Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Svchost.exe creates itself in C:/Windows/TEMP - Round 2!!


  • This topic is locked This topic is locked
8 replies to this topic

#1 qosmos

qosmos

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 09 January 2015 - 10:51 AM

Hey guys,

 

since today i've had svchost.exe take up pretty much all my CPUs resources. I checked the aforementioned process with ProcessExplorer and did a google search, which then pointed me towards this forum.

 

Apparently the "exact same" problem was posted right here and was solved as of today. I hope it was okay for me to open an entirely new topic on this, even though the problem seems to be the exact same one.

 

 

 

As i wrote Svchost.exe creates itself in C:/Windows/TEMP and startsup everytime i start the computer and eating upp all my CPU unless i terminate it. Malwarebytes tells me it's a trojan.

I have checked around the internet and tried a lot of things that have helpoed others but it does not seem to help me. Hopefully you can.

 

I want to use this opportunity to say hi to everyone on this forum and thank you guys in advance for helping me out with my problems. I've gone ahead and posted the logs requested in the other thread that covered the same problem.

 

Here goes:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17496  BrowserJavaVersion: 10.71.2
Run by Jan at 16:26:31 on 2015-01-09
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16328.13023 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Better DS3\Better DS3.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\XtuUiLauncher.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe
C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
C:\Windows\System32\schtasks.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\TeamSpeak 3\ts3client_win32.exe
C:\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\LoLPatcher.exe
C:\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\LoLPatcher.exe
C:\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\LoLPatcher.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Jan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BETTER~1.LNK - C:\Program Files\Better DS3\Better DS3.exe
StartupFolder: C:\Users\Jan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Windows\Installer\{9865A4C3-BCFC-455A-A72F-314C65C83344}\PerfTuneIcon.B089625E_E454_492E_B2F2_7E934E4807F0.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{481AB660-7927-440D-A50E-547BB4BBB8FB} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;C:\Windows\System32\drivers\iusb3hcs.sys [2014-6-15 20464]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2014-11-6 283064]
R2 iocbios2;iocbios2;C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2014-2-18 28912]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-3-11 125584]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2014-12-9 186048]
R2 rzpmgrk;rzpmgrk;C:\Windows\System32\drivers\rzpmgrk.sys [2014-11-13 37184]
R2 rzpnk;rzpnk;C:\Windows\System32\drivers\rzpnk.sys [2014-11-13 129600]
R2 RzWizardService;Razer Wizard Service;C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [2014-5-20 367616]
R2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [2014-3-13 18384]
R3 AcpiCtlDrv;AcpiCtlDrv;C:\Windows\System32\drivers\AcpiCtlDrv.sys [2012-7-17 25880]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-6-15 171632]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2013-8-13 27608]
R3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;C:\Windows\System32\drivers\iusb3hub.sys [2014-6-15 370672]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;C:\Windows\System32\drivers\iusb3xhc.sys [2014-6-15 791024]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2014-6-23 32344]
R3 NisSrv;Microsoft-Netzwerkinspektion;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2014-9-5 33448]
R3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2014-9-5 160424]
R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2014-9-5 31912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-12-10 114688]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2014-10-31 121416]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-6-15 19456]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-6-15 56832]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-11-21 1255736]
.
=============== Created Last 30 ================
.
2015-01-09 15:23:53 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8EC42366-EE38-4FB6-BDC9-E20868963BFB}\offreg.dll
2015-01-09 15:23:26 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B9C68D3F-4AFC-4364-ACB6-BA0FB35884BA}\gapaengine.dll
2015-01-09 15:23:14 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8EC42366-EE38-4FB6-BDC9-E20868963BFB}\mpengine.dll
2015-01-09 15:19:16 -------- d-----w- C:\Users\Jan\AppData\Roaming\NVIDIA
2015-01-09 15:12:25 60597 ----a-w- C:\Windows\temp023423.vbe
2015-01-09 15:12:09 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{783395CB-26E0-E5E4-B0C2-05F68B65DD20}\GapaEngine.dll
2015-01-09 15:12:07 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-01-09 15:00:45 -------- d-----w- C:\ProgramData\Malwarebytes
2015-01-09 15:00:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-05 09:47:09 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{97BCF53A-FB1F-4AD6-9D7D-380968410FE4}\gapaengine.dll
2014-12-31 05:06:51 -------- d-----w- C:\Users\Jan\AppData\Roaming\Rogue Legacy
2014-12-30 14:21:29 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-12-30 14:21:21 935368 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-12-30 14:21:21 6783776 ----a-w- C:\Windows\System32\nvcpl.dll
2014-12-30 14:21:21 62808 ----a-w- C:\Windows\System32\nvshext.dll
2014-12-30 14:21:21 386520 ----a-w- C:\Windows\System32\nvmctray.dll
2014-12-30 14:21:21 3826628 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-12-30 14:21:21 3522392 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-12-30 14:21:21 2559960 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-12-30 14:21:14 75040 ----a-w- C:\Windows\System32\OpenCL.dll
2014-12-30 14:21:14 61912 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-12-30 14:21:12 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2014-12-30 14:18:55 -------- d-----w- C:\Program Files\NVIDIA Corporation
2014-12-30 14:18:35 -------- d-----w- C:\NVIDIA
2014-12-30 14:09:04 -------- d-----w- C:\Windows\pss
2014-12-19 03:22:14 9728 ----a-w- C:\Windows\SysWow64\RzStats.IPC.dll
2014-12-18 12:00:17 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-12-18 12:00:17 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
.
==================== Find3M  ====================
.
2014-12-31 11:14:31 298120 ------w- C:\Windows\System32\MpSigStub.exe
2014-12-09 22:21:53 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys
2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\Windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-11 03:09:06 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-11-06 14:08:12 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-27 06:33:34 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-23 20:05:59 129600 ----a-w- C:\Windows\System32\drivers\rzpnk.sys
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 02:05:21 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-18 01:33:13 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
.
============= FINISH: 16:26:38,22 ===============
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Jan (administrator) on JAN-PC on 09-01-2015 16:43:19
Running from E:\Downloads
Loaded Profile: Jan (Available profiles: Jan)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/


==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Slackerhome Productions) C:\Program Files\Better DS3\Better DS3.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\XtuUiLauncher.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\PerfTune.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3\ts3client_win32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe




==================== Registry (Whitelisted) ==================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-03-06] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-1754855880-4042626245-2506995226-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Better DS3 - Verknüpfung.lnk
ShortcutTarget: Better DS3 - Verknüpfung.lnk -> C:\Program Files\Better DS3\Better DS3.exe (Slackerhome Productions)
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Extreme Tuning Utility.lnk
ShortcutTarget: Intel(R) Extreme Tuning Utility.lnk -> C:\Windows\Installer\{9865A4C3-BCFC-455A-A72F-314C65C83344}\PerfTuneIcon.B089625E_E454_492E_B2F2_7E934E4807F0.exe (Intel(R) Corporation)


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1


FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-14]
CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-15]
CHR Extension: (Google-Suche) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-14]
CHR Extension: (Search by Image (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-06-15]
CHR Extension: (LoL Stream Browser) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp [2014-07-12]
CHR Extension: (Google Kalender) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-06-15]
CHR Extension: (Full Screen Weather) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2014-06-15]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-15]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-06-15]
CHR Extension: (Google Maps) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-06-15]
CHR Extension: (Google Wallet) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-14]
CHR Extension: (Google Mail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-14]


==================== Services (Whitelisted) =================


(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-05-20] (Razer Inc.) [File not signed]
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-03-13] (Intel(R) Corporation)


==================== Drivers (Whitelisted) ====================


(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-06] (Disc Soft Ltd)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-02-18] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-09-05] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31912 2014-09-05] (Razer Inc)
S3 MSICDSetup; \??\F:\CDriver64.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]
S3 NTIOLib_MSIClock_CC; \??\C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [X]
S3 NTIOLib_MSICOMM_CC; \??\C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [X]
S3 NTIOLib_MSICPU_CC; \??\C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [X]
S3 NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [X]
S3 NTIOLib_MSIFrequency_CC; \??\C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [X]
S3 NTIOLib_MSIRatio_CC; \??\C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [X]
S3 NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [X]
S3 NTIOLib_MSISuperIO_CC; \??\C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [X]


==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)




==================== One Month Created Files and Folders ========


(If an entry is included in the fixlist, the file\folder will be moved.)


2015-01-09 16:41 - 2015-01-09 16:43 - 00000000 ____D () C:\FRST
2015-01-09 16:26 - 2015-01-09 16:26 - 00017198 _____ () C:\Users\Jan\Desktop\dds.txt
2015-01-09 16:26 - 2015-01-09 16:26 - 00003897 _____ () C:\Users\Jan\Desktop\attach.txt
2015-01-09 16:24 - 2015-01-09 16:24 - 00688992 ____R (Swearware) C:\Users\Jan\Desktop\dds.com
2015-01-09 16:19 - 2015-01-09 16:19 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\NVIDIA
2015-01-09 16:12 - 2015-01-09 16:12 - 00060597 _____ () C:\Windows\temp023423.vbe
2015-01-09 16:00 - 2015-01-09 16:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-09 16:00 - 2015-01-09 16:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-31 06:06 - 2014-12-31 06:06 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Rogue Legacy
2014-12-30 15:21 - 2014-12-30 15:21 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-30 15:21 - 2014-12-30 15:21 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-30 15:21 - 2014-12-30 15:21 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-12-30 15:21 - 2014-07-02 21:48 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-12-30 15:21 - 2014-07-02 21:48 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-12-30 15:21 - 2014-07-02 19:55 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-12-30 15:21 - 2014-07-02 19:55 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-12-30 15:21 - 2014-07-02 19:55 - 02559960 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-12-30 15:21 - 2014-07-02 19:55 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-12-30 15:21 - 2014-07-02 19:55 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-12-30 15:21 - 2014-07-02 19:55 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-12-30 15:21 - 2014-07-02 11:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2014-12-30 15:20 - 2014-07-02 21:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-30 15:20 - 2014-07-02 21:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-30 15:20 - 2014-07-02 21:48 - 00026353 _____ () C:\Windows\system32\nvinfo.pb
2014-12-30 15:18 - 2014-12-30 15:21 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-30 15:18 - 2014-12-30 15:18 - 00000000 ____D () C:\NVIDIA
2014-12-30 15:16 - 2014-12-30 15:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-30 15:16 - 2014-12-30 15:16 - 00000000 ____D () C:\Windows\Sun
2014-12-30 15:09 - 2014-12-30 15:09 - 00000000 ____D () C:\Windows\pss
2014-12-26 10:22 - 2014-12-26 10:22 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-19 04:22 - 2014-12-19 04:22 - 00009728 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll
2014-12-18 13:00 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 13:00 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 15:21 - 2014-12-10 15:21 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 14:14 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 14:14 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 14:14 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 14:14 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 14:14 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 14:14 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 14:14 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 14:14 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 14:14 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 14:14 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 13:22 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 13:22 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 13:22 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 13:22 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 13:22 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 13:22 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 13:22 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 13:22 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 13:22 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 13:22 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 13:22 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 13:22 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 13:22 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 13:22 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 13:22 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 13:22 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 13:22 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 13:22 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 13:22 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 13:22 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 13:22 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 13:22 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 13:22 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 13:22 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 13:22 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 13:22 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 13:22 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 13:22 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 13:22 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 13:22 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 13:22 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 13:22 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 13:22 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 13:22 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 13:22 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 13:22 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 13:22 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 13:22 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 13:22 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 13:22 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 13:22 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 13:22 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 13:22 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 13:22 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 13:22 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 13:22 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 13:22 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 13:22 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 13:22 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 13:22 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 13:22 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 13:22 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 13:22 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 13:22 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 13:22 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 13:22 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 13:22 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 13:22 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 13:22 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 13:22 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 13:22 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 13:22 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 13:22 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 13:22 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 13:22 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 13:22 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 13:22 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 13:22 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 13:22 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 13:22 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 13:22 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 13:22 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 13:22 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 13:22 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 13:22 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 13:22 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 13:22 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 13:22 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 13:22 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 10:23 - 2014-12-10 10:23 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieBrowserModeList


==================== One Month Modified Files and Folders =======


(If an entry is included in the fixlist, the file\folder will be moved.)


2015-01-09 16:40 - 2014-06-14 23:16 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-09 16:40 - 2014-06-14 23:16 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-09 16:23 - 2014-06-14 22:23 - 01947290 _____ () C:\Windows\WindowsUpdate.log
2015-01-09 16:19 - 2014-11-03 13:42 - 00000000 ____D () C:\Users\Jan\AppData\Local\Battle.net
2015-01-09 16:19 - 2009-07-14 05:45 - 00026064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-09 16:19 - 2009-07-14 05:45 - 00026064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-09 16:18 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-01-09 16:18 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-01-09 16:18 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-09 16:12 - 2014-11-18 20:22 - 00003174 _____ () C:\Windows\System32\Tasks\Origin
2015-01-09 16:12 - 2014-06-14 22:23 - 00000000 ____D () C:\Users\Jan
2015-01-09 16:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-09 16:12 - 2009-07-14 05:51 - 00061737 _____ () C:\Windows\setupact.log
2015-01-09 16:11 - 2014-06-15 10:37 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Skype
2015-01-09 16:11 - 2014-06-15 09:15 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\MediaMonkey
2015-01-09 16:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-01-03 17:09 - 2014-06-15 01:25 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\vlc
2015-01-03 12:36 - 2014-07-14 11:52 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\uTorrent
2014-12-31 12:14 - 2014-06-14 22:45 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-31 06:06 - 2014-08-29 18:58 - 00000000 ____D () C:\Users\Jan\Documents\savedgames
2014-12-30 18:27 - 2014-10-17 16:09 - 753550360 _____ () C:\Windows\MEMORY.DMP
2014-12-30 18:27 - 2014-06-30 07:45 - 00000000 ____D () C:\Windows\Minidump
2014-12-30 15:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-12-16 17:35 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-13 16:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 16:24 - 2014-09-16 08:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-11 16:24 - 2014-06-15 10:37 - 00000000 ____D () C:\ProgramData\Skype
2014-12-10 15:21 - 2014-06-15 01:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 15:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 15:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 14:16 - 2014-06-14 23:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 14:15 - 2014-06-14 23:11 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe


Files to move or delete:
====================
C:\Users\Jan\AppData\Roaming\Origin\update.vbe




Some content of TEMP:
====================
C:\Users\Jan\AppData\Local\Temp\bitool.dll
C:\Users\Jan\AppData\Local\Temp\devcon64.exe
C:\Users\Jan\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Jan\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Jan\AppData\Local\Temp\JDSetup130472658915604283.exe
C:\Users\Jan\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Jan\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Jan\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Jan\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Jan\AppData\Local\Temp\optprosetup.exe
C:\Users\Jan\AppData\Local\Temp\procexp64.exe
C:\Users\Jan\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Jan\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Jan\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Jan\AppData\Local\Temp\unins000.exe
C:\Users\Jan\AppData\Local\Temp\vlc-2.1.5-win64.exe




==================== Bamital & volsnap Check =================


(There is no automatic fix for files that do not pass verification.)


C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed




LastRegBack: 2015-01-04 09:45


==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Jan at 2015-01-09 16:43:32
Running from E:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{185df49c-e692-4c00-a9ff-827bc6f4c8bf}) (Version: 4.4.0.4 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 4.4.0.4 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.10.1658 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.19 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.7.1 - Ubisoft)
MKVToolNix 7.0.0 (32bit) (HKLM-x32\...\MKVToolNix) (Version: 7.0.0 - Moritz Bunkus)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 141028.95912 - Square Enix Ltd)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TP-LINK TL-WDN4200 Driver (HKLM-x32\...\{76E22E5B-B0E7-49B5-9B9A-2112EB41D1EA}) (Version: 1.3.1 - TP-LINK)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1754855880-4042626245-2506995226-1000_Classes\CLSID\{d80f1922-51a3-4209-a9d2-ac3d8f97065b}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

26-12-2014 10:32:17 Windows Update
30-12-2014 15:23:54 Windows Update
03-01-2015 10:06:05 Windows Update
06-01-2015 11:24:55 Windows Update
09-01-2015 12:13:03 Windows Update
09-01-2015 16:10:46 Wiederherstellungsvorgang
09-01-2015 16:23:09 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {67448B23-CDAF-4584-A506-546E11663263} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-14] (Google Inc.)
Task: {C4F461FA-1FD5-4290-9F19-060DAD7DFB7E} - System32\Tasks\Origin => C:\Windows\system32\config\systemprofile\AppData\Roaming\Origin\update.vbe [2014-11-18] () <==== ATTENTION
Task: {D48FEE17-9588-41F1-AE7D-5E93998C492A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D593DE41-5542-4668-848C-3EDC07A29B47} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-14] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-12-30 15:21 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-13 22:28 - 2014-03-13 22:28 - 00055760 _____ () C:\Program Files (x86)\Intel\Extreme Tuning Utility\Client\IgfxDriverWrapper.dll
2014-02-28 14:33 - 2014-02-28 14:33 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3\quazip.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3\platforms\qwindows.dll
2014-02-27 14:45 - 2014-02-27 14:45 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3\sqldrivers\qsqlite.dll
2014-02-28 14:41 - 2014-02-28 14:41 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3\soundbackends\directsound_win32.dll
2014-02-28 14:41 - 2014-02-28 14:41 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3\soundbackends\windowsaudiosession_win32.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3\imageformats\qgif.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3\imageformats\qjpeg.dll
2014-02-28 14:42 - 2014-02-28 14:42 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3\plugins\clientquery_plugin.dll
2014-02-28 14:42 - 2014-02-28 14:42 - 00483784 _____ () C:\Program Files (x86)\TeamSpeak 3\plugins\teamspeak_control_plugin.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3\accessible\qtaccessiblewidgets.dll
2014-12-10 20:42 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-10 20:42 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-10 20:42 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-10 20:42 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-10 20:42 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-1754855880-4042626245-2506995226-500 - Administrator - Disabled)
Gast (S-1-5-21-1754855880-4042626245-2506995226-501 - Limited - Disabled)
Jan (S-1-5-21-1754855880-4042626245-2506995226-1000 - Administrator - Enabled) => C:\Users\Jan

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2014 10:03:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm League of Legends.exe, Version 4.21.0.397 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1700

Startzeit: 01d022182199a534

Endzeit: 44

Anwendungspfad: C:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exe

Berichts-ID:

Error: (12/26/2014 05:46:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.21.0.397, Zeitstempel: 0x5492415b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x1ae4
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3

Error: (12/26/2014 05:45:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm League of Legends.exe, Version 4.21.0.397 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1490

Startzeit: 01d0212b25cc7127

Endzeit: 27

Anwendungspfad: C:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exe

Berichts-ID:

Error: (12/25/2014 09:42:54 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm LolClient.exe wurde wegen dieses Fehlers geschlossen.

Programm: LolClient.exe
Datei: 

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0

Error: (12/25/2014 09:42:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LolClient.exe, Version: 0.0.0.0, Zeitstempel: 0x515663e0
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000096
Fehleroffset: 0x00048665
ID des fehlerhaften Prozesses: 0x2cc
Startzeit der fehlerhaften Anwendung: 0xLolClient.exe0
Pfad der fehlerhaften Anwendung: LolClient.exe1
Pfad des fehlerhaften Moduls: LolClient.exe2
Berichtskennung: LolClient.exe3

Error: (12/24/2014 04:25:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm League of Legends.exe, Version 4.21.0.397 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1300

Startzeit: 01d01f8c31bb90fd

Endzeit: 48

Anwendungspfad: C:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exe

Berichts-ID:

Error: (12/24/2014 03:15:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17496, Zeitstempel: 0x546fddcc
Name des fehlerhaften Moduls: atidxx32.dll, Version: 8.17.10.569, Zeitstempel: 0x541761f5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x004b5b4a
ID des fehlerhaften Prozesses: 0x17f0
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (12/12/2014 02:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -1305.

Error: (11/29/2014 10:12:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00000000000018ae
ID des fehlerhaften Prozesses: 0x126c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (11/21/2014 08:34:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PerfTune.exe, Version: 4.4.0.4, Zeitstempel: 0x5322a15b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00054bf2
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xPerfTune.exe0
Pfad der fehlerhaften Anwendung: PerfTune.exe1
Pfad des fehlerhaften Moduls: PerfTune.exe2
Berichtskennung: PerfTune.exe3


System errors:
=============
Error: (01/09/2015 04:12:07 PM) (Source: Microsoft Antimalware) (EventID: 2004) (User: )
Description: Beim Laden der Signaturen wurde von %60 ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.

	Versuchte Signaturen: %24

	Fehlercode: 0x80070002

	Fehlerbeschreibung: Das System kann die angegebene Datei nicht finden. 

	Signaturversion: 0.0.0.0;0.0.0.0

	Modulversion: %600

Error: (01/08/2015 07:12:54 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007f (0x0000000000000008, 0x0000000080050033, 0x00000000000406f8, 0xfffff8800240b87e)C:\Windows\MEMORY.DMP

Error: (01/08/2015 07:12:54 PM) (Source: BugCheck) (EventID: 1005) (User: )
Description: 

Error: (01/08/2015 07:12:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎01.‎2015 um 19:11:41 unerwartet heruntergefahren.

Error: (01/05/2015 07:40:47 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.

Error: (01/01/2015 10:31:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (01/01/2015 10:31:42 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1352

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (01/01/2015 10:31:42 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (12/30/2014 06:27:16 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000003b (0x00000000c0000005, 0xfffff800039984e0, 0xfffff8800add8d50, 0x0000000000000000)C:\Windows\MEMORY.DMP

Error: (12/30/2014 06:27:16 PM) (Source: BugCheck) (EventID: 1005) (User: )
Description: 


Microsoft Office Sessions:
=========================
Error: (12/27/2014 10:03:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: League of Legends.exe4.21.0.397170001d022182199a53444C:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exe

Error: (12/26/2014 05:46:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe4.21.0.3975492415bntdll.dll6.1.7601.18247521ea8e7c000000500038e191ae401d0212b63af2cf1C:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exeC:\Windows\SysWOW64\ntdll.dllb13bbb7b-8d1e-11e4-a161-880c21753f3e

Error: (12/26/2014 05:45:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: League of Legends.exe4.21.0.397149001d0212b25cc712727C:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exe

Error: (12/25/2014 09:42:54 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: LolClient.exe000000000

Error: (12/25/2014 09:42:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: LolClient.exe0.0.0.0515663e0ole32.dll6.1.7601.175144ce7b96fc0000096000486652cc01d0201e4f5f06e9C:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exeC:\Windows\syswow64\ole32.dll040415a6-8c12-11e4-9ece-e039205c3d24

Error: (12/24/2014 04:25:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: League of Legends.exe4.21.0.397130001d01f8c31bb90fd48C:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exe

Error: (12/24/2014 03:15:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17496546fddccatidxx32.dll8.17.10.569541761f5c0000005004b5b4a17f001d01f832d41f17cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\atidxx32.dll50e47dc4-8b77-11e4-a0a8-9b53ff070025

Error: (12/12/2014 02:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -1305

Error: (11/29/2014 10:12:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000vlc.exe2.1.5.000000000c000041d00000000000018ae126c01d00bb491578002C:\Program Files\VideoLAN\VLC\vlc.exeC:\Program Files\VideoLAN\VLC\vlc.exedad35910-77a7-11e4-9e73-c333ac5e9539

Error: (11/21/2014 08:34:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PerfTune.exe4.4.0.45322a15bntdll.dll6.1.7601.18247521ea8e7c000000500054bf2


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16328.02 MB
Available physical RAM: 13525.68 MB
Total Pagefile: 32654.23 MB
Available Pagefile: 29392.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.57 GB) (Free:39.86 GB) NTFS
Drive d: (Games) (Fixed) (Total:931.51 GB) (Free:695.27 GB) NTFS
Drive e: (Media) (Fixed) (Total:465.76 GB) (Free:369.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 544EEE37)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 6C158ED1)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 24FE09FE)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 

Attached Files



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 PM

Posted 09 January 2015 - 11:02 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

 

 

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 qosmos

qosmos
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 09 January 2015 - 12:11 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Jan at 2015-01-09 17:05:48 Run:1
Running from E:\Downloads
Loaded Profile: Jan (Available profiles: Jan)
Boot Mode: Normal
==============================================


Content of fixlist:
*****************
Task: {C4F461FA-1FD5-4290-9F19-060DAD7DFB7E} - System32\Tasks\Origin => C:\Windows\system32\config\systemprofile\AppData\Roaming\Origin\update.vbe [2014-11-18] () <==== ATTENTION


C:\Windows\system32\config\systemprofile\AppData\Roaming\Origin\update.vbe
C:\Windows\temp023423.vbe


EmptyTemp:
*****************


HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4F461FA-1FD5-4290-9F19-060DAD7DFB7E} => Key not found. 
C:\Windows\System32\Tasks\Origin => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin" => Key deleted successfully.
C:\Windows\system32\config\systemprofile\AppData\Roaming\Origin\update.vbe => Moved successfully.
C:\Windows\temp023423.vbe => Moved successfully.
EmptyTemp: => Removed 1.7 GB temporary data.




The system needed a reboot. 


==== End of Fixlog 17:06:03 ====
Malwarebytes Anti-Malware
www.malwarebytes.org


Scan Date: 09.01.2015
Scan Time: 17:10:52
Logfile: 
Administrator: Yes


Version: 2.00.4.1028
Malware Database: v2015.01.09.10
Rootkit Database: v2015.01.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled


OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jan


Scan Type: Threat Scan
Result: Completed
Objects Scanned: 319474
Time Elapsed: 2 min, 51 sec


Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled


Processes: 0
(No malicious items detected)


Modules: 0
(No malicious items detected)


Registry Keys: 0
(No malicious items detected)


Registry Values: 0
(No malicious items detected)


Registry Data: 0
(No malicious items detected)


Folders: 0
(No malicious items detected)


Files: 0
(No malicious items detected)


Physical Sectors: 0
(No malicious items detected)




(end)
C:\FRST\Quarantine\C\Windows\temp023423.vbe.xBAD VBS/Kryptik.DC trojan
C:\Windows\System32\config\systemprofile\AppData\Roaming\Origin\update.vbe VBS/Kryptik.DC trojan
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Origin\update.vbe VBS/Kryptik.DC trojan

It seems like the originally mentioned problem is dealt with. Thank you very much!

 

Although... the ESET scanner did find those trojans?!


Edited by qosmos, 09 January 2015 - 12:35 PM.


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 PM

Posted 09 January 2015 - 12:46 PM

Just backups the trojan made - but it isn´t able to load them anymore.

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.

 

  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also



Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK Mirror (if the link is down)



  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread (Note: Do NOT post this one into a code box!

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 qosmos

qosmos
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 09 January 2015 - 01:27 PM




Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Jan at 2015-01-09 18:55:03 Run:2
Running from E:\Downloads
Loaded Profile: Jan (Available profiles: Jan)
Boot Mode: Normal
==============================================


Content of fixlist:
*****************
C:\Windows\System32\config\systemprofile\AppData\Roaming\Origin\update.vbe
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Origin\update.vbe
*****************


"C:\Windows\System32\config\systemprofile\AppData\Roaming\Origin\update.vbe" => File/Directory not found.
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Origin\update.vbe => Moved successfully.


==== End of Fixlog 18:55:03 ====
# AdwCleaner v4.107 - Bericht erstellt am 09/01/2015 um 18:58:13
# Aktualisiert 07/01/2015 von Xplode
# Database : 2015-01-03.1 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Jan - JAN-PC
# Gestartet von : C:\Users\Jan\Desktop\adwcleaner_4.107.exe
# Option : Suchen


***** [ Dienste ] *****




***** [ Dateien / Ordner ] *****


Ordner Gefunden : C:\ProgramData\442220abe02b4609
Ordner Gefunden : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm


***** [ Tasks ] *****




***** [ Verknüpfungen ] *****




***** [ Registrierungsdatenbank ] *****


Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}


***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.17496




-\\ Google Chrome v39.0.2171.95




*************************


AdwCleaner[R0].txt - [1114 octets] - [09/01/2015 18:58:13]


########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1174 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by Jan on 09.01.2015 at 19:07:16,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








~~~ Services






~~~ Registry Values






~~~ Registry Keys






~~~ Files






~~~ Folders


Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"






~~~ Event Viewer Logs were cleared










~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.01.2015 at 19:08:34,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
Microsoft Security Essentials   
  (On Access scanning disabled!) 
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 71  
 Adobe Reader XI  
 Google Chrome (39.0.2171.71) 
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 

Edited by qosmos, 09 January 2015 - 01:31 PM.


#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 PM

Posted 12 January 2015 - 03:52 AM

Are any problems left or may I post the final reply? :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 qosmos

qosmos
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 12 January 2015 - 02:42 PM

Everything seems to be running the way it should be, no problems as far as i can tell!

 

Thank you very much for your help, it is very much appreciated :)



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 PM

Posted 13 January 2015 - 10:11 AM

Your system is clean now! :)

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  • In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  • In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  • In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process
  • If there is still something left please delete it manualy.




Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.




Temp File Cleaner

We need to download Temp File Cleaner (TFC) by OldTimer:
  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now
More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

  • Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

  • Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system.
  • Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 PM

Posted 21 January 2015 - 06:55 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users