-19 17:50 - 2014-07-19 17:50 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-07-19 17:50 - 2014-03-09 08:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-19 08:13 - 2014-03-15 14:06 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-18 20:12 - 2009-07-14 19:58 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2014-07-18 20:12 - 2009-07-14 19:58 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2014-07-18 20:12 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-18 13:19 - 2014-07-18 13:19 - 00001189 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-07-18 13:19 - 2014-07-18 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-07-18 13:19 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-18 13:08 - 2014-04-28 21:16 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-16 16:58 - 2014-07-16 16:58 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-12 19:09 - 2009-07-14 06:45 - 04962768 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-12 19:07 - 2014-05-06 21:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-12 19:07 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 19:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-12 19:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism

Some content of TEMP:
====================
C:\Users\Danyo\AppData\Local\Temp\6_Offer_8.exe
C:\Users\Danyo\AppData\Local\Temp\amazonicon_v8.exe
C:\Users\Danyo\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Danyo\AppData\Local\Temp\app.exe
C:\Users\Danyo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Danyo\AppData\Local\Temp\bdfilters.dll
C:\Users\Danyo\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Danyo\AppData\Local\Temp\DF%dc-Reconecter1.70-komplett.exe
C:\Users\Danyo\AppData\Local\Temp\freac-1.0.20a.exe
C:\Users\Danyo\AppData\Local\Temp\InstallIMVU_501.38.exe
C:\Users\Danyo\AppData\Local\Temp\instruct.exe
C:\Users\Danyo\AppData\Local\Temp\launcher_vs2012_sp4_vcredist_x86.exe
C:\Users\Danyo\AppData\Local\Temp\NGMDll.dll
C:\Users\Danyo\AppData\Local\Temp\NGMResource.dll
C:\Users\Danyo\AppData\Local\Temp\NGMSetup.exe
C:\Users\Danyo\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Danyo\AppData\Local\Temp\sdapskill.exe
C:\Users\Danyo\AppData\Local\Temp\sdaspwn.exe
C:\Users\Danyo\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Danyo\AppData\Local\Temp\unicows.dll
C:\Users\Danyo\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed

FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-08-2014
Ran by Danyo at 2014-08-09 16:13:28
Running from C:\Users\Danyo\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31395 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ascend: Hand of Kul (HKLM-x32\...\Steam App 233630) (Version:  - Signal Studios)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DEFIANCE (HKLM-x32\...\{2BF4B6A7-9AB3-4A2B-A84E-91B5CBDC0000}_is1) (Version:  - Trion Worlds, Inc.)
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.0.0.45489 - Electronic Arts, Inc.)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FileParade bundle uninstaller (HKLM-x32\...\FileParade bundle uninstaller) (Version: 2.0.0.3 - FileParade) <==== ATTENTION
FiredriveDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - firedrive-downloader.com)
Firestorm SecondLife and OpenSim viewer (Version: 4.6.40833 - Phoenix Viewer Project) Hidden
Firestorm x64 (HKLM-x32\...\{ea9dcc13-fd5f-4878-aca0-9905f32bd724}) (Version: 4.6.40833 - Phoenix Firestorm Project Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hazard Ops (HKLM-x32\...\{F70DE052-CFFD-4DCB-8DA3-3ECAAFBB7D15}}_is1) (Version: 0.0.5.3 - Infernum Productions AG)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hostile Waters: Antaeus Rising (HKLM-x32\...\Steam App 267980) (Version:  - Rage Software)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IMVU Avatar Chat Software (HKCU\...\IMVU Avatar chat client software BETA) (Version:  - )
Infected: Der Zwillings-Impfstoff (HKLM-x32\...\Infected: Der Zwillings-Impfstoff) (Version: 1.0.0.0 - INTENIUM GmbH)
iStreamLite (HKLM-x32\...\iStreamLite) (Version: 1.0.0.4 - iStreamLiteLTD)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
NVIDIA PhysX v8.10.17 (HKLM-x32\...\{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}) (Version: 8.10.17 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.3.1 - Steganos Software GmbH)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PacFunction (HKLM\...\PacFunction) (Version: 2014.03.15.013120 - PacFunction) <==== ATTENTION
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Perfect Effects 8 (HKLM-x32\...\{ABC791C9-E95B-40C8-8BDD-F5E84E2E268B}) (Version: 8.1.0 - onOne Software)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2215.10 - Hi-Rez Studios)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version:  - )
virtualPhotographer 1.5.6 (HKLM-x32\...\virtualPhotographer_is1) (Version:  - optikVerve Labs)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
WISO Steuer 2014 (HKLM-x32\...\{ED978F10-3940-4B13-9950-5FCD7EA0FDF9}) (Version: 21.00.8480 - Buhl Data Service GmbH)
World of Kaneva v4.0 (HKLM-x32\...\3296) (Version: 4.0 - Kaneva, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

01-08-2014 17:21:13 Windows Update
02-08-2014 08:29:46 Gerätetreiber-Paketinstallation: TAP-Windows Provider V9 Netzwerkadapter
02-08-2014 08:33:57 Firestorm x64
03-08-2014 11:12:54 Windows Update
03-08-2014 15:02:29 Gerätetreiber-Paketinstallation: Expat Shield Netzwerkdienst
03-08-2014 15:03:23 Gerätetreiber-Paketinstallation: Anchorfree HSS Adapter Netzwerkadapter
03-08-2014 15:14:21 TunnelBear
03-08-2014 15:21:29 TunnelBear
03-08-2014 15:41:57 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter
03-08-2014 15:42:57 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst
05-08-2014 15:05:59 Windows Update
06-08-2014 16:45:27 avast! antivirus system restore point
07-08-2014 18:53:28 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
07-08-2014 18:54:04 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
08-08-2014 16:14:10 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02CDB44B-8ABD-41BF-B154-D854107FC3FF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
Task: {51632EC1-18A8-4531-AA2C-315CB0E4B8DA} - System32\Tasks\TunnelBear => C:\Program Files (x86)\TunnelBear\TBear.Client.exe
Task: {5A1B799B-8152-40EB-A0EB-E064BF7B3F4A} - System32\Tasks\AdobeAAMUpdater-1.0-Danyo-PC-Danyo => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {A262CF14-98F8-4BE8-8139-23AA78BF08EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-15] (Google Inc.)
Task: {B8619E3C-28FE-4924-B445-21CA436656FF} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION
Task: {C37F3422-B91D-49EF-9E4D-6459A2F3A382} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-15] (Google Inc.)
Task: {DCCC8E89-97A0-40BC-9A54-09B4ED50C2AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-04 14:44 - 2012-11-22 18:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
2014-05-30 16:33 - 2014-05-30 16:33 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-01 13:15 - 2014-03-01 13:15 - 03089488 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\pmb.exe
2014-08-06 18:55 - 2014-08-06 18:55 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-08 21:56 - 2014-08-08 21:56 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080801\algo.dll
2014-08-09 12:23 - 2014-08-09 12:23 - 02795520 _____ () C:\Program Files\AVAST Software\Avast\defs\14080900\algo.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-06 18:55 - 2014-08-06 18:55 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-07 17:27 - 2014-08-07 17:27 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4906\libcef.dll
2014-08-07 17:27 - 2014-08-07 17:27 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4906\libglesv2.dll
2014-08-07 17:27 - 2014-08-07 17:27 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4906\libegl.dll
2014-03-01 15:42 - 2014-07-26 20:17 - 23950848 _____ () C:\Program Files (x86)\World of Warcraft\Utils\libcef.dll
2014-07-19 08:13 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-19 08:13 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-19 08:13 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-19 08:13 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-19 08:13 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-19 08:13 - 2014-07-15 11:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: RAID-Controller
Description: RAID-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2014 06:53:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7020

Error: (08/07/2014 06:53:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7020

Error: (08/07/2014 06:53:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2014 06:53:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (08/07/2014 06:53:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021

Error: (08/07/2014 06:53:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2014 06:53:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5007

Error: (08/07/2014 06:53:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5007

Error: (08/07/2014 06:53:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2014 06:53:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009


System errors:
=============
Error: (08/09/2014 09:38:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (08/08/2014 09:56:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (08/08/2014 06:08:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (08/07/2014 05:21:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (08/06/2014 06:54:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/06/2014 06:43:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (08/05/2014 05:01:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (08/04/2014 00:17:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (08/04/2014 00:16:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Hi-Rez Studios Authenticate and Update Service erreicht.

Error: (08/03/2014 06:01:36 PM) (Source: RasSstp) (EventID: 1) (User: )
Description: CoId={577955FE-A5D6-4944-8A3D-B2B04BC74A84}: Die anfängliche SSTP-Anforderung konnte nicht erfolgreich an den Server gesendet werden. Dies kann auf Netzwerkverbindungsprobleme oder auf Zertifikatprobleme (Vertrauensstellung) zurückzuführen sein. Unten wird die detaillierte Fehlermeldung angezeigt. Beheben Sie das Problem, und wiederholen Sie den Vorgang.

Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.


Microsoft Office Sessions:
=========================
Error: (08/07/2014 06:53:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7020

Error: (08/07/2014 06:53:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7020

Error: (08/07/2014 06:53:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2014 06:53:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (08/07/2014 06:53:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021

Error: (08/07/2014 06:53:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2014 06:53:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5007

Error: (08/07/2014 06:53:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5007

Error: (08/07/2014 06:53:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/07/2014 06:53:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009


==================== Memory info ===========================

Percentage of memory in use: 32%
Total physical RAM: 12279.12 MB
Available physical RAM: 8291.75 MB
Total Pagefile: 24556.41 MB
Available Pagefile: 19572.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:180.15 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1B458FE3)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 10.08.2014 05:55
Adware & Co. deinstallieren





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

danielhock05 10.08.2014 06:34
Einige mit dem <---- Attenion sind bei Revo nicht aufgelistet

schrauber 10.08.2014 08:36
versuch die über Windows zu deinstallieren.

danielhock05 01.09.2014 18:15
Guten abend,

ich habe leider immernoch das selbe Problem. Ich habe es nun mit anderen Browsern versucht wie firefox opera u safari hat funktioniert aber jeweils nur einmal. Wenn ich die Seite verlasse und den Browser schließe bekomme ich in jedem Browser wieder die selbe Meldung. Ich musste nun für jedes mal als ich einloggen wollte einen neuen Browser herunterladen. Nach der normalen Deinstallation und Neuinstallation ist es auch nicht möglich auf die Seite zuzugreifen.

Ich bitte um Hilfe ,ich verzweifle.
Ich habe ein Paar wichtige Transaktionen durchzuführen.

schrauber 02.09.2014 12:01
Zitat:
ich habe leider immernoch das selbe Problem.
hast ja auch nen Monat gebraucht dich nochmal zu melden. Und wirklich weit sind wir noch nicht gekommen. Wurde alles mit ATTENTION deinstalliert? Combofix??


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:44 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131